Permalink
Show file tree
Hide file tree
19 changes: 19 additions & 0 deletions
19
test/unit/lib/redmine/scm/adapters/mercurial_adapter_test.rb
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
mercurial: reject malicious command argument (#27516)
We've got a security report from the Phabricator team, which basically says --config and --debugger arguments can be injected anywhere to lead to an arbitrary command execution. https://secure.phabricator.com/rPa7921a4448093d00defa8bd18f35b8c8f8bf3314 This is a fundamental issue of the argument parsing rules in Mercurial, which allows extensions to populate their parsing rules and such extensions can be loaded by "--config extensions.<name>=". There's a chicken and egg problem. We're working on hardening the parsing rules, but which won't come in by default as it would be a behavior change. This patch adds a verification to reject malicious command arguments as a last ditch. The subsequent patches will fix the problem in more appropriate way. Contributed by Yuya Nishihara. git-svn-id: http://svn.redmine.org/redmine/trunk@17060 e93f8b46-1217-0410-a6f0-8f06a7374b81
- Loading branch information
Toshi MARUYAMA
committed
Dec 7, 2017
1 parent
d6d2d23
commit ca87bf7
Showing
2 changed files
with
34 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters