Added tag 4.8.1 for changeset
1c8c54cf9725
rebase: fix path auditing to audit path relative to repo root (
issue5818)
Before this patch, when rebasing a file called "foo/bar", we would
check e.g. if "/foo" (i.e. rooted at the file system root) was a
symlink.
Differential Revision: https://phab.mercurial-scm.org/D5361
tests: show bad path auditing in in-memory rebase
Thanks to Yuya for providing this test case in
https://bz.mercurial-scm.org/show_bug.cgi?id=5818.
Differential Revision: https://phab.mercurial-scm.org/D5368
tests: add a missing "cd .." to test-rebase-inmemory.t
Differential Revision: https://phab.mercurial-scm.org/D5367
rust: fix possible out-of-bounds read through index_get_parents()
index_get_parents() is an internal function, which doesn't check if the
specified rev is valid. If rustlazyancestors() were instantiated with an
invalid stoprev, it would access to invalid memory region.
This is NOT a security fix as there's no Python code triggering the bug,
but included in this series to not give a notion about the memory issue
fixed by the previous patch.
revlog: fix out-of-bounds access by negative parents read from revlog (SEC)
82d6a35cf432 wasn't enough. Several callers don't check negative revisions
but for -1 (nullrev), which would directly lead to out-of-bounds read, and
buffer overflow could follow. RCE might be doable with carefully crafted
revlog structure, though I don't think this would be useful attack surface.