Mercurial > public > mercurial-scm > hg-stable

diff mercurial/merge.py @ 5158:d316124ebbea

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make audit_path more stringent. The following properties of a path are now checked for: - under top-level .hg - starts at the root of a windows drive - contains ".." - traverses a symlink (e.g. a/symlink_here/b) - inside a nested repository If any of these is true, the path is rejected. The check for traversing a symlink is arguably stricter than necessary; perhaps we should be checking for symlinks that point outside the repository.
author Bryan O'Sullivan <bos@serpentine.com>
date Fri, 10 Aug 2007 10:46:03 -0700
parents 2ef14e29e538
children 4ed58fe4fe13
line wrap: on
line diff
--- a/mercurial/merge.py	Thu Aug 09 20:16:00 2007 -0700
+++ b/mercurial/merge.py	Fri Aug 10 10:46:03 2007 -0700
@@ -391,13 +391,15 @@
                 repo.ui.debug(_("copying %s to %s\n") % (f, fd))
                 repo.wwrite(fd, repo.wread(f), flags)
 
+    audit_path = util.path_auditor(repo.root)
+
     for a in action:
         f, m = a[:2]
         if f and f[0] == "/":
             continue
         if m == "r": # remove
             repo.ui.note(_("removing %s\n") % f)
-            util.audit_path(f)
+            audit_path(f)
             try:
                 util.unlink(repo.wjoin(f))
             except OSError, inst: