equal
deleted
inserted
replaced
666 $ hg clone ssh-vuln ssh-vuln-clone |
666 $ hg clone ssh-vuln ssh-vuln-clone |
667 updating to branch default |
667 updating to branch default |
668 abort: potentially unsafe url: 'svn+ssh://-oProxyCommand=touch owned nested' (in subrepo s) |
668 abort: potentially unsafe url: 'svn+ssh://-oProxyCommand=touch owned nested' (in subrepo s) |
669 [255] |
669 [255] |
670 |
670 |
671 also check for a pipe |
|
672 |
|
673 $ cd ssh-vuln |
|
674 $ echo "s = [svn]svn+ssh://fakehost|sh%20nested" > .hgsub |
|
675 $ hg ci -m3 |
|
676 $ cd .. |
|
677 $ rm -r ssh-vuln-clone |
|
678 $ hg clone ssh-vuln ssh-vuln-clone |
|
679 updating to branch default |
|
680 abort: potentially unsafe url: 'svn+ssh://fakehost|sh nested' (in subrepo s) |
|
681 [255] |
|
682 |
|
683 also check that a percent encoded '|' (%7C) doesn't work |
|
684 |
|
685 $ cd ssh-vuln |
|
686 $ echo "s = [svn]svn+ssh://fakehost%7Csh%20nested" > .hgsub |
|
687 $ hg ci -m3 |
|
688 $ cd .. |
|
689 $ rm -r ssh-vuln-clone |
|
690 $ hg clone ssh-vuln ssh-vuln-clone |
|
691 updating to branch default |
|
692 abort: potentially unsafe url: 'svn+ssh://fakehost|sh nested' (in subrepo s) |
|
693 [255] |
|
694 |
|
695 also check that hiding the attack in the username doesn't work: |
671 also check that hiding the attack in the username doesn't work: |
696 |
672 |
697 $ cd ssh-vuln |
673 $ cd ssh-vuln |
698 $ echo "s = [svn]svn+ssh://%2DoProxyCommand=touch%20owned%20foo@example.com/nested" > .hgsub |
674 $ echo "s = [svn]svn+ssh://%2DoProxyCommand=touch%20owned%20foo@example.com/nested" > .hgsub |
699 $ hg ci -m3 |
675 $ hg ci -m3 |