File CVE-2017-1000116-0010.patch of Package mercurial.5472

# HG changeset patch
# User Sean Farley <sean@farley.io>
# Date 1501538111 25200
#      Mon Jul 31 14:55:11 2017 -0700
# Branch stable
# Node ID ca398a50ca00635b2a9e6afa5c552ffd1afa8381
# Parent  173ecccb9ee7ca4babba86d9e9f8203931a915eb
subrepo: add tests for git rogue ssh urls (SEC)

'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.

When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.

---
 mercurial/subrepo.py |    3 +++
 1 file changed, 3 insertions(+)

--- a/mercurial/subrepo.py
+++ b/mercurial/subrepo.py
@@ -1207,6 +1207,9 @@ class gitsubrepo(abstractsubrepo):
 
     def _fetch(self, source, revision):
         if self._gitmissing():
+            # SEC: check for safe ssh url
+            util.checksafessh(source)
+
             source = self._abssource(source)
             self._ui.status(_('cloning subrepo %s from %s\n') %
                             (self._relpath, source))