[PATCH 0 of 7] keyword: handle copy/rename, safer regex (extended resend)

Christian Ebert blacktrash at gmx.net
Fri Oct 8 17:40:13 UTC 2010


Hi,

This is a resend with one slight change in the 1st patch and one
additional patch.

2 security enhancements regarding unwanted keyword (un)expansion:

1) handle copying/renaming to a destination not configured for
   keyword expansion gracefully (2nd patch)
2) Stricter keyword detection by using 2 specific regular
   expressions which search either for unexpanded or expanded
   keywords only (6th patch)

Series in detail:

1. Refactor kwtemplar.overwrite() to prepare for the coming
   changes

Remove duplicate search or replace operations on keywor
(un)expansion.

Move weeding of expansion/shrink candidates outside overwrite().

2. Make copy and rename operations safer wrt keyword expansion.

Before files containing expanded keywords were copied/renamed
unaltered even to a destination ignored by the extension. If
these files were checked in the expanded keywords became
unintentionally part of the change history. I tend to consider
this as a long-standing bug in the extension, which should now be
fixed. This change unexpands all keywords in the copy/rename
destinations as the files are not yet versioned.

I don't think the wrapper for cmdutil.copy needs to be
write-locked as cmdutil.copy is "called with the repo lock held",
but I'm fine with being taught otherwise.

A weird corner case where "hg cp symlink dest" yields a different
result (symlink) as "cp symlink dest; hg cp -A symlink dest"
(regular file) is also covered and tested. However, I don't know
how cp behaves on other platforms and whether the test (only the
test) would break there.

An alternative solution - rewriting fewer files, but less
consistent - would be to only overwrite destinations not
configured for expansion.

3. Make iskwfile a weeding function which now takes a list of
   files and the context as argument.

4. Simplify kwfilelog.cmp() and avoid the import of revlog and
   fiddling with it.

5. Remove all remaining sed calls from the keyword tests.

6. Two regular expressions, one for "pure" keywords, one for
   expanded keywords.

"Loosely" formatted keywords, like $Id:  $ (before expansion) are
not allowed anymore -- an issue which cropped up at least once on
the wiki.

7. Simplify detection of a record command, saving a global
   variable.

A crew repo with the series applied can be found here:
http://www.blacktrash.org/hg/hg-crew-mq/

c


More information about the Mercurial-devel mailing list