Age | Commit message (Collapse) | Author | Files | Lines |
|
If parse_commit() fails, none of the fields in the commit structure will
have been populated so we will dereference NULL when accessing
item->tree.
There isn't much we can do about the error at this point, but if we
return true then we'll try parsing the commit again from print_commit()
and we can report an error to the user at that point.
Coverity-id: 13801
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
|
|
Unrestricts plain/ to contents likely to be executed by browser.
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Peter Colberg <peter@colberg.org>
|
|
Return HTTP status code 404 Not found when querying a non-existent
repository, which signals to search engines that a repository no
longer exists. Further, some webservers such as nginx permit
logging requests to different files depending on the HTTP code.
Signed-off-by: Peter Colberg <peter@colberg.org>
|
|
Signed-off-by: Peter Colberg <peter@colberg.org>
|
|
The ctx.qry.page variable might be unset at this point, e.g. when an
invalid command is passed and cgit_print_pageheader() is called to show
an error message.
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
|
|
Update to git version v2.7.0.
* Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove
get_object_hash.) changed API:
Convert all instances of get_object_hash to use an appropriate
reference to the hash member of the oid member of struct object.
This provides no functional change, as it is essentially a macro
substitution.
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
readfile() can fail if the agefile is not readable. Make sure free()
does not free an ininitialized string.
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
ctx.env.content_length is an unsigned int, coming from the
CONTENT_LENGTH environment variable, which is parsed by strtoul. The
HTTP/1.1 spec says that "any Content-Length greater than or equal to
zero is a valid value." By storing this into an int, we potentially
overflow it, resulting in the following bounding check failing, leading
to a buffer overflow.
Reported-by: Erik Cabetas <Erik@cabetas.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Coverity-id: 13910
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13945
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13946
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13947
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13944
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13943
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13939
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13940
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13930
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13931
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13927
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13918
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13929
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Coverity-id: 13938
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
findstring is defined as $(findstring FIND,IN) so if multiple flags are
set these tests do the wrong thing unless $(MAKEFLAGS) is the second
argument.
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
There is no way that "tag" can be null here.
Coverity-id: 13950
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
We have already called strlen() on "path" by the time we get here, so we
know it can't be null.
Coverity-id: 13954
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
parse_configfile() takes a "const char *" and doesn't hold any
references to it after it returns; there is no reason to pass it a
duplicate.
Coverity-id: 13941
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
Everywhere else in this function we do not check whether the value is
null and parse_configfile() never passes a null value to this callback.
Coverity-id: 13846
Signed-off-by: John Keeping <john@keeping.me.uk>
|
|
Update to git version v2.6.1, no changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The about page used to display just fine, but images were broken: The
binary image data was embedded in html code.
Use cgit_print_plain() to send images in plain mode and make them
available on about page.
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
* handle mimetype within a single function
* return allocated memory on success
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|