mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-16 02:20:54 +01:00
(stable) Promote 2017 Week 45
This commit is contained in:
commit
d2d5a1f283
9 changed files with 97 additions and 13 deletions
|
@ -768,6 +768,7 @@ phutil_register_library_map(array(
|
||||||
'DiffusionMercurialBlameQuery' => 'applications/diffusion/query/blame/DiffusionMercurialBlameQuery.php',
|
'DiffusionMercurialBlameQuery' => 'applications/diffusion/query/blame/DiffusionMercurialBlameQuery.php',
|
||||||
'DiffusionMercurialCommandEngine' => 'applications/diffusion/protocol/DiffusionMercurialCommandEngine.php',
|
'DiffusionMercurialCommandEngine' => 'applications/diffusion/protocol/DiffusionMercurialCommandEngine.php',
|
||||||
'DiffusionMercurialFileContentQuery' => 'applications/diffusion/query/filecontent/DiffusionMercurialFileContentQuery.php',
|
'DiffusionMercurialFileContentQuery' => 'applications/diffusion/query/filecontent/DiffusionMercurialFileContentQuery.php',
|
||||||
|
'DiffusionMercurialFlagInjectionException' => 'applications/diffusion/exception/DiffusionMercurialFlagInjectionException.php',
|
||||||
'DiffusionMercurialRawDiffQuery' => 'applications/diffusion/query/rawdiff/DiffusionMercurialRawDiffQuery.php',
|
'DiffusionMercurialRawDiffQuery' => 'applications/diffusion/query/rawdiff/DiffusionMercurialRawDiffQuery.php',
|
||||||
'DiffusionMercurialRequest' => 'applications/diffusion/request/DiffusionMercurialRequest.php',
|
'DiffusionMercurialRequest' => 'applications/diffusion/request/DiffusionMercurialRequest.php',
|
||||||
'DiffusionMercurialResponse' => 'applications/diffusion/response/DiffusionMercurialResponse.php',
|
'DiffusionMercurialResponse' => 'applications/diffusion/response/DiffusionMercurialResponse.php',
|
||||||
|
@ -5814,6 +5815,7 @@ phutil_register_library_map(array(
|
||||||
'DiffusionMercurialBlameQuery' => 'DiffusionBlameQuery',
|
'DiffusionMercurialBlameQuery' => 'DiffusionBlameQuery',
|
||||||
'DiffusionMercurialCommandEngine' => 'DiffusionCommandEngine',
|
'DiffusionMercurialCommandEngine' => 'DiffusionCommandEngine',
|
||||||
'DiffusionMercurialFileContentQuery' => 'DiffusionFileContentQuery',
|
'DiffusionMercurialFileContentQuery' => 'DiffusionFileContentQuery',
|
||||||
|
'DiffusionMercurialFlagInjectionException' => 'Exception',
|
||||||
'DiffusionMercurialRawDiffQuery' => 'DiffusionRawDiffQuery',
|
'DiffusionMercurialRawDiffQuery' => 'DiffusionRawDiffQuery',
|
||||||
'DiffusionMercurialRequest' => 'DiffusionRequest',
|
'DiffusionMercurialRequest' => 'DiffusionRequest',
|
||||||
'DiffusionMercurialResponse' => 'AphrontResponse',
|
'DiffusionMercurialResponse' => 'AphrontResponse',
|
||||||
|
|
|
@ -47,7 +47,7 @@ final class DiffusionExistsQueryConduitAPIMethod
|
||||||
$commit = $request->getValue('commit');
|
$commit = $request->getValue('commit');
|
||||||
list($err, $stdout) = $repository->execLocalCommand(
|
list($err, $stdout) = $repository->execLocalCommand(
|
||||||
'id --rev %s',
|
'id --rev %s',
|
||||||
$commit);
|
hgsprintf('%s', $commit));
|
||||||
return !$err;
|
return !$err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -123,21 +123,23 @@ final class DiffusionHistoryQueryConduitAPIMethod
|
||||||
// branches).
|
// branches).
|
||||||
|
|
||||||
if (strlen($path)) {
|
if (strlen($path)) {
|
||||||
$path_arg = csprintf('-- %s', $path);
|
$path_arg = csprintf('%s', $path);
|
||||||
$branch_arg = '';
|
$revset_arg = hgsprintf(
|
||||||
|
'reverse(ancestors(%s))',
|
||||||
|
$commit_hash);
|
||||||
} else {
|
} else {
|
||||||
$path_arg = '';
|
$path_arg = '';
|
||||||
// NOTE: --branch used to be called --only-branch; use -b for
|
$revset_arg = hgsprintf(
|
||||||
// compatibility.
