a7921a4448
Summary: Ref T13012. These flags can be exploited by attackers to execute code remotely. See T13012 for discussion and context. Additionally, harden some Mercurial commands where possible (by using additional quoting or embedding arguments in other constructs) so they resist these flags and behave properly when passed arguments with these values. Test Plan: - Added unit tests. - Verified "--config" and "--debugger" commands are rejected. - Verified more commands now work properly even with branches and files named `--debugger`, although not all of them do. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13012 Differential Revision: https://secure.phabricator.com/D18769
33 lines
899 B
PHP
33 lines
899 B
PHP
<?php
|
|
|
|
final class DiffusionMercurialRawDiffQuery extends DiffusionRawDiffQuery {
|
|
|
|
protected function newQueryFuture() {
|
|
$drequest = $this->getRequest();
|
|
$repository = $drequest->getRepository();
|
|
|
|
$commit = $this->getAnchorCommit();
|
|
|
|
// If there's no path, get the entire raw diff.
|
|
$path = nonempty($drequest->getPath(), '.');
|
|
|
|
$against = $this->getAgainstCommit();
|
|
if ($against === null) {
|
|
// If `$commit` has no parents (usually because it's the first commit
|
|
// in the repository), we want to diff against `null`. This revset will
|
|
// do that for us automatically.
|
|
$against = hgsprintf('(%s^ or null)', $commit);
|
|
}
|
|
|
|
$future = $repository->getLocalCommandFuture(
|
|
'diff -U %d --git --rev %s --rev %s -- %s',
|
|
$this->getLinesOfContext(),
|
|
$against,
|
|
hgsprintf('%s', $commit),
|
|
$path);
|
|
|
|
return $future;
|
|
}
|
|
|
|
}
|