convert: pass absolute paths to git (SEC)
Fixes CVE-2016-3105 (1/1).
Previously, it was possible for the repository path passed to git-ls-remote
to be misinterpreted as a URL.
Always passing an absolute path to git is a simple way to avoid this.
$ hg init
$ touch a
$ unset HGUSER
$ echo "[ui]" >> .hg/hgrc
$ echo "username= foo" >> .hg/hgrc
$ echo " bar1" >> .hg/hgrc
$ hg ci -Am m
adding a
abort: username 'foo\nbar1' contains a newline
[255]
$ rm .hg/hgrc
$ HGUSER=`(echo foo; echo bar2)` hg ci -Am m
abort: username 'foo\nbar2' contains a newline
[255]
$ hg ci -Am m -u "`(echo foo; echo bar3)`"
transaction abort!
rollback completed
abort: username 'foo\nbar3' contains a newline!
[255]