Mercurial > hg
view tests/test-merge-revert2.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | ef1eb6df7071 |
children | ce3a133f71b3 |
line wrap: on
line source
$ hg init $ echo "added file1" > file1 $ echo "another line of text" >> file1 $ echo "added file2" > file2 $ hg add file1 file2 $ hg commit -m "added file1 and file2" $ echo "changed file1" >> file1 $ hg commit -m "changed file1" $ hg -q log 1:dfab7f3c2efb 0:c3fa057dd86f $ hg id dfab7f3c2efb tip $ hg update -C 0 1 files updated, 0 files merged, 0 files removed, 0 files unresolved $ hg id c3fa057dd86f $ echo "changed file1" >> file1 $ hg id c3fa057dd86f+ $ hg revert --no-backup --all reverting file1 $ hg diff $ hg status $ hg id c3fa057dd86f $ hg update 1 files updated, 0 files merged, 0 files removed, 0 files unresolved $ hg diff $ hg status $ hg id dfab7f3c2efb tip $ hg update -C 0 1 files updated, 0 files merged, 0 files removed, 0 files unresolved $ echo "changed file1 different" >> file1 $ hg update merging file1 warning: conflicts while merging file1! (edit, then use 'hg resolve --mark') 0 files updated, 0 files merged, 0 files removed, 1 files unresolved use 'hg resolve' to retry unresolved file merges [1] $ hg diff --nodates diff -r dfab7f3c2efb file1 --- a/file1 +++ b/file1 @@ -1,3 +1,7 @@ added file1 another line of text +<<<<<<< working copy: c3fa057dd86f - test: added file1 and file2 +changed file1 different +======= changed file1 +>>>>>>> destination: dfab7f3c2efb - test: changed file1 $ hg status M file1 ? file1.orig $ hg id dfab7f3c2efb+ tip $ hg revert --no-backup --all reverting file1 $ hg diff $ hg status ? file1.orig $ hg id dfab7f3c2efb tip $ hg revert -r tip --no-backup --all $ hg diff $ hg status ? file1.orig $ hg id dfab7f3c2efb tip $ hg update -C 0 files updated, 0 files merged, 0 files removed, 0 files unresolved $ hg diff $ hg status ? file1.orig $ hg id dfab7f3c2efb tip