|
'branch(%s) and reverse(ancestors(%s))',
|
||||||
$branch_arg = csprintf('-b %s', $drequest->getBranch());
|
$drequest->getBranch(),
|
||||||
|
$commit_hash);
|
||||||
}
|
}
|
||||||
|
|
||||||
list($stdout) = $repository->execxLocalCommand(
|
list($stdout) = $repository->execxLocalCommand(
|
||||||
'log --debug --template %s --limit %d %C --rev %s %C',
|
'log --debug --template %s --limit %d --rev %s -- %C',
|
||||||
'{node};{parents}\\n',
|
'{node};{parents}\\n',
|
||||||
($offset + $limit), // No '--skip' in Mercurial.
|
($offset + $limit), // No '--skip' in Mercurial.
|
||||||
$branch_arg,
|
$revset_arg,
|
||||||
hgsprintf('reverse(ancestors(%s))', $commit_hash),
|
|
||||||
$path_arg);
|
$path_arg);
|
||||||
|
|
||||||
$stdout = DiffusionMercurialCommandEngine::filterMercurialDebugOutput(
|
$stdout = DiffusionMercurialCommandEngine::filterMercurialDebugOutput(
|
||||||
|
|
|
@ -77,7 +77,7 @@ final class DiffusionMergedCommitsQueryConduitAPIMethod
|
||||||
list($parents) = $repository->execxLocalCommand(
|
list($parents) = $repository->execxLocalCommand(
|
||||||
'parents --template=%s --rev %s',
|
'parents --template=%s --rev %s',
|
||||||
'{node}\\n',
|
'{node}\\n',
|
||||||
$commit);
|
hgsprintf('%s', $commit));
|
||||||
$parents = explode("\n", trim($parents));
|
$parents = explode("\n", trim($parents));
|
||||||
|
|
||||||
if (count($parents) < 2) {
|
if (count($parents) < 2) {
|
||||||
|
|
|
@ -97,7 +97,7 @@ final class DiffusionSearchQueryConduitAPIMethod
|
||||||
|
|
||||||
$results = array();
|
$results = array();
|
||||||
$future = $repository->getLocalCommandFuture(
|
$future = $repository->getLocalCommandFuture(
|
||||||
'grep --rev %s --print0 --line-number %s %s',
|
'grep --rev %s --print0 --line-number -- %s %s',
|
||||||
hgsprintf('ancestors(%s)', $drequest->getStableCommit()),
|
hgsprintf('ancestors(%s)', $drequest->getStableCommit()),
|
||||||
$grep,
|
$grep,
|
||||||
$path);
|
$path);
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
final class DiffusionMercurialFlagInjectionException extends Exception {}
|
|
@ -11,6 +11,27 @@ final class DiffusionMercurialCommandEngine
|
||||||
protected function newFormattedCommand($pattern, array $argv) {
|
protected function newFormattedCommand($pattern, array $argv) {
|
||||||
$args = array();
|
$args = array();
|
||||||
|
|
||||||
|
// Crudely blacklist commands which look like they may contain command
|
||||||
|
// injection via "--config" or "--debugger". See T13012. To do this, we
|
||||||
|
// print the whole command, parse it using shell rules, then examine each
|
||||||
|
// argument to see if it looks like "--config" or "--debugger".
|
||||||
|
|
||||||
|
$test_command = call_user_func_array(
|
||||||
|
'csprintf',
|
||||||
|
array_merge(array($pattern), $argv));
|
||||||
|
$test_args = id(new PhutilShellLexer())
|
||||||
|
->splitArguments($test_command);
|
||||||
|
|
||||||
|
foreach ($test_args as $test_arg) {
|
||||||
|
if (preg_match('/^--(config|debugger)/i', $test_arg)) {
|
||||||
|
throw new DiffusionMercurialFlagInjectionException(
|
||||||
|
pht(
|
||||||
|
'Mercurial command appears to contain unsafe injected "--config" '.
|
||||||
|
'or "--debugger": %s',
|
||||||
|
$test_command));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// NOTE: Here, and in Git and Subversion, we override the SSH command even
|
// NOTE: Here, and in Git and Subversion, we override the SSH command even
|
||||||
// if the repository does not use an SSH remote, since our SSH wrapper
|
// if the repository does not use an SSH remote, since our SSH wrapper
|
||||||
// defuses an attack against older versions of Mercurial, Git and
|
// defuses an attack against older versions of Mercurial, Git and
|
||||||
|
|
|
@ -123,6 +123,62 @@ final class DiffusionCommandEngineTestCase extends PhabricatorTestCase {
|
||||||
'argv' => 'xyz',
|
'argv' => 'xyz',
|
||||||
'protocol' => 'https',
|
'protocol' => 'https',
|
||||||
));
|
));
|
||||||
|
|
||||||
|
// Test that filtering defenses for "--config" and "--debugger" flag
|
||||||
|
// injections in Mercurial are functional. See T13012.
|
||||||
|
|
||||||
|
$caught = null;
|
||||||
|
try {
|
||||||
|
$this->assertCommandEngineFormat(
|
||||||
|
'',
|
||||||
|
array(),
|
||||||
|
array(
|
||||||
|
'vcs' => $type_hg,
|
||||||
|
'argv' => '--debugger',
|
||||||
|
));
|
||||||
|
} catch (DiffusionMercurialFlagInjectionException $ex) {
|
||||||
|
$caught = $ex;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertTrue(
|
||||||
|
($caught instanceof DiffusionMercurialFlagInjectionException),
|
||||||
|
pht('Expected "--debugger" injection in Mercurial to throw.'));
|
||||||
|
|
||||||
|
|
||||||
|
$caught = null;
|
||||||
|
try {
|
||||||
|
$this->assertCommandEngineFormat(
|
||||||
|
'',
|
||||||
|
array(),
|
||||||
|
array(
|
||||||
|
'vcs' => $type_hg,
|
||||||
|
'argv' => '--config=x',
|
||||||
|
));
|
||||||
|
} catch (DiffusionMercurialFlagInjectionException $ex) {
|
||||||
|
$caught = $ex;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertTrue(
|
||||||
|
($caught instanceof DiffusionMercurialFlagInjectionException),
|
||||||
|
pht('Expected "--config" injection in Mercurial to throw.'));
|
||||||
|
|
||||||
|
$caught = null;
|
||||||
|
try {
|
||||||
|
$this->assertCommandEngineFormat(
|
||||||
|
'',
|
||||||
|
array(),
|
||||||
|
array(
|
||||||
|
'vcs' => $type_hg,
|
||||||
|
'argv' => (string)csprintf('%s', '--config=x'),
|
||||||
|
));
|
||||||
|
} catch (DiffusionMercurialFlagInjectionException $ex) {
|
||||||
|
$caught = $ex;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->assertTrue(
|
||||||
|
($caught instanceof DiffusionMercurialFlagInjectionException),
|
||||||
|
pht('Expected quoted "--config" injection in Mercurial to throw.'));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function assertCommandEngineFormat(
|
private function assertCommandEngineFormat(
|
||||||
|
|
|
@ -16,14 +16,14 @@ final class DiffusionMercurialRawDiffQuery extends DiffusionRawDiffQuery {
|
||||||
// If `$commit` has no parents (usually because it's the first commit
|
// If `$commit` has no parents (usually because it's the first commit
|
||||||
// in the repository), we want to diff against `null`. This revset will
|
// in the repository), we want to diff against `null`. This revset will
|
||||||
// do that for us automatically.
|
// do that for us automatically.
|
||||||
$against = '('.$commit.'^ or null)';
|
$against = hgsprintf('(%s^ or null)', $commit);
|
||||||
}
|
}
|
||||||
|
|
||||||
$future = $repository->getLocalCommandFuture(
|
$future = $repository->getLocalCommandFuture(
|
||||||
'diff -U %d --git --rev %s --rev %s -- %s',
|
'diff -U %d --git --rev %s --rev %s -- %s',
|
||||||
$this->getLinesOfContext(),
|
$this->getLinesOfContext(),
|
||||||
$against,
|
$against,
|
||||||
$commit,
|
hgsprintf('%s', $commit),
|
||||||
$path);
|
$path);
|
||||||
|
|
||||||
return $future;
|
return $future;
|
||||||
|
|
Loading…
Reference in a new issue