Mercurial > hg
view tests/test-revlog-packentry.t @ 29051:a56296f55a5e stable 3.8.1
convert: pass absolute paths to git (SEC)
Fixes CVE-2016-3105 (1/1).
Previously, it was possible for the repository path passed to git-ls-remote
to be misinterpreted as a URL.
Always passing an absolute path to git is a simple way to avoid this.
author | Blake Burkhart <bburky@bburky.com> |
---|---|
date | Wed, 06 Apr 2016 22:57:46 -0500 |
parents | 6cc1f388ac80 |
children | 009d0283de5f |
line wrap: on
line source
$ hg init repo $ cd repo $ touch foo $ hg ci -Am 'add foo' adding foo $ hg up -C null 0 files updated, 0 files merged, 1 files removed, 0 files unresolved this should be stored as a delta against rev 0 $ echo foo bar baz > foo $ hg ci -Am 'add foo again' adding foo created new head $ hg debugindex foo rev offset length ..... linkrev nodeid p1 p2 (re) 0 0 0 ..... 0 b80de5d13875 000000000000 000000000000 (re) 1 0 13 ..... 1 0376abec49b8 000000000000 000000000000 (re) $ cd ..