Mercurial > hg
view tests/svn-safe-append.py @ 29051:a56296f55a5e stable 3.8.1
convert: pass absolute paths to git (SEC)
Fixes CVE-2016-3105 (1/1).
Previously, it was possible for the repository path passed to git-ls-remote
to be misinterpreted as a URL.
Always passing an absolute path to git is a simple way to avoid this.
author | Blake Burkhart <bburky@bburky.com> |
---|---|
date | Wed, 06 Apr 2016 22:57:46 -0500 |
parents | c1b47c0fd2b6 |
children | bdba6a2015d0 |
line wrap: on
line source
#!/usr/bin/env python __doc__ = """Same as `echo a >> b`, but ensures a changed mtime of b. Without this svn will not detect workspace changes.""" import sys, os text = sys.argv[1] fname = sys.argv[2] f = open(fname, "ab") try: before = os.fstat(f.fileno()).st_mtime f.write(text) f.write("\n") finally: f.close() inc = 1 now = os.stat(fname).st_mtime while now == before: t = now + inc inc += 1 os.utime(fname, (t, t)) now = os.stat(fname).st_mtime