File hg-CVE-2016-3069-01-convert_add_new_non_clowny_interface.patch of Package mercurial.5472

# HG changeset patch
# User Mateusz Kwapich <mitrandir@fb.com>
# Date 1458691511 25200
#      Tue Mar 22 17:05:11 2016 -0700
# Branch stable
# Node ID 197eed39e3d5e9a8cadfd9ba5839eb14cc265caa
# Parent  34d43cb85de8d06764039d8868eee19d00fddeab
convert: add new, non-clowny interface for shelling out to git (SEC)

CVE-2016-3069 (1/5)

To avoid shell injection and for the sake of simplicity let's use the
common.commandline for calling git.

---
 hgext/convert/git.py |   20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

--- a/hgext/convert/git.py
+++ b/hgext/convert/git.py
@@ -11,7 +11,7 @@ from mercurial import util, config
 from mercurial.node import hex, nullid
 from mercurial.i18n import _
 
-from common import NoRepo, commit, converter_source, checktool
+from common import NoRepo, commit, converter_source, checktool, commandline
 
 class submodule(object):
     def __init__(self, path, node, url):
@@ -25,7 +25,7 @@ class submodule(object):
     def hgsubstate(self):
         return "%s %s" % (self.node, self.path)
 
-class convert_git(converter_source):
+class convert_git(converter_source, commandline):
     # Windows does not support GIT_DIR= construct while other systems
     # cannot remove environment variable. Just assume none have
     # both issues.
@@ -56,6 +56,21 @@ class convert_git(converter_source):
             else:
                 return util.popen('GIT_DIR=%s %s' % (self.path, s), 'rb')
 
+    def _gitcmd(self, cmd, *args, **kwargs):
+        return cmd('--git-dir=%s' % self.path, *args, **kwargs)
+
+    def gitrun0(self, *args, **kwargs):
+        return self._gitcmd(self.run0, *args, **kwargs)
+
+    def gitrun(self, *args, **kwargs):
+        return self._gitcmd(self.run, *args, **kwargs)
+
+    def gitrunlines0(self, *args, **kwargs):
+        return self._gitcmd(self.runlines0, *args, **kwargs)
+
+    def gitrunlines(self, *args, **kwargs):
+        return self._gitcmd(self.runlines, *args, **kwargs)
+
     def popen_with_stderr(self, s):
         p = subprocess.Popen(s, shell=True, bufsize=-1,
                              close_fds=util.closefds,
@@ -73,6 +88,7 @@ class convert_git(converter_source):
 
     def __init__(self, ui, path, rev=None):
         super(convert_git, self).__init__(ui, path, rev=rev)
+        commandline.__init__(self, ui, 'git')
 
         if os.path.isdir(path + "/.git"):
             path += "/.git"