Updates from review · gitpython-developers/GitPython@f4f2658

@@ -694,91 +694,115 @@ def test_push_error(self, repo):

694694695695@with_rw_repo("HEAD")696696def test_set_unsafe_url(self, rw_repo):697+tmp_dir = Path(tempfile.mkdtemp())698+tmp_file = tmp_dir / "pwn"697699remote = rw_repo.remote("origin")698700urls = [699-"ext::sh -c touch% /tmp/pwn",701+f"ext::sh -c touch% {tmp_file}",700702"fd::17/foo",701703 ]702704for url in urls:703705with self.assertRaises(UnsafeProtocolError):704706remote.set_url(url)707+assert not tmp_file.exists()705708706709@with_rw_repo("HEAD")707710def test_set_unsafe_url_allowed(self, rw_repo):711+tmp_dir = Path(tempfile.mkdtemp())712+tmp_file = tmp_dir / "pwn"708713remote = rw_repo.remote("origin")709714urls = [710-"ext::sh -c touch% /tmp/pwn",715+f"ext::sh -c touch% {tmp_file}",711716"fd::17/foo",712717 ]713718for url in urls:714719remote.set_url(url, allow_unsafe_protocols=True)715720assert list(remote.urls)[-1] == url721+assert not tmp_file.exists()716722717723@with_rw_repo("HEAD")718724def test_add_unsafe_url(self, rw_repo):725+tmp_dir = Path(tempfile.mkdtemp())726+tmp_file = tmp_dir / "pwn"719727remote = rw_repo.remote("origin")720728urls = [721-"ext::sh -c touch% /tmp/pwn",729+f"ext::sh -c touch% {tmp_file}",722730"fd::17/foo",723731 ]724732for url in urls:725733with self.assertRaises(UnsafeProtocolError):726734remote.add_url(url)735+assert not tmp_file.exists()727736728737@with_rw_repo("HEAD")729738def test_add_unsafe_url_allowed(self, rw_repo):739+tmp_dir = Path(tempfile.mkdtemp())740+tmp_file = tmp_dir / "pwn"730741remote = rw_repo.remote("origin")731742urls = [732-"ext::sh -c touch% /tmp/pwn",743+f"ext::sh -c touch% {tmp_file}",733744"fd::17/foo",734745 ]735746for url in urls:736747remote.add_url(url, allow_unsafe_protocols=True)737748assert list(remote.urls)[-1] == url749+assert not tmp_file.exists()738750739751@with_rw_repo("HEAD")740752def test_create_remote_unsafe_url(self, rw_repo):753+tmp_dir = Path(tempfile.mkdtemp())754+tmp_file = tmp_dir / "pwn"741755urls = [742-"ext::sh -c touch% /tmp/pwn",756+f"ext::sh -c touch% {tmp_file}",743757"fd::17/foo",744758 ]745759for url in urls:746760with self.assertRaises(UnsafeProtocolError):747761Remote.create(rw_repo, "origin", url)762+assert not tmp_file.exists()748763749764@with_rw_repo("HEAD")750765def test_create_remote_unsafe_url_allowed(self, rw_repo):766+tmp_dir = Path(tempfile.mkdtemp())767+tmp_file = tmp_dir / "pwn"751768urls = [752-"ext::sh -c touch% /tmp/pwn",769+f"ext::sh -c touch% {tmp_file}",753770"fd::17/foo",754771 ]755772for i, url in enumerate(urls):756773remote = Remote.create(rw_repo, f"origin{i}", url, allow_unsafe_protocols=True)757774assert remote.url == url775+assert not tmp_file.exists()758776759777@with_rw_repo("HEAD")760778def test_fetch_unsafe_url(self, rw_repo):779+tmp_dir = Path(tempfile.mkdtemp())780+tmp_file = tmp_dir / "pwn"761781remote = rw_repo.remote("origin")762782urls = [763-"ext::sh -c touch% /tmp/pwn",783+f"ext::sh -c touch% {tmp_file}",764784"fd::17/foo",765785 ]766786for url in urls:767787with self.assertRaises(UnsafeProtocolError):768788remote.fetch(url)789+assert not tmp_file.exists()769790770791@with_rw_repo("HEAD")771792def test_fetch_unsafe_url_allowed(self, rw_repo):793+tmp_dir = Path(tempfile.mkdtemp())794+tmp_file = tmp_dir / "pwn"772795remote = rw_repo.remote("origin")773796urls = [774-"ext::sh -c touch% /tmp/pwn",797+f"ext::sh -c touch% {tmp_file}",775798"fd::17/foo",776799 ]777800for url in urls:778801# The URL will be allowed into the command, but the command will779802# fail since we don't have that protocol enabled in the Git config file.780803with self.assertRaises(GitCommandError):781804remote.fetch(url, allow_unsafe_protocols=True)805+assert not tmp_file.exists()782806783807@with_rw_repo("HEAD")784808def test_fetch_unsafe_options(self, rw_repo):

@@ -789,6 +813,7 @@ def test_fetch_unsafe_options(self, rw_repo):

