Mercurial Mercurial > mercurial / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-subrepo.t
branchstable
changeset 33660 3fee7f7d2da0
parent 33656 475af2f89636
child 34661 eb586ed5d8ce
equal deleted inserted replaced
33659:8cb9e921ef8c 33660:3fee7f7d2da0 
  1790 
  1790 
  1791   $ cd ..
 
  1791   $ cd ..
 
  1792 
  1792 
  1793 test for ssh exploit 2017-07-25
 
  1793 test for ssh exploit 2017-07-25
 
  1794 
  1794 
       
  1795   $ cat >> $HGRCPATH << EOF
 
       
  1796   > [ui]
 
       
  1797   > ssh = sh -c "read l; read l; read l"
 
       
  1798   > EOF
 
       
  1799 
  1795   $ hg init malicious-proxycommand
 
  1800   $ hg init malicious-proxycommand
 
  1796   $ cd malicious-proxycommand
 
  1801   $ cd malicious-proxycommand
 
  1797   $ echo 's = [hg]ssh://-oProxyCommand=touch${IFS}owned/path' > .hgsub
 
  1802   $ echo 's = [hg]ssh://-oProxyCommand=touch${IFS}owned/path' > .hgsub
 
  1798   $ hg init s
 
  1803   $ hg init s
 
  1799   $ cd s
 
  1804   $ cd s
 
  1823   [255]
 
  1828   [255]
 
  1824 
  1829 
  1825 also check for a pipe
 
  1830 also check for a pipe
 
  1826 
  1831 
  1827   $ cd malicious-proxycommand
 
  1832   $ cd malicious-proxycommand
 
  1828   $ echo 's = [hg]ssh://fakehost|shell/path' > .hgsub
 
  1833   $ echo 's = [hg]ssh://fakehost|touch${IFS}owned/path' > .hgsub
 
  1829   $ hg ci -m 'change url to pipe'
 
  1834   $ hg ci -m 'change url to pipe'
 
  1830   $ cd ..
 
  1835   $ cd ..
 
  1831   $ rm -r malicious-proxycommand-clone
 
  1836   $ rm -r malicious-proxycommand-clone
 
  1832   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
  1837   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
  1833   updating to branch default
 
  1838   updating to branch default
 
  1834   abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepository "s")
 
  1839   abort: no suitable response from remote hg!
 
  1835   [255]
 
  1840   [255]
 
       
  1841   $ [ ! -f owned ] || echo 'you got owned'
 
  1836 
  1842 
  1837 also check that a percent encoded '|' (%7C) doesn't work
 
  1843 also check that a percent encoded '|' (%7C) doesn't work
 
  1838 
  1844 
  1839   $ cd malicious-proxycommand
 
  1845   $ cd malicious-proxycommand
 
  1840   $ echo 's = [hg]ssh://fakehost%7Cshell/path' > .hgsub
 
  1846   $ echo 's = [hg]ssh://fakehost%7Ctouch%20owned/path' > .hgsub
 
  1841   $ hg ci -m 'change url to percent encoded pipe'
 
  1847   $ hg ci -m 'change url to percent encoded pipe'
 
  1842   $ cd ..
 
  1848   $ cd ..
 
  1843   $ rm -r malicious-proxycommand-clone
 
  1849   $ rm -r malicious-proxycommand-clone
 
  1844   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
  1850   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
  1845   updating to branch default
 
  1851   updating to branch default
 
  1846   abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepository "s")
 
  1852   abort: no suitable response from remote hg!
 
  1847   [255]
 
  1853   [255]
 
       
  1854   $ [ ! -f owned ] || echo 'you got owned'
 
  1848 
  1855 
  1849 and bad usernames:
 
  1856 and bad usernames:
 
  1850   $ cd malicious-proxycommand
 
  1857   $ cd malicious-proxycommand
 
  1851   $ echo 's = [hg]ssh://-oProxyCommand=touch owned@example.com/path' > .hgsub
 
  1858   $ echo 's = [hg]ssh://-oProxyCommand=touch owned@example.com/path' > .hgsub
 
  1852   $ hg ci -m 'owned username'
 
  1859   $ hg ci -m 'owned username'
mercurial