Mercurial Mercurial > mercurial / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-subrepo.t
branchstable
changeset 33656 475af2f89636
parent 33365 6d88468d435b
child 33660 3fee7f7d2da0
equal deleted inserted replaced
33655:48d520fdf880 33656:475af2f89636 
  1787   +++ b/bar.txt
 
  1787   +++ b/bar.txt
 
  1788   @@ -0,0 +1,1 @@
 
  1788   @@ -0,0 +1,1 @@
 
  1789   +bar
 
  1789   +bar
 
  1790 
  1790 
  1791   $ cd ..
 
  1791   $ cd ..
 
       
  1792 
       
  1793 test for ssh exploit 2017-07-25
 
       
  1794 
       
  1795   $ hg init malicious-proxycommand
 
       
  1796   $ cd malicious-proxycommand
 
       
  1797   $ echo 's = [hg]ssh://-oProxyCommand=touch${IFS}owned/path' > .hgsub
 
       
  1798   $ hg init s
 
       
  1799   $ cd s
 
       
  1800   $ echo init > init
 
       
  1801   $ hg add
 
       
  1802   adding init
 
       
  1803   $ hg commit -m init
 
       
  1804   $ cd ..
 
       
  1805   $ hg add .hgsub
 
       
  1806   $ hg ci -m 'add subrepo'
 
       
  1807   $ cd ..
 
       
  1808   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
       
  1809   updating to branch default
 
       
  1810   abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' (in subrepository "s")
 
       
  1811   [255]
 
       
  1812 
       
  1813 also check that a percent encoded '-' (%2D) doesn't work
 
       
  1814 
       
  1815   $ cd malicious-proxycommand
 
       
  1816   $ echo 's = [hg]ssh://%2DoProxyCommand=touch${IFS}owned/path' > .hgsub
 
       
  1817   $ hg ci -m 'change url to percent encoded'
 
       
  1818   $ cd ..
 
       
  1819   $ rm -r malicious-proxycommand-clone
 
       
  1820   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
       
  1821   updating to branch default
 
       
  1822   abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' (in subrepository "s")
 
       
  1823   [255]
 
       
  1824 
       
  1825 also check for a pipe
 
       
  1826 
       
  1827   $ cd malicious-proxycommand
 
       
  1828   $ echo 's = [hg]ssh://fakehost|shell/path' > .hgsub
 
       
  1829   $ hg ci -m 'change url to pipe'
 
       
  1830   $ cd ..
 
       
  1831   $ rm -r malicious-proxycommand-clone
 
       
  1832   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
       
  1833   updating to branch default
 
       
  1834   abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepository "s")
 
       
  1835   [255]
 
       
  1836 
       
  1837 also check that a percent encoded '|' (%7C) doesn't work
 
       
  1838 
       
  1839   $ cd malicious-proxycommand
 
       
  1840   $ echo 's = [hg]ssh://fakehost%7Cshell/path' > .hgsub
 
       
  1841   $ hg ci -m 'change url to percent encoded pipe'
 
       
  1842   $ cd ..
 
       
  1843   $ rm -r malicious-proxycommand-clone
 
       
  1844   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
       
  1845   updating to branch default
 
       
  1846   abort: potentially unsafe url: 'ssh://fakehost|shell/path' (in subrepository "s")
 
       
  1847   [255]
 
       
  1848 
       
  1849 and bad usernames:
 
       
  1850   $ cd malicious-proxycommand
 
       
  1851   $ echo 's = [hg]ssh://-oProxyCommand=touch owned@example.com/path' > .hgsub
 
       
  1852   $ hg ci -m 'owned username'
 
       
  1853   $ cd ..
 
       
  1854   $ rm -r malicious-proxycommand-clone
 
       
  1855   $ hg clone malicious-proxycommand malicious-proxycommand-clone
 
       
  1856   updating to branch default
 
       
  1857   abort: potentially unsafe url: 'ssh://-oProxyCommand=touch owned@example.com/path' (in subrepository "s")
 
       
  1858   [255]
mercurial