Mercurial > hg
view tests/silenttestrunner.py @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | dadcd40b62d8 |
children | fc2268b9a07c |
line wrap: on
line source
import unittest, sys, os def main(modulename): '''run the tests found in module, printing nothing when all tests pass''' module = sys.modules[modulename] suite = unittest.defaultTestLoader.loadTestsFromModule(module) results = unittest.TestResult() suite.run(results) if results.errors or results.failures: for tc, exc in results.errors: print 'ERROR:', tc print sys.stdout.write(exc) for tc, exc in results.failures: print 'FAIL:', tc print sys.stdout.write(exc) sys.exit(1) if os.environ.get('SILENT_BE_NOISY'): main = unittest.main