Mercurial > public > mercurial-scm > hg
comparison mercurial/merge.py @ 5158:d316124ebbea
Make audit_path more stringent.
The following properties of a path are now checked for:
- under top-level .hg
- starts at the root of a windows drive
- contains ".."
- traverses a symlink (e.g. a/symlink_here/b)
- inside a nested repository
If any of these is true, the path is rejected.
The check for traversing a symlink is arguably stricter than necessary;
perhaps we should be checking for symlinks that point outside the
repository.
| author | Bryan O'Sullivan <bos@serpentine.com> |
|---|---|
| date | Fri, 10 Aug 2007 10:46:03 -0700 |
| parents | 2ef14e29e538 |
| children | 4ed58fe4fe13 |
comparison
equal
deleted
inserted
replaced
| 5157:f6c520fd70cf | 5158:d316124ebbea |
|---|---|
| 389 f2, fd, flags, move = a[2:] | 389 f2, fd, flags, move = a[2:] |
| 390 if f != fd: | 390 if f != fd: |
| 391 repo.ui.debug(_("copying %s to %s\n") % (f, fd)) | 391 repo.ui.debug(_("copying %s to %s\n") % (f, fd)) |
| 392 repo.wwrite(fd, repo.wread(f), flags) | 392 repo.wwrite(fd, repo.wread(f), flags) |
| 393 | 393 |
| 394 audit_path = util.path_auditor(repo.root) | |
| 395 | |
| 394 for a in action: | 396 for a in action: |
| 395 f, m = a[:2] | 397 f, m = a[:2] |
| 396 if f and f[0] == "/": | 398 if f and f[0] == "/": |
| 397 continue | 399 continue |
| 398 if m == "r": # remove | 400 if m == "r": # remove |
| 399 repo.ui.note(_("removing %s\n") % f) | 401 repo.ui.note(_("removing %s\n") % f) |
| 400 util.audit_path(f) | 402 audit_path(f) |
| 401 try: | 403 try: |
| 402 util.unlink(repo.wjoin(f)) | 404 util.unlink(repo.wjoin(f)) |
| 403 except OSError, inst: | 405 except OSError, inst: |
| 404 if inst.errno != errno.ENOENT: | 406 if inst.errno != errno.ENOENT: |
| 405 repo.ui.warn(_("update failed to remove %s: %s!\n") % | 407 repo.ui.warn(_("update failed to remove %s: %s!\n") % |