summaryrefslogtreecommitdiffstatshomepage
Commit message (Collapse)AuthorAgeLines
* syntax-highlighting: always use utf-8 to avoid ascii codec issuesJason A. Donenfeld2016-01-18-0/+3
|
* cache: don't check for match with no keyJohn Keeping2016-01-17-2/+3
| | | | | | | | | | | We call open_slot() from cache_ls() without a key since we simply want to read the path out of the header. Should the file happen to contain an empty key then we end up calling memcmp() with NULL and a non-zero length. Fix this by assigning slot->match only if a key is set, which is always will be in the code paths where we use slot->match. Coverity-id: 13807 Signed-off-by: John Keeping <john@keeping.me.uk>
* cache: use size_t for string lengthsJohn Keeping2016-01-17-2/+2
| | | | | | | Avoid integer truncation on 64-bit systems. Coverity-id: 13864 Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-log: handle parse_commit() errorsJohn Keeping2016-01-17-1/+3
| | | | | | | | | | | | | If parse_commit() fails, none of the fields in the commit structure will have been populated so we will dereference NULL when accessing item->tree. There isn't much we can do about the error at this point, but if we return true then we'll try parsing the commit again from print_commit() and we can report an error to the user at that point. Coverity-id: 13801 Signed-off-by: John Keeping <john@keeping.me.uk>
* Bump versionJason A. Donenfeld2016-01-14-1/+1
|
* ui-plain: add enable-html-serving flagJason A. Donenfeld2016-01-14-0/+29
| | | | Unrestricts plain/ to contents likely to be executed by browser.
* ui-blob: set CSP just in caseJason A. Donenfeld2016-01-14-0/+3
|
* ui-blob: always use generic mimetypesJason A. Donenfeld2016-01-14-6/+4
|
* ui-blob: Do not accept mimetype from userJason A. Donenfeld2016-01-14-4/+0
|
* ui-shared: prevent malicious filename from injecting headersJason A. Donenfeld2016-01-14-3/+32
|
* ui-shared: Avoid new line injection into redirect headerJason A. Donenfeld2016-01-14-1/+3
|
* Fix missing prototype declarationsPeter Colberg2016-01-14-15/+15
| | | | Signed-off-by: Peter Colberg <peter@colberg.org>
* ui-repolist: return HTTP 404 if no repositories foundPeter Colberg2016-01-13-3/+17
| | | | | | | | | Return HTTP status code 404 Not found when querying a non-existent repository, which signals to search engines that a repository no longer exists. Further, some webservers such as nginx permit logging requests to different files depending on the HTTP code. Signed-off-by: Peter Colberg <peter@colberg.org>
* ui-repolist: extract repo visibility criteria to separate functionPeter Colberg2016-01-13-3/+10
| | | | Signed-off-by: Peter Colberg <peter@colberg.org>
* Fix segmentation fault in hc()Lukas Fleischer2016-01-13-0/+3
| | | | | | | | The ctx.qry.page variable might be unset at this point, e.g. when an invalid command is passed and cgit_print_pageheader() is called to show an error message. Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
* git: update to v2.7.0Christian Hesse2016-01-13-26/+26
| | | | | | | | | | | | | | Update to git version v2.7.0. * Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove get_object_hash.) changed API: Convert all instances of get_object_hash to use an appropriate reference to the hash member of the oid member of struct object. This provides no functional change, as it is essentially a macro substitution. Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-repolist: initialize char *buf to NULLChristian Hesse2016-01-13-1/+1
| | | | | | | readfile() can fail if the agefile is not readable. Make sure free() does not free an ininitialized string. Signed-off-by: Christian Hesse <mail@eworm.de>
* filter: avoid integer overflow in authenticate_postJason A. Donenfeld2015-11-24-1/+1
| | | | | | | | | | | | ctx.env.content_length is an unsigned int, coming from the CONTENT_LENGTH environment variable, which is parsed by strtoul. The HTTP/1.1 spec says that "any Content-Length greater than or equal to zero is a valid value." By storing this into an int, we potentially overflow it, resulting in the following bounding check failing, leading to a buffer overflow. Reported-by: Erik Cabetas <Erik@cabetas.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* about-formatting.sh: comment text out of dateJason A. Donenfeld2015-11-12-1/+1
|
* filters: port syntax-highlighting.py to python 3.xChristian Hesse2015-10-12-10/+9
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* md2html: the default of stdin works fineJason A. Donenfeld2015-10-12-2/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filters: misc cleanupsJason A. Donenfeld2015-10-12-2/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* md2html: use pure pythonJason A. Donenfeld2015-10-12-6/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cache: fix resource leak: close file handle before returnChristian Hesse2015-10-10-3/+9
