marmoute created this revision. Herald added a reviewer: hg-reviewers. Herald added a subscriber: mercurial-patches.
REVISION SUMMARY The stream clone logic allows for writing any content to any file under various vfs. This is *not* suitable for *vfs*, since writing in `.hg/` directly allow to modify the configuration and is a great and simple gateway for remote code execution. REPOSITORY rHG Mercurial BRANCH stable REVISION DETAIL https://phab.mercurial-scm.org/D10905 AFFECTED FILES mercurial/streamclone.py CHANGE DETAILS diff --git a/mercurial/streamclone.py b/mercurial/streamclone.py --- a/mercurial/streamclone.py +++ b/mercurial/streamclone.py @@ -560,6 +560,12 @@ def _emit2(repo, entries, totalfilesize): """actually emit the stream bundle""" vfsmap = _makemap(repo) + # we keep repo.vfs out of the on purpose, ther are too many danger there + # (eg: .hg/hgrc), + # + # this assert is duplicated (from _makemap) as author might think this is + # fine, while this is really not fine. + assert repo.vfs not in vfsmap.values() progress = repo.ui.makeprogress( _(b'bundle'), total=totalfilesize, unit=_(b'bytes') ) @@ -685,6 +691,12 @@ progress.update(0) vfsmap = _makemap(repo) + # we keep repo.vfs out of the on purpose, ther are too many danger + # there (eg: .hg/hgrc), + # + # this assert is duplicated (from _makemap) as author might think this + # is fine, while this is really not fine. + assert repo.vfs not in vfsmap.values() with repo.transaction(b'clone'): ctxs = (vfs.backgroundclosing(repo.ui) for vfs in vfsmap.values()) To: marmoute, #hg-reviewers Cc: mercurial-patches, mercurial-devel _______________________________________________ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel
