view tests/test-issue842.t @ 28663:ae279d4a19e9 stable 3.7.3

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
author Mateusz Kwapich <mitrandir@fb.com>
date Tue, 22 Mar 2016 17:27:27 -0700
parents 2fc86d92c4a9
children 55c6ebd11cb9
line wrap: on
line source

https://bz.mercurial-scm.org/842

  $ hg init
  $ echo foo > a
  $ hg ci -Ama
  adding a

  $ hg up -r0000
  0 files updated, 0 files merged, 1 files removed, 0 files unresolved

  $ echo bar > a

Should issue new head warning:

  $ hg ci -Amb
  adding a
  created new head

  $ hg up -r0000
  0 files updated, 0 files merged, 1 files removed, 0 files unresolved

  $ echo stuffy > a

Should not issue new head warning:

  $ hg ci -q -Amc

  $ hg up -r0000
  0 files updated, 0 files merged, 1 files removed, 0 files unresolved

  $ echo crap > a
  $ hg branch testing
  marked working directory as branch testing
  (branches are permanent and global, did you want a bookmark?)

Should not issue warning:

  $ hg ci -q -Amd