| | | | | Coverity-id: 13910 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-atom: fix resource leak: free allocation from cgit_pageurlChristian Hesse2015-10-10-1/+4
| | | | | Coverity-id: 13945 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-atom: fix resource leak: free before returnChristian Hesse2015-10-10-1/+2
| | | | | Coverity-id: 13946 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-atom: fix resource leak: free allocation from cgit_repourlChristian Hesse2015-10-10-1/+3
| | | | | Coverity-id: 13947 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-blob: fix resource leak: free before returnChristian Hesse2015-10-10-0/+1
| | | | | Coverity-id: 13944 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-blob: fix resource leak: free before returnChristian Hesse2015-10-10-0/+1
| | | | | Coverity-id: 13943 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-plain: fix resource leak: free before assigning NULLChristian Hesse2015-10-09-1/+3
| | | | | Coverity-id: 13939 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-plain: fix resource leak: free before returnChristian Hesse2015-10-09-0/+1
| | | | | Coverity-id: 13940 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-repolist: fix resource leak: free allocation from cgit_currenturlChristian Hesse2015-10-09-1/+3
| | | | | Coverity-id: 13930 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-repolist: fix resource leak: free before returnChristian Hesse2015-10-09-1/+3
| | | | | Coverity-id: 13931 Signed-off-by: Christian Hesse <mail@eworm.de>
* filters: Simplify convertersJason A. Donenfeld2015-10-09-1734/+284
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui-shared: fix resource leak: free allocation from cgit_hosturlChristian Hesse2015-10-09-2/+3
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: return value of cgit_hosturl is not constChristian Hesse2015-10-09-4/+4
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* cmd: fix resource leak: free allocation from cgit_currenturl and fmtallocChristian Hesse2015-10-09-3/+7
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: fix resource leak: free allocation from cgit_currenturlChristian Hesse2015-10-09-3/+8
| | | | | Coverity-id: 13927 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: return value of cgit_currenturl is not constChristian Hesse2015-10-09-3/+3
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: fix resource leak: free allocation from cgit_fileurlChristian Hesse2015-10-09-5/+11
| | | | | Coverity-id: 13918 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-ssdiff: fix resource leak: free allocation from cgit_fileurlChristian Hesse2015-10-09-2/+6
| | | | | Coverity-id: 13929 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-tree: fix resource leak: free before returnChristian Hesse2015-10-09-0/+1
| | | | | Coverity-id: 13938 Signed-off-by: Christian Hesse <mail@eworm.de>
* Avoid use of non-reentrant functionsJason A. Donenfeld2015-10-09-3/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Makefile: fix MAKEFLAGS tests with multiple flagsJohn Keeping2015-10-09-1/+1
| | | | | | | | findstring is defined as $(findstring FIND,IN) so if multiple flags are set these tests do the wrong thing unless $(MAKEFLAGS) is the second argument. Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-refs: remove useless null checkJohn Keeping2015-10-09-1/+1
| | | | | | | There is no way that "tag" can be null here. Coverity-id: 13950 Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-blob: remove useless null checkJohn Keeping2015-10-09-1/+1
| | | | | | | | We have already called strlen() on "path" by the time we get here, so we know it can't be null. Coverity-id: 13954 Signed-off-by: John Keeping <john@keeping.me.uk>
* scan-tree: remove useless strdup()John Keeping2015-10-09-1/+1
| | | | | | | | | parse_configfile() takes a "const char *" and doesn't hold any references to it after it returns; there is no reason to pass it a duplicate. Coverity-id: 13941 Signed-off-by: John Keeping <john@keeping.me.uk>
* cgit.c: remove useless null checkJohn Keeping2015-10-09-1/+1
| | | | | | | | Everywhere else in this function we do not check whether the value is null and parse_configfile() never passes a null value to this callback. Coverity-id: 13846 Signed-off-by: John Keeping <john@keeping.me.uk>
* git: update to v2.6.1Christian Hesse2015-10-06-1/+1
| | | | | | Update to git version v2.6.1, no changes required. Signed-off-by: Christian Hesse <mail@eworm.de>
* mime: rewrite detection functionJason A. Donenfeld2015-08-17-36/+26
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>