Mercurial > hg
diff tests/test-subrepo-git.t @ 28670:ff0d3b6b287f
merge with stable
author | Matt Mackall <mpm@selenic.com> |
---|---|
date | Tue, 29 Mar 2016 12:29:00 -0500 |
parents | c65da6892ae5 34d43cb85de8 |
children | ce01b4810aef |
line wrap: on
line diff
--- a/tests/test-subrepo-git.t Fri Mar 25 23:05:32 2016 -0700 +++ b/tests/test-subrepo-git.t Tue Mar 29 12:29:00 2016 -0500 @@ -1132,4 +1132,36 @@ ? s/foobar.orig ? s/snake.python.orig +test for Git CVE-2016-3068 + $ hg init malicious-subrepository + $ cd malicious-subrepository + $ echo "s = [git]ext::sh -c echo% pwned% >&2" > .hgsub + $ git init s + Initialized empty Git repository in $TESTTMP/tc/malicious-subrepository/s/.git/ + $ cd s + $ git commit --allow-empty -m 'empty' + [master (root-commit) 153f934] empty $ cd .. + $ hg add .hgsub + $ hg commit -m "add subrepo" + $ cd .. + $ env -u GIT_ALLOW_PROTOCOL hg clone malicious-subrepository malicious-subrepository-protected + Cloning into '$TESTTMP/tc/malicious-subrepository-protected/s'... + fatal: transport 'ext' not allowed + updating to branch default + cloning subrepo s from ext::sh -c echo% pwned% >&2 + abort: git clone error 128 in s (in subrepo s) + [255] + +whitelisting of ext should be respected (that's the git submodule behaviour) + $ env GIT_ALLOW_PROTOCOL=ext hg clone malicious-subrepository malicious-subrepository-clone-allowed + Cloning into '$TESTTMP/tc/malicious-subrepository-clone-allowed/s'... + pwned + fatal: Could not read from remote repository. + + Please make sure you have the correct access rights + and the repository exists. + updating to branch default + cloning subrepo s from ext::sh -c echo% pwned% >&2 + abort: git clone error 128 in s (in subrepo s) + [255]