Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
Linux
Description
When preparing a release, if the user mistypes their
subversion password and adds a backslash at the end, then the release
prepare phase gets stuck in the "update-working-copy" (the first) step.
This is because the svn command issued by continuum is:
svn --username xxxxx --password abcdef\ --non-interactive ...
which means that the space between the password and the space before the
--non-interactive option is escaped, which in turn means that this
option is not seen at all, and since the password is incorrect, it goes
ahead and tries to prompt the user for their correct password in the
command line, so the process hangs (found that by running a:
ps -edf | grep svn
on the server).
The username and password should be shell-escaped to avoid this. (Imagine
the disaster if the user enters a password ";my-malicious-command" )