Mercurial > hg
view tests/test-profile.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
| author | Mateusz Kwapich <mitrandir@fb.com> |
|---|---|
| date | Tue, 22 Mar 2016 17:27:27 -0700 |
| parents | 39a0b11158d8 |
| children | 80df04266a16 |
line wrap: on
line source
test --time $ hg --time help -q help 2>&1 | grep time > /dev/null $ hg init a $ cd a #if lsprof test --profile $ hg --profile st 2>../out $ grep CallCount ../out > /dev/null || cat ../out $ hg --profile --config profiling.output=../out st $ grep CallCount ../out > /dev/null || cat ../out $ hg --profile --config profiling.output=blackbox --config extensions.blackbox= st $ grep CallCount .hg/blackbox.log > /dev/null || cat .hg/blackbox.log $ hg --profile --config profiling.format=text st 2>../out $ grep CallCount ../out > /dev/null || cat ../out $ echo "[profiling]" >> $HGRCPATH $ echo "format=kcachegrind" >> $HGRCPATH $ hg --profile st 2>../out $ grep 'events: Ticks' ../out > /dev/null || cat ../out $ hg --profile --config profiling.output=../out st $ grep 'events: Ticks' ../out > /dev/null || cat ../out #endif $ cd ..