view tests/test-empty.t @ 28663:ae279d4a19e9 stable 3.7.3

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
author Mateusz Kwapich <mitrandir@fb.com>
date Tue, 22 Mar 2016 17:27:27 -0700
parents ab2362e1672e
children f1186c292d03
line wrap: on
line source

Create an empty repo:

  $ hg init a
  $ cd a

Try some commands:

  $ hg log
  $ hg grep wah
  [1]
  $ hg manifest
  $ hg verify
  checking changesets
  checking manifests
  crosschecking files in changesets and manifests
  checking files
  0 files, 0 changesets, 0 total revisions

Check the basic files created:

  $ ls .hg
  00changelog.i
  requires
  store

Should be empty:

  $ ls .hg/store

Poke at a clone:

  $ cd ..
  $ hg clone a b
  updating to branch default
  0 files updated, 0 files merged, 0 files removed, 0 files unresolved
  $ cd b
  $ hg verify
  checking changesets
  checking manifests
  crosschecking files in changesets and manifests
  checking files
  0 files, 0 changesets, 0 total revisions
  $ ls .hg
  00changelog.i
  hgrc
  requires
  store

Should be empty:

  $ ls .hg/store

  $ cd ..