Mercurial > hg
view mercurial/bdiff.h @ 33650:0b3fe3910ef5 stable
util: add utility method to check for bad ssh urls (SEC)
Our use of SSH has an exploit that will parse the first part of an url
blindly as a hostname. Prior to this set of security patches, a url
with '-oProxyCommand' could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' can be abused to execute
arbitrary commands in a similar fashion.
We defend against this by checking ssh:// URLs and looking for a
hostname that starts with a - or contains a |.
When this happens, let's throw a big abort into the user's face so
that they can inspect what's going on.
author | Sean Farley <sean@farley.io> |
---|---|
date | Fri, 28 Jul 2017 16:32:25 -0700 |
parents | 9631ff5ebbeb |
children | 72985b390d7c |
line wrap: on
line source
#ifndef _HG_BDIFF_H_ #define _HG_BDIFF_H_ struct bdiff_line { int hash, n, e; ssize_t len; const char *l; }; struct bdiff_hunk; struct bdiff_hunk { int a1, a2, b1, b2; struct bdiff_hunk *next; }; int bdiff_splitlines(const char *a, ssize_t len, struct bdiff_line **lr); int bdiff_diff(struct bdiff_line *a, int an, struct bdiff_line *b, int bn, struct bdiff_hunk *base); void bdiff_freehunks(struct bdiff_hunk *l); #endif