Mercurial > hg
view tests/test-check-commit.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | 598e21079884 |
children | a22b6fa5a844 |
line wrap: on
line source
#require test-repo Enable obsolescence to avoid the warning issue when obsmarker are found $ cat >> $HGRCPATH << EOF > [experimental] > evolution=createmarkers > EOF Go back in the hg repo $ cd $TESTDIR/.. $ for node in `hg log --rev 'not public() and ::.' --template '{node|short}\n'`; do > hg export $node | contrib/check-commit > ${TESTTMP}/check-commit.out > if [ $? -ne 0 ]; then > echo "Revision $node does not comply to rules" > echo '------------------------------------------------------' > cat ${TESTTMP}/check-commit.out > echo > fi > done