view tests/test-merge5.t @ 28663:ae279d4a19e9 stable 3.7.3

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
author Mateusz Kwapich <mitrandir@fb.com>
date Tue, 22 Mar 2016 17:27:27 -0700
parents fe80fdf68ba7
children 72072cfc7e91
line wrap: on
line source

  $ hg init
  $ echo This is file a1 > a
  $ echo This is file b1 > b
  $ hg add a b
  $ hg commit -m "commit #0"
  $ echo This is file b22 > b
  $ hg commit -m "comment #1"
  $ hg update 0
  1 files updated, 0 files merged, 0 files removed, 0 files unresolved
  $ rm b
  $ hg commit -A -m "comment #2"
  removing b
  created new head
  $ hg update 1
  1 files updated, 0 files merged, 0 files removed, 0 files unresolved
  $ hg update
  abort: not a linear update
  (merge or update --check to force update)
  [255]
  $ rm b
  $ hg update -c
  abort: uncommitted changes
  [255]
  $ hg revert b
  $ hg update -c
  0 files updated, 0 files merged, 1 files removed, 0 files unresolved
  $ mv a c

Should abort:

  $ hg update 1
  abort: uncommitted changes
  (commit or update --clean to discard changes)
  [255]
  $ mv c a

Should succeed:

  $ hg update 1
  1 files updated, 0 files merged, 0 files removed, 0 files unresolved