Commit Graph

1398 Commits

Author SHA1 Message Date
Jason A. Donenfeld
4458abf641 filter: avoid integer overflow in authenticate_post
ctx.env.content_length is an unsigned int, coming from the
CONTENT_LENGTH environment variable, which is parsed by strtoul. The
HTTP/1.1 spec says that "any Content-Length greater than or equal to
zero is a valid value." By storing this into an int, we potentially
overflow it, resulting in the following bounding check failing, leading
to a buffer overflow.

Reported-by: Erik Cabetas <Erik@cabetas.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-11-24 11:31:43 +01:00
Jason A. Donenfeld
ffe09621f2 about-formatting.sh: comment text out of date 2015-11-12 04:44:32 +01:00
Christian Hesse
143e65252c filters: port syntax-highlighting.py to python 3.x
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-12 18:36:23 +02:00
Jason A. Donenfeld
3f9e14ada1 md2html: the default of stdin works fine
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-10-12 18:33:46 +02:00
Jason A. Donenfeld
c301899112 filters: misc cleanups
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-10-12 16:47:47 +02:00
Jason A. Donenfeld
ccb4254104 md2html: use pure python
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-10-12 16:42:54 +02:00
Christian Hesse
76dc7a3371 cache: fix resource leak: close file handle before return
Coverity-id: 13910
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:41:04 +02:00
Christian Hesse
ed5dccbeaa ui-atom: fix resource leak: free allocation from cgit_pageurl
Coverity-id: 13945
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:40:26 +02:00
Christian Hesse
144e3c6085 ui-atom: fix resource leak: free before return
Coverity-id: 13946
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:40:05 +02:00
Christian Hesse
97da17b783 ui-atom: fix resource leak: free allocation from cgit_repourl
Coverity-id: 13947
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:39:53 +02:00
Christian Hesse
7320bfa893 ui-blob: fix resource leak: free before return
Coverity-id: 13944
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:39:25 +02:00
Christian Hesse
30802126d4 ui-blob: fix resource leak: free before return
Coverity-id: 13943
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-10 21:38:57 +02:00
Christian Hesse
08a2b818f2 ui-plain: fix resource leak: free before assigning NULL
Coverity-id: 13939
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 15:50:34 +02:00
Christian Hesse
979db79a80 ui-plain: fix resource leak: free before return
Coverity-id: 13940
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 15:50:09 +02:00
Christian Hesse
51338f7658 ui-repolist: fix resource leak: free allocation from cgit_currenturl
Coverity-id: 13930
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 15:49:57 +02:00
Christian Hesse
7ef1a47991 ui-repolist: fix resource leak: free before return
Coverity-