789813for unsafe_option in unsafe_options:790814with self.assertRaises(UnsafeOptionError):791815remote.fetch(**unsafe_option)816+assert not tmp_file.exists()792817793818@with_rw_repo("HEAD")794819def test_fetch_unsafe_options_allowed(self, rw_repo):

@@ -798,32 +823,40 @@ def test_fetch_unsafe_options_allowed(self, rw_repo):

798823unsafe_options = [{"upload-pack": f"touch {tmp_file}"}]799824for unsafe_option in unsafe_options:800825# The options will be allowed, but the command will fail.826+assert not tmp_file.exists()801827with self.assertRaises(GitCommandError):802828remote.fetch(**unsafe_option, allow_unsafe_options=True)829+assert tmp_file.exists()803830804831@with_rw_repo("HEAD")805832def test_pull_unsafe_url(self, rw_repo):833+tmp_dir = Path(tempfile.mkdtemp())834+tmp_file = tmp_dir / "pwn"806835remote = rw_repo.remote("origin")807836urls = [808-"ext::sh -c touch% /tmp/pwn",837+f"ext::sh -c touch% {tmp_file}",809838"fd::17/foo",810839 ]811840for url in urls:812841with self.assertRaises(UnsafeProtocolError):813842remote.pull(url)843+assert not tmp_file.exists()814844815845@with_rw_repo("HEAD")816846def test_pull_unsafe_url_allowed(self, rw_repo):847+tmp_dir = Path(tempfile.mkdtemp())848+tmp_file = tmp_dir / "pwn"817849remote = rw_repo.remote("origin")818850urls = [819-"ext::sh -c touch% /tmp/pwn",851+f"ext::sh -c touch% {tmp_file}",820852"fd::17/foo",821853 ]822854for url in urls:823855# The URL will be allowed into the command, but the command will824856# fail since we don't have that protocol enabled in the Git config file.825857with self.assertRaises(GitCommandError):826858remote.pull(url, allow_unsafe_protocols=True)859+assert not tmp_file.exists()827860828861@with_rw_repo("HEAD")829862def test_pull_unsafe_options(self, rw_repo):

@@ -834,6 +867,7 @@ def test_pull_unsafe_options(self, rw_repo):

834867for unsafe_option in unsafe_options:835868with self.assertRaises(UnsafeOptionError):836869remote.pull(**unsafe_option)870+assert not tmp_file.exists()837871838872@with_rw_repo("HEAD")839873def test_pull_unsafe_options_allowed(self, rw_repo):

@@ -843,32 +877,40 @@ def test_pull_unsafe_options_allowed(self, rw_repo):

843877unsafe_options = [{"upload-pack": f"touch {tmp_file}"}]844878for unsafe_option in unsafe_options:845879# The options will be allowed, but the command will fail.880+assert not tmp_file.exists()846881with self.assertRaises(GitCommandError):847882remote.pull(**unsafe_option, allow_unsafe_options=True)883+assert tmp_file.exists()848884849885@with_rw_repo("HEAD")850886def test_push_unsafe_url(self, rw_repo):887+tmp_dir = Path(tempfile.mkdtemp())888+tmp_file = tmp_dir / "pwn"851889remote = rw_repo.remote("origin")852890urls = [853-"ext::sh -c touch% /tmp/pwn",891+f"ext::sh -c touch% {tmp_file}",854892"fd::17/foo",855893 ]856894for url in urls:857895with self.assertRaises(UnsafeProtocolError):858896remote.push(url)897+assert not tmp_file.exists()859898860899@with_rw_repo("HEAD")861900def test_push_unsafe_url_allowed(self, rw_repo):901+tmp_dir = Path(tempfile.mkdtemp())902+tmp_file = tmp_dir / "pwn"862903remote = rw_repo.remote("origin")863904urls = [864-"ext::sh -c touch% /tmp/pwn",905+f"ext::sh -c touch% {tmp_file}",865906"fd::17/foo",866907 ]867908for url in urls:868909# The URL will be allowed into the command, but the command will869910# fail since we don't have that protocol enabled in the Git config file.870911with self.assertRaises(GitCommandError):871912remote.push(url, allow_unsafe_protocols=True)913+assert not tmp_file.exists()872914873915@with_rw_repo("HEAD")874916def test_push_unsafe_options(self, rw_repo):

@@ -882,8 +924,10 @@ def test_push_unsafe_options(self, rw_repo):

882924 }883925 ]884926for unsafe_option in unsafe_options:927+assert not tmp_file.exists()885928with self.assertRaises(UnsafeOptionError):886929remote.push(**unsafe_option)930+assert not tmp_file.exists()887931888932@with_rw_repo("HEAD")889933def test_push_unsafe_options_allowed(self, rw_repo):

@@ -898,8 +942,11 @@ def test_push_unsafe_options_allowed(self, rw_repo):

898942 ]899943for unsafe_option in unsafe_options:900944# The options will be allowed, but the command will fail.945+assert not tmp_file.exists()901946with self.assertRaises(GitCommandError):902947remote.push(**unsafe_option, allow_unsafe_options=True)948+assert tmp_file.exists()949+tmp_file.unlink()903950904951905952class TestTimeouts(TestBase):