mirror of
https://github.com/klaussilveira/gitlist.git
synced 2025-11-17 11:10:57 +01:00
87b8c26b02
A specific option in git grep could be added inside the pattern to be searched for, resulting in possible RCE. Thanks to Kacper Szurek (https://security.szurek.pl) for catching this one!
29 lines
977 B
PHP
29 lines
977 B
PHP
<?php
|
|
|
|
use GitList\Git\Client;
|
|
use GitList\Git\Repository;
|
|
use PHPUnit\Framework\TestCase;
|
|
use Prophecy\Argument;
|
|
|
|
class RepositoryTest extends TestCase
|
|
{
|
|
public function testIsSanitizingSearchWithPager()
|
|
{
|
|
$client = $this->prophesize(Client::class);
|
|
$client->run(Argument::type(Repository::class), "grep -i --line-number -- '=sleep 5;' master")->shouldBeCalled();
|
|
|
|
$repository = new Repository('/tmp', $client->reveal());
|
|
$repository->searchTree('--open-files-in-pager=sleep 5;', 'master');
|
|
$repository->searchTree('-O=sleep 5;', 'master');
|
|
}
|
|
|
|
public function testIsSanitizingSearchWithAnyOption()
|
|
{
|
|
$client = $this->prophesize(Client::class);
|
|
$client->run(Argument::type(Repository::class), "grep -i --line-number -- 'foobar =bar;' foo")->shouldBeCalled();
|
|
|
|
$repository = new Repository('/tmp', $client->reveal());
|
|
$repository->searchTree('foobar --bar --foo=bar;', 'foo');
|
|
}
|
|
}
|