Mercurial > public > mercurial-scm > hg-stable
comparison mercurial/subrepo.py @ 41543:13a6dd952ffe
merge with stable
| author | Pulkit Goyal <pulkit@yandex-team.ru> |
|---|---|
| date | Mon, 04 Feb 2019 20:35:21 +0300 |
| parents | 549f956ba2a9 83377b4b4ae0 |
| children | 59025c9b3540 |
comparison
equal
deleted
inserted
replaced
| 41542:b7a0efb3c370 | 41543:13a6dd952ffe |
|---|---|
| 113 ui.warn(_("warning: removing potentially hostile 'hgrc' " | 113 ui.warn(_("warning: removing potentially hostile 'hgrc' " |
| 114 "in '%s'\n") % vfs.join(dirname)) | 114 "in '%s'\n") % vfs.join(dirname)) |
| 115 vfs.unlink(vfs.reljoin(dirname, f)) | 115 vfs.unlink(vfs.reljoin(dirname, f)) |
| 116 | 116 |
| 117 def _auditsubrepopath(repo, path): | 117 def _auditsubrepopath(repo, path): |
| 118 # sanity check for potentially unsafe paths such as '~' and '$FOO' | |
| 119 if path.startswith('~') or '$' in path or util.expandpath(path) != path: | |
| 120 raise error.Abort(_('subrepo path contains illegal component: %s') | |
| 121 % path) | |
| 118 # auditor doesn't check if the path itself is a symlink | 122 # auditor doesn't check if the path itself is a symlink |
| 119 pathutil.pathauditor(repo.root)(path) | 123 pathutil.pathauditor(repo.root)(path) |
| 120 if repo.wvfs.islink(path): | 124 if repo.wvfs.islink(path): |
| 121 raise error.Abort(_("subrepo '%s' traverses symbolic link") % path) | 125 raise error.Abort(_("subrepo '%s' traverses symbolic link") % path) |
| 122 | 126 |
| 401 super(hgsubrepo, self).__init__(ctx, path) | 405 super(hgsubrepo, self).__init__(ctx, path) |
| 402 self._state = state | 406 self._state = state |
| 403 r = ctx.repo() | 407 r = ctx.repo() |
| 404 root = r.wjoin(path) | 408 root = r.wjoin(path) |
| 405 create = allowcreate and not r.wvfs.exists('%s/.hg' % path) | 409 create = allowcreate and not r.wvfs.exists('%s/.hg' % path) |
| 410 # repository constructor does expand variables in path, which is | |
| 411 # unsafe since subrepo path might come from untrusted source. | |
| 412 if os.path.realpath(util.expandpath(root)) != root: | |
| 413 raise error.Abort(_('subrepo path contains illegal component: %s') | |
| 414 % path) | |
| 406 self._repo = hg.repository(r.baseui, root, create=create) | 415 self._repo = hg.repository(r.baseui, root, create=create) |
| 416 if self._repo.root != root: | |
| 417 raise error.ProgrammingError('failed to reject unsafe subrepo ' | |
| 418 'path: %s (expanded to %s)' | |
| 419 % (root, self._repo.root)) | |
| 407 | 420 |
| 408 # Propagate the parent's --hidden option | 421 # Propagate the parent's --hidden option |
| 409 if r is r.unfiltered(): | 422 if r is r.unfiltered(): |
| 410 self._repo = self._repo.unfiltered() | 423 self._repo = self._repo.unfiltered() |
| 411 | 424 |