Mercurial > hg
view tests/test-serve.t @ 28663:ae279d4a19e9 stable 3.7.3
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
author | Mateusz Kwapich <mitrandir@fb.com> |
---|---|
date | Tue, 22 Mar 2016 17:27:27 -0700 |
parents | 4d2b9b304ad0 |
children | 839380cc3368 |
line wrap: on
line source
#require serve $ hgserve() > { > hg serve -a localhost -d --pid-file=hg.pid -E errors.log -v $@ \ > | sed -e "s/:$HGPORT1\\([^0-9]\\)/:HGPORT1\1/g" \ > -e "s/:$HGPORT2\\([^0-9]\\)/:HGPORT2\1/g" \ > -e 's/http:\/\/[^/]*\//http:\/\/localhost\//' > cat hg.pid >> "$DAEMON_PIDS" > echo % errors > cat errors.log > killdaemons.py hg.pid > } $ hg init test $ cd test $ echo '[web]' > .hg/hgrc $ echo 'accesslog = access.log' >> .hg/hgrc $ echo "port = $HGPORT1" >> .hg/hgrc Without -v $ hg serve -a localhost -p $HGPORT -d --pid-file=hg.pid -E errors.log $ cat hg.pid >> "$DAEMON_PIDS" $ if [ -f access.log ]; then > echo 'access log created - .hg/hgrc respected' > fi access log created - .hg/hgrc respected errors $ cat errors.log With -v $ hgserve listening at http://localhost/ (bound to 127.0.0.1:HGPORT1) % errors With -v and -p HGPORT2 $ hgserve -p "$HGPORT2" listening at http://localhost/ (bound to 127.0.0.1:HGPORT2) % errors With -v and -p daytime (should fail because low port) #if no-root $ KILLQUIETLY=Y $ hgserve -p daytime abort: cannot start server at 'localhost:13': Permission denied abort: child process failed to start % errors $ KILLQUIETLY=N #endif With --prefix foo $ hgserve --prefix foo listening at http://localhost/foo/ (bound to 127.0.0.1:HGPORT1) % errors With --prefix /foo $ hgserve --prefix /foo listening at http://localhost/foo/ (bound to 127.0.0.1:HGPORT1) % errors With --prefix foo/ $ hgserve --prefix foo/ listening at http://localhost/foo/ (bound to 127.0.0.1:HGPORT1) % errors With --prefix /foo/ $ hgserve --prefix /foo/ listening at http://localhost/foo/ (bound to 127.0.0.1:HGPORT1) % errors $ cd ..