summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-01-03shared.c: Only setenv() if value is non-nullLukas Fleischer
Some setenv() implementations (e.g. the one in OpenBSD's stdlib) segfault if we pass a NULL value. Only set environment variables if the corresponding settings are defined to avoid this. Note that this is a minor behaviour change as environment variables were supposed to be set to an empty string if a setting was undefined. Given that this feature isn't part of any official release yet, there's no need to worry about backwards compatibility, really. Change the documentation accordingly. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2012-01-03shared.c: Remove unused "linux/limits.h" includeLukas Fleischer
This isn't used anywhere and prevents the code from being compiled on other platforms, such as *BSD. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2011-07-22Merge branch 'stable'Lars Hjemli
2011-07-22Fix potential XSS vulnerability in rename hintLukas Fleischer
The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-22Remove dead initialization in cgit_parse_commit()Lukas Fleischer
The value stored to "t" during its initialization gets overwritten in any case, so just leave it uninitialized. Spotted by clang-analyzer. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-21Merge branch 'stable'Lars Hjemli
2011-07-21CGIT 0.9.0.2v0.9.0.2Lars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-21html.c: avoid out-of-bounds access for url_escape_tableEric Wong
This fixes a segfault for me with with -O2 optimization on x86 with gcc (Debian 4.4.5-8) 4.4.5 I can reliably reproduce it with the following parameters when pointed to the git.git repository: PATH_INFO='/git-core.git/diff/' QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8' Signed-off-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-21Merge branch 'stable'Lars Hjemli
2011-07-21tests: fix failures when CDPATH is setFerry Huberts
Some tests would otherwise fail because commands such as cd trash/repos/foo && git rev-list --reverse HEAD | head -1 would return 2 lines instead of 1: the 'cd' command also prints the path when CDPATH is set. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-19Makefile: fix oversight of not using $(DESTDIR) in uninstallFerry Huberts
Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-19commit-links.sh: improve regular expressionsFerry Huberts
The default length for sha1 abbreviations in git is 7. A '#num' at the beginning of the commit message is now recognised, a ':#num' as well, etc.: a '#num' anywhere is now converted to a link. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-18Merge branch 'stable'Lars Hjemli
2011-06-18cgit.c: improve error message when git repo cannot be accessedLars Hjemli
The current 'Not a git repository' error message is not very helpful, since it doesn't state the cause of the problem. This patch uses errno to provide a hint of the underlying problem. It would have been even better to give the exact cause (e.g. for ENOENT it would be nice to know which file/directory is missing), but that would require reimplementing setup_git_directory_gently() which seems a bit overkill. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15Merge branch 'stable'Lars Hjemli
2011-06-15cgitrc.5.txt: document repo.module-linkLars Hjemli
The global module-link option can be overridden per repo, but this has never been documented. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13Merge branch 'lh/clone-url'Lars Hjemli
2011-06-13cgit.c: add 'clone-url' setting with support for macro expansionLars Hjemli
The current 'clone-prefix' setting has some known issues: * All repos get the same 'clone-prefix' value since the setting is not adopted during repo registration (in cgitrc, or during scan-path traversal), but only when the setting is used. * The generated clone-urls for a repo is a combination of 'clone-prefix', a slash and the repo url. This doesn't work well with e.g. ssh-style urls like 'git@example.org:repo.git', since the inserted slash will make the repo relative to the filesystem root. * If 'remove-suffix' is enabled, the generated clone-urls will not work for cloning (except for http-urls to cgit itself) since they miss the '.git' suffix. The new 'clone-url' setting is designed to avoid the mentioned issues: * Each repo adopts the default 'clone-url' when the repo is defined. This allows different groups of repos to adopt different values. * The clone-urls for a repo is generated by expanding environment variables in a string template without inserting arbitrary characters, hence any kind of clone-url can be generated. * Macro expansion also eases the 'remove-suffix' pain since it's now possible to define e.g. 'clone-url=git://foo.org/$CGIT_REPO_URL.git' for a set of repos. A furter improvement would be to define e.g. $CGIT_REPO_SUFFIX to '.git' for all repos which had their url prettified, or to store the original $CGIT_REPO_URL in e.g. $CGIT_REPO_REAL_URL before suffix removal. Reviewed-by: Ferry Huberts <mailings@hupie.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13cgit.c: always setup cgit repo environment variablesLars Hjemli
When cgit learned to setup environment variables for certain repo settings before invoking a filter process, the setup occurred inside cgit_open_filter(). This patch moves the setup out of cgit_open_filter() and into prepare_repo_cmd() to prepare for additional uses of these variables. Reviewed-by: Ferry Huberts <mailings@hupie.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13cgitrc.5.txt: reformat the "FILTER API" sectionLars Hjemli
This patch makes the generated man-page for the filer api section more similar to the other sections. Also, the bulleted list of environment variables wasn't rendered correctly (with asciidoc 8.5.2), without an empty line before the first item. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13Merge branch 'stable'Lars Hjemli
Conflicts: cgitrc.5.txt
2011-06-13cgitrc.5.txt: describe macro expansion of cgitrc optionsLars Hjemli
This is a new feature in cgit-0.9 which was formerly undocumented. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13Merge branch 'stable'Lars Hjemli
2011-06-13README: update some stale information/add some newLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13Merge branch 'stable'Lars Hjemli
2011-06-13CGIT 0.9.0.1v0.9.0.1Lars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-12Merge branch 'stable'Lars Hjemli
2011-06-12ui-plain.c: fix html and links generated by print_dir() and print_dir_entry()Lars Hjemli
This patch fixes the following issues: * the base argument usually isn't zero-terminated, so printing base without considering baselen will usually generate random garbage * when the current url represents a directory but doesn't end in a slash, relative urls would be incorrect * using unescaped paths allows XSS Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-06Merge branch 'stable'Lars Hjemli
2011-06-06scan-tree.c: avoid memory leakJamie Couture
No references are kept to the memory pointed to by the 'rel' variable, so it should be free()'d before returning from add_repo(). Signed-off-by: Jamie Couture <jamie.couture@gmail.com> Signed-off-by: Lars Hjemli <larsh@hjemli.net>
2011-06-02Merge branch 'stable'Lars Hjemli
2011-06-02ui-log.c: do not link from age columnLars Hjemli
The link url wasn't properly escaped, and since the link was identical to the one used on the commit message it didn't serve any special purpose. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-02ui-snapshot.c: remove debug cruftLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-30ui-stats.c: fix invalid htmlLars Hjemli
Found by http://validator.w3.org. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-30Merge branch 'stable'Lars Hjemli
2011-05-30Properly escape ampersands inside HTML attributesLukas Fleischer
Ampersands ("&") appearing inside HTML attributes need to be translated to "&amp;". Otherwise, invalid XHTML will be generated at various places, such as at tree views containing links to submodules. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-30ui_repolist: get modtime from packed-refs as fallbackFerry Huberts
When no modtime could be determined then as a final fallback try to get it from the packed-refs. This will show an idle time when a repository has been packed with all refs in the packed-refs. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Merge branch 'lh/panel'Lars Hjemli
2011-05-23Merge branch 'fh/filter-api'Lars Hjemli
Conflicts: cgit.c
2011-05-23Merge branch 'stable'Lars Hjemli
2011-05-23fix virtual-root if script-name is ""Mark Lodato
In d0cb841 (Avoid trailing slash in virtual-root), virtual-root was set from script-name using trim_end(). However, if script-name was the empty string (""), which happens when cgit is used to serve the root path on a domain (/), trim_end() returns NULL and cgit acts like virtual-root is not available. Now, set virtual-root to "" in this case, which fixes this bug. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23ui-repolist.c: do not return random/stale data from read_agefileLars Hjemli
When git/date.c:parse_date() cannot parse its input it returns -1. But read_agefile() checks if the result is different from zero, essentialy returning random data from the date buffer when parsing fails. This patch fixes the issue by verifying that the result from parse_date() is positive. Noticed-by: Julius Plenz <plenz@cis.fu-berlin.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Avoid null pointer dereference in cgit_print_diff().Lukas Fleischer
When calling cgit_print_diff() with a bad new_rev and a NULL old_rev, checking for new_rev's parent commit will result in a null pointer dereference. Returning on an invalid commit before dereferencing fixes this. Spotted with clang-analyzer. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Avoid null pointer dereference in reencode().Lukas Fleischer
Returning "*txt" if "txt" is a null pointer is a bad thing. Spotted with clang-analyzer. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Fix memory leak in http_parse_querystring().Lukas Fleischer
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Remove unused variable from cgit_diff_tree().Lukas Fleischer
Seen with "-Wunused-but-set-variable". Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23shared.c: do not modify const memoryLars Hjemli
Noticed-by: zhongjj <zhongjj@lemote.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23tests: add tests for links with space in path and/or argsLars Hjemli
These tests tries to detect bad links in various pages. On the log page, there currently exists links which are not properly escaped due to the use of cgit_fileurl() when building the link. For now, this bug is simply tagged as such. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23tests/setup.sh: add support for known bugsLars Hjemli
This patch makes it possible to add tests for known bugs without aborting the testrun. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23Fix escaping of paths with spacesJonathon Mah
Signed-off-by: Lars Hjemli <hjemli@gmail.com>