1 changeset:   23678:e3f30068d2eb

     2 branch:      stable

     3 parent:      23676:b65a01a4316b

     4 user:        Matt Mackall <[email protected]>

     5 date:        Mon Dec 29 13:27:02 2014 -0700

     6 files:

     7    mercurial/sshpeer.py

     8 description:

     9 sshpeer: more thorough shell quoting

    10 

    11 This fixes an issue spotted by Jesse Hertz.

    12 

    13 diff --git a/mercurial/sshpeer.py b/mercurial/sshpeer.py

    14 --- a/mercurial/sshpeer.py

    15 +++ b/mercurial/sshpeer.py

    16 @@ -20,6 +20,8 @@ class remotelock(object):

    17              self.release()

    18  

    19  def _serverquote(s):

    20 +    if not s:

    21 +        return s

    22      '''quote a string for the remote shell ... which we assume is sh'''

    23      if re.match('[a-zA-Z0-9@%_+=:,./-]*$', s):

    24          return s

    25 @@ -45,7 +47,10 @@ class sshpeer(wireproto.wirepeer):

    26          sshcmd = self.ui.config("ui", "ssh", "ssh")

    27          remotecmd = self.ui.config("ui", "remotecmd", "hg")

    28  

    29 -        args = util.sshargs(sshcmd, self.host, self.user, self.port)

    30 +        args = util.sshargs(sshcmd,

    31 +                            _serverquote(self.host),

    32 +                            _serverquote(self.user),

    33 +                            _serverquote(self.port))

    34  

    35          if create:

    36              cmd = '%s %s %s' % (sshcmd, args,

    37