Mercurial > hg
view tests/blackbox-readonly-dispatch.py @ 33659:8cb9e921ef8c stable
ssh: quote parameters using shellquote (SEC)
This patch uses shellquote to quote ssh parameters more strictly to avoid
shell injection.
author | Jun Wu <quark@fb.com> |
---|---|
date | Fri, 04 Aug 2017 23:54:12 -0700 |
parents | 0767c2f624c6 |
children | 853bf7d90804 |
line wrap: on
line source
from __future__ import absolute_import, print_function import os from mercurial import ( dispatch, ) def testdispatch(cmd): """Simple wrapper around dispatch.dispatch() Prints command and result value, but does not handle quoting. """ print("running: %s" % (cmd,)) req = dispatch.request(cmd.split()) result = dispatch.dispatch(req) print("result: %r" % (result,)) # create file 'foo', add and commit f = open('foo', 'wb') f.write('foo\n') f.close() testdispatch("add foo") testdispatch("commit -m commit1 -d 2000-01-01 foo") # append to file 'foo' and commit f = open('foo', 'ab') f.write('bar\n') f.close() # remove blackbox.log directory (proxy for readonly log file) os.rmdir(".hg/blackbox.log") # replace it with the real blackbox.log file os.rename(".hg/blackbox.log-", ".hg/blackbox.log") testdispatch("commit -m commit2 -d 2000-01-02 foo") # check 88803a69b24 (fancyopts modified command table) testdispatch("log -r 0") testdispatch("log -r tip")