Mercurial > hg
view tests/test-check-code.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
| author | Mateusz Kwapich <mitrandir@fb.com> |
|---|---|
| date | Tue, 22 Mar 2016 17:27:27 -0700 |
| parents | 3203dfe341f9 |
| children | 6d72cc613fc4 |
line wrap: on
line source
#require test-repo $ check_code="$TESTDIR"/../contrib/check-code.py $ cd "$TESTDIR"/.. New errors are not allowed. Warnings are strongly discouraged. (The writing "no-che?k-code" is for not skipping this file when checking.) $ hg locate | sed 's-\\-/-g' | > xargs "$check_code" --warnings --per-file=0 || false Skipping hgext/zeroconf/Zeroconf.py it has no-che?k-code (glob) Skipping i18n/polib.py it has no-che?k-code (glob) Skipping mercurial/httpclient/__init__.py it has no-che?k-code (glob) Skipping mercurial/httpclient/_readers.py it has no-che?k-code (glob) Skipping mercurial/httpclient/socketutil.py it has no-che?k-code (glob)