Mercurial > public > mercurial-scm > hg-stable

diff mercurial/util.py @ 1835:bdfb524d728a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Validate paths before reading or writing files in repository or working dir. Fixes security relevant issue134.
author Thomas Arendsen Hein <thomas@intevation.de>
date Sat, 04 Mar 2006 19:01:45 +0100
parents 4ced57680ce7
children d314a89fa4f1
line wrap: on
line diff
--- a/mercurial/util.py	Fri Mar 03 13:41:12 2006 -0800
+++ b/mercurial/util.py	Sat Mar 04 19:01:45 2006 +0100
@@ -363,7 +363,14 @@
         else:
             shutil.copy(src, dst)
 
-def opener(base):
+def audit_path(path):
+    """Abort if path contains dangerous components"""
+    parts = os.path.normcase(path).split(os.sep)
+    if (os.path.splitdrive(path)[0] or parts[0] in ('.hg', '')
+        or os.pardir in parts):
+        raise Abort(_("path contains illegal component: %s\n") % path)
+
+def opener(base, audit=True):
     """
     return a function that opens files relative to base
 
@@ -371,6 +378,7 @@
     remote file access from higher level code.
     """
     p = base
+    audit_p = audit
 
     def mktempcopy(name):
         d, fn = os.path.split(name)
@@ -401,6 +409,8 @@
             self.close()
 
     def o(path, mode="r", text=False, atomic=False):
+        if audit_p:
+            audit_path(path)
         f = os.path.join(p, path)
 
         if not text: