view tests/test-hghave.t @ 28663:ae279d4a19e9 stable 3.7.3

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
author Mateusz Kwapich <mitrandir@fb.com>
date Tue, 22 Mar 2016 17:27:27 -0700
parents 342ab95a1f4b
children 5af78c524f34
line wrap: on
line source

Testing that hghave does not crash when checking features

  $ hghave --test-features 2>/dev/null

Testing hghave extensibility for third party tools

  $ cat > hghaveaddon.py <<EOF
  > import hghave
  > @hghave.check("custom", "custom hghave feature")
  > def has_custom():
  >     return True
  > EOF

(invocation via run-tests.py)

  $ cat > test-hghaveaddon.t <<EOF
  > #require custom
  >   $ echo foo
  >   foo
  > EOF
  $ run-tests.py $HGTEST_RUN_TESTS_PURE test-hghaveaddon.t
  .
  # Ran 1 tests, 0 skipped, 0 warned, 0 failed.

(invocation via command line)

  $ unset TESTDIR
  $ hghave custom

(terminate with exit code 2 at failure of importing hghaveaddon.py)

  $ rm hghaveaddon.*
  $ cat > hghaveaddon.py <<EOF
  > importing this file should cause syntax error
  > EOF

  $ hghave custom
  failed to import hghaveaddon.py from '.': invalid syntax (hghaveaddon.py, line 1)
  [2]