rpms / mercurial

Clone
Source Code
GIT

Files

el4 el5 epel9 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   f22
  2.   7-convert-rewrite-gitpipe-to-use-common.commandline.diff
Blob Blame History Raw 
# HG changeset patch
# User Mateusz Kwapich <mitrandir@fb.com>
# Date 1458691511 25200
#      Tue Mar 22 17:05:11 2016 -0700
# Branch stable
# Node ID 80cac1de6aea89f9d068abb09b0ea58c70bd7130
# Parent  b732e7f2aba4c4c417278c7c7488006301551855
convert: rewrite gitpipe to use common.commandline (SEC)

CVE-2016-3069 (4/5)

diff --git a/hgext/convert/common.py b/hgext/convert/common.py
--- a/hgext/convert/common.py
+++ b/hgext/convert/common.py
@@ -341,6 +341,9 @@ class commandline(object):
     def _run2(self, cmd, *args, **kwargs):
         return self._dorun(util.popen2, cmd, *args, **kwargs)
 
+    def _run3(self, cmd, *args, **kwargs):
+        return self._dorun(util.popen3, cmd, *args, **kwargs)
+
     def _dorun(self, openfunc, cmd,  *args, **kwargs):
         cmdline = self._cmdline(cmd, *args, **kwargs)
         self.ui.debug('running: %s\n' % (cmdline,))
diff --git a/hgext/convert/git.py b/hgext/convert/git.py
--- a/hgext/convert/git.py
+++ b/hgext/convert/git.py
@@ -29,21 +29,6 @@ class convert_git(converter_source, comm
     # Windows does not support GIT_DIR= construct while other systems
     # cannot remove environment variable. Just assume none have
     # both issues.
-    if util.safehasattr(os, 'unsetenv'):
-        def gitpipe(self, s):
-            prevgitdir = os.environ.get('GIT_DIR')
-            os.environ['GIT_DIR'] = self.path
-            try:
-                return util.popen3(s)
-            finally:
-                if prevgitdir is None:
-                    del os.environ['GIT_DIR']
-                else:
-                    os.environ['GIT_DIR'] = prevgitdir
-
-    else:
-        def gitpipe(self, s):
-            return util.popen3('GIT_DIR=%s %s' % (self.path, s))
 
     def _gitcmd(self, cmd, *args, **kwargs):
         return cmd('--git-dir=%s' % self.path, *args, **kwargs)
@@ -60,6 +45,9 @@ class convert_git(converter_source, comm
     def gitrunlines(self, *args, **kwargs):
         return self._gitcmd(self.runlines, *args, **kwargs)
 
+    def gitpipe(self, *args, **kwargs):
+        return self._gitcmd(self._run3, *args, **kwargs)
+
     def gitread(self, s):
         fh = self.gitopen(s)
         data = fh.read()
@@ -92,7 +80,7 @@ class convert_git(converter_source, comm
         self.path = path
         self.submodules = []
 
-        self.catfilepipe = self.gitpipe('git cat-file --batch')
+        self.catfilepipe = self.gitpipe('cat-file', '--batch')
 
     def after(self):
         for f in self.catfilepipe:
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.