[Commented On] D11259: subrepo: compare normalised vfs path
baymax (Baymax, Your Personal Patch-care Companion)
phabricator at mercurial-scm.org
Thu Aug 5 18:02:16 UTC 2021
baymax added a comment.
baymax updated this revision to Diff 29819.
✅ refresh by Heptapod after a successful CI run (🐙 💚)
⚠ This patch is intended for stable ⚠
<img src="https://phab.mercurial-scm.org/file/data/bth6ydklc4kd4gmh7a6h/PHID-FILE-uktushir6fpusqhvokji/source.gif" />
REPOSITORY
rHG Mercurial
CHANGES SINCE LAST UPDATE
https://phab.mercurial-scm.org/D11259?vs=29812&id=29819
BRANCH
stable
CHANGES SINCE LAST ACTION
https://phab.mercurial-scm.org/D11259/new/
REVISION DETAIL
https://phab.mercurial-scm.org/D11259
AFFECTED FILES
mercurial/subrepo.py
CHANGE DETAILS
diff --git a/mercurial/subrepo.py b/mercurial/subrepo.py
--- a/mercurial/subrepo.py
+++ b/mercurial/subrepo.py
@@ -458,12 +458,14 @@
create = allowcreate and not r.wvfs.exists(b'%s/.hg' % path)
# repository constructor does expand variables in path, which is
# unsafe since subrepo path might come from untrusted source.
- if os.path.realpath(util.expandpath(root)) != root:
+ norm_root = os.path.normcase(root)
+ real_root = os.path.normcase(os.path.realpath(util.expandpath(root)))
+ if real_root != norm_root:
raise error.Abort(
_(b'subrepo path contains illegal component: %s') % path
)
self._repo = hg.repository(r.baseui, root, create=create)
- if self._repo.root != root:
+ if os.path.normcase(self._repo.root) != os.path.normcase(root):
raise error.ProgrammingError(
b'failed to reject unsafe subrepo '
b'path: %s (expanded to %s)' % (root, self._repo.root)
To: marmoute, #hg-reviewers
Cc: mercurial-patches
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mercurial-scm.org/pipermail/mercurial-patches/attachments/20210805/c7e3b8ec/attachment-0002.html>
More information about the Mercurial-patches
mailing list