Mercurial > hg
view tests/test-filecache.py.out @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | b3684fd2ff1a |
children | 57830bd0e787 |
line wrap: on
line source
basic: * neither file exists creating * neither file still exists * empty file x created creating * file x changed size creating * nothing changed with either file * file x changed inode creating * empty file y created creating * file y changed size creating * file y changed inode creating * both files changed inode creating fakeuncacheable: * neither file exists creating * neither file still exists creating * empty file x created creating * file x changed size creating * nothing changed with either file creating * file x changed inode creating * empty file y created creating * file y changed size creating * file y changed inode creating * both files changed inode creating repository tip rolled back to revision -1 (undo commit) working directory now based on revision -1 repository tip rolled back to revision -1 (undo commit) working directory now based on revision -1 setbeforeget: * neither file exists string set externally * file x created creating string from function * string set externally again string 2 set externally * file y created creating string from function