convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.
*** 'a\nc\n\n\n\n' 'a\nb\n\n\n'
*** 'a\nb\nc\n' 'a\nc\n'
*** '' ''
*** 'a\nb\nc' 'a\nb\nc'
*** 'a\nb\nc\nd\n' 'a\nd\n'
*** 'a\nb\nc\nd\n' 'a\nc\ne\n'
*** 'a\nb\nc\n' 'a\nc\n'
*** 'a\n' 'c\na\nb\n'
*** 'a\n' ''
*** 'a\n' 'b\nc\n'
*** 'a\n' 'c\na\n'
*** '' 'adjfkjdjksdhfksj'
*** '' 'ab'
*** '' 'abc'
*** 'a' 'a'
*** 'ab' 'ab'
*** 'abc' 'abc'
*** 'a\n' 'a\n'
*** 'a\nb' 'a\nb'
6 6 'y\n\n'
6 6 'y\n\n'
9 9 'y\n\n'
done
done