Page MenuHomePhabricator

Work around a Windows escaping issue and security conecern in "hg cat --output ..."
ClosedPublic

Authored by epriestley on Oct 25 2018, 2:01 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Mar 20, 10:30 PM
Unknown Object (File)
Mon, Mar 18, 6:31 AM
Unknown Object (File)
Wed, Mar 6, 6:47 AM
Unknown Object (File)
Feb 22 2024, 3:29 AM
Unknown Object (File)
Feb 21 2024, 8:31 PM
Unknown Object (File)
Feb 20 2024, 10:48 PM
Unknown Object (File)
Feb 15 2024, 6:01 PM
Unknown Object (File)
Feb 3 2024, 7:42 PM
Subscribers
None

Details

Summary

See PHI904. Ref T13210. Ref T13209. Currently, we have an hg cat construction which attempts to pass a literal %p to Mercurial. This fails because you can't pass % through %s outside of wilds.

It also uses %C to pass a list of file paths. This is broadly unsafe and can cause command execution if you modify a file named, e.g., ; rm -rf xyz or similar. I think it would be difficult to turn this into an attack but it's fairly bad. This dates from D5144 in 2013.

Test Plan

With this patch, created D19757 which has valid binary data (see F5962134).

Diff Detail

Repository
rARC Arcanist
Lint
Lint Not Applicable
Unit
Tests Not Applicable