subrepo: prohibit variable expansion on creation of hg subrepo (SEC)

Authored by yuja.

Description

subrepo: prohibit variable expansion on creation of hg subrepo (SEC)

It's probably wrong to expand path at localrepo.*repository() layer, but
fixing the layering issue would require careful inspection of call paths.
So, this patch adds add a validation to the subrepo constructor.

os.path.realpath(util.expandpath(root)) is what vfsmod.vfs() would do.

Details

Committed
yujaJan 8 2019, 8:07 AM
Parents
rHG31286c9282df: subrepo: extend path auditing test to include more weird patterns (SEC)
Branches
Unknown
Tags
Unknown