Page MenuHomePhabricator

Work around a Windows escaping issue and security conecern in "hg cat --output ..."
ClosedPublic

Authored by epriestley on Oct 25 2018, 2:01 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 20, 11:03 PM
Unknown Object (File)
Sun, Dec 15, 3:37 AM
Unknown Object (File)
Sun, Dec 15, 1:47 AM
Unknown Object (File)
Sun, Dec 1, 10:48 PM
Unknown Object (File)
Sun, Dec 1, 7:53 PM
Unknown Object (File)
Nov 22 2024, 10:16 AM
Unknown Object (File)
Nov 22 2024, 10:16 AM
Unknown Object (File)
Nov 22 2024, 9:54 AM
Subscribers
None

Details

Summary

See PHI904. Ref T13210. Ref T13209. Currently, we have an hg cat construction which attempts to pass a literal %p to Mercurial. This fails because you can't pass % through %s outside of wilds.

It also uses %C to pass a list of file paths. This is broadly unsafe and can cause command execution if you modify a file named, e.g., ; rm -rf xyz or similar. I think it would be difficult to turn this into an attack but it's fairly bad. This dates from D5144 in 2013.

Test Plan

With this patch, created D19757 which has valid binary data (see F5962134).

Diff Detail

Repository
rARC Arcanist
Lint
Lint Not Applicable
Unit
Tests Not Applicable