view tests/test-debugrename.t @ 28663:ae279d4a19e9 stable 3.7.3

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
author Mateusz Kwapich <mitrandir@fb.com>
date Tue, 22 Mar 2016 17:27:27 -0700
parents 5d9bc49b0b1e
children 55c6ebd11cb9
line wrap: on
line source

  $ hg init
  $ echo a > a
  $ hg ci -Am t
  adding a

  $ hg mv a b
  $ hg ci -Am t1
  $ hg debugrename b
  b renamed from a:b789fdd96dc2f3bd229c1dd8eedf0fc60e2b68e3

  $ hg mv b a
  $ hg ci -Am t2
  $ hg debugrename a
  a renamed from b:37d9b5d994eab34eda9c16b195ace52c7b129980

  $ hg debugrename --rev 1 b
  b renamed from a:b789fdd96dc2f3bd229c1dd8eedf0fc60e2b68e3