Mercurial > public > mercurial-scm > hg-stable

diff tests/test-subrepo-git.t @ 33642:943c91326b23 stable 4.2.3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
ssh: unban the use of pipe character in user@host:port string This vulnerability was fixed by the previous patch and there were more ways to exploit than using '|shellcmd'. So it doesn't make sense to reject only pipe character. Test cases are updated to actually try to exploit the bug. As the SSH bridge of git/svn subrepos are not managed by our code, the tests for non-hg subrepos are just removed. This may be folded into the original patches.
author Yuya Nishihara <yuya@tcha.org>
date Mon, 07 Aug 2017 22:22:28 +0900
parents ca398a50ca00
children
line wrap: on
line diff
--- a/tests/test-subrepo-git.t	Fri Aug 04 23:54:12 2017 -0700
+++ b/tests/test-subrepo-git.t	Mon Aug 07 22:22:28 2017 +0900
@@ -1205,26 +1205,3 @@
   abort: potentially unsafe url: 'ssh://-oProxyCommand=rm${IFS}non-existent/path' (in subrepo s)
   [255]
 
-also check for a pipe
-
-  $ cd malicious-proxycommand
-  $ echo 's = [git]ssh://fakehost|shell/path' > .hgsub
-  $ hg ci -m 'change url to pipe'
-  $ cd ..
-  $ rm -r malicious-proxycommand-clone
-  $ hg clone malicious-proxycommand malicious-proxycommand-clone
-  updating to branch default
-  abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepo s)
-  [255]
-
-also check that a percent encoded '|' (%7C) doesn't work
-
-  $ cd malicious-proxycommand
-  $ echo 's = [git]ssh://fakehost%7Cshell/path' > .hgsub
-  $ hg ci -m 'change url to percent encoded'
-  $ cd ..
-  $ rm -r malicious-proxycommand-clone
-  $ hg clone malicious-proxycommand malicious-proxycommand-clone
-  updating to branch default
-  abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepo s)
-  [255]