Mercurial > hg
view tests/notcapable @ 29051:a56296f55a5e stable 3.8.1
convert: pass absolute paths to git (SEC)
Fixes CVE-2016-3105 (1/1).
Previously, it was possible for the repository path passed to git-ls-remote
to be misinterpreted as a URL.
Always passing an absolute path to git is a simple way to avoid this.
author | Blake Burkhart <bburky@bburky.com> |
---|---|
date | Wed, 06 Apr 2016 22:57:46 -0500 |
parents | 1ac628cd7113 |
children | dedab036215d |
line wrap: on
line source
# Disable the $CAP wire protocol capability. if test -z "$CAP" then echo "CAP environment variable not set." fi cat > notcapable-$CAP.py << EOF from mercurial import extensions, peer, localrepo def extsetup(): extensions.wrapfunction(peer.peerrepository, 'capable', wrapcapable) extensions.wrapfunction(localrepo.localrepository, 'peer', wrappeer) def wrapcapable(orig, self, name, *args, **kwargs): if name in '$CAP'.split(' '): return False return orig(self, name, *args, **kwargs) def wrappeer(orig, self): # Since we're disabling some newer features, we need to make sure local # repos add in the legacy features again. return localrepo.locallegacypeer(self) EOF echo '[extensions]' >> $HGRCPATH echo "notcapable-$CAP = `pwd`/notcapable-$CAP.py" >> $HGRCPATH