Mercurial > hg
view tests/test-convert-cvsnt-mergepoints.rlog @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | 727f7aaefaab |
children |
line wrap: on
line source
head: 1.2 branch: locks: strict access list: symbolic names: MYBRANCH1_2: 1.1.2.2.0.2 MYBRANCH1_1: 1.1.0.4 MYBRANCH1: 1.1.0.2 keyword substitution: kv total revisions: 8; selected revisions: 8 description: ---------------------------- revision 1.2 date: 2009/04/02 07:00:32; author: user; state: Exp; lines: +1 -1; kopt: kv; commitid: 14d449d462903487; mergepoint: 1.1.2.2.2.1; filename: foo.txt; merge ---------------------------- revision 1.1 date: 2009/04/02 06:50:43; author: user; state: Exp; kopt: kv; commitid: 17ac49d460432d04; filename: foo.txt; branches: 1.1.2; 1.1.4; foo.txt ---------------------------- revision 1.1.4.2 date: 2009/04/02 07:02:51; author: user; state: Exp; lines: +1 -0; kopt: kv; commitid: 170049d4631b364d; mergepoint: 1.1.2.2; filename: foo.txt; merge ---------------------------- revision 1.1.4.1 date: 2009/04/02 06:53:42; author: user; state: Exp; lines: +1 -1; kopt: kv; commitid: dc849d460f52f49; filename: foo.txt; quux ---------------------------- revision 1.1.2.2 date: 2009/04/02 06:53:20; author: user; state: Exp; lines: +1 -1; kopt: kv; commitid: 8ec49d460e02f04; filename: foo.txt; branches: 1.1.2.2.2; baz ---------------------------- revision 1.1.2.1 date: 2009/04/02 06:52:38; author: user; state: Exp; lines: +1 -1; kopt: kv; commitid: d5049d460b62e7b; filename: foo.txt; bar ---------------------------- revision 1.1.2.2.2.1 date: 2009/04/02 06:55:42; author: user; state: Exp; lines: +1 -1; kopt: kv; commitid: 11c849d4616d30d1; filename: foo.txt; bazzie =============================================================================