diff options
| -rw-r--r-- | gitosis/test/test_serve.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/gitosis/test/test_serve.py b/gitosis/test/test_serve.py index d6030d2..cf54cc6 100644 --- a/gitosis/test/test_serve.py +++ b/gitosis/test/test_serve.py @@ -57,6 +57,18 @@ def test_bad_unsafeArguments(): eq(str(e), 'Arguments to command look dangerous') assert isinstance(e, serve.ServingError) +def test_bad_unsafeArguments_dotdot(): + cfg = RawConfigParser() + e = assert_raises( + serve.UnsafeArgumentsError, + serve.serve, + cfg=cfg, + user='jdoe', + command='git-upload-pack something/../evil', + ) + eq(str(e), 'Arguments to command look dangerous') + assert isinstance(e, serve.ServingError) + def test_bad_forbiddenCommand_read(): cfg = RawConfigParser() e = assert_raises( |