Mercurial > hg
view tests/test-bookmarks-strip.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | e78a80f8f51e |
children |
line wrap: on
line source
$ echo "[extensions]" >> $HGRCPATH $ echo "mq=" >> $HGRCPATH $ hg init $ echo qqq>qqq.txt rollback dry run without rollback information $ hg rollback no rollback information available [1] add file $ hg add adding qqq.txt commit first revision $ hg ci -m 1 set bookmark $ hg book test $ echo www>>qqq.txt commit second revision $ hg ci -m 2 set bookmark $ hg book test2 update to -2 (deactivates the active bookmark) $ hg update -r -2 1 files updated, 0 files merged, 0 files removed, 0 files unresolved (leaving bookmark test2) $ echo eee>>qqq.txt commit new head $ hg ci -m 3 created new head bookmarks updated? $ hg book test 1:25e1ee7a0081 test2 1:25e1ee7a0081 strip to revision 1 $ hg strip 1 saved backup bundle to $TESTTMP/.hg/strip-backup/*-backup.hg (glob) list bookmarks $ hg book test 0:5c9ad3787638 test2 0:5c9ad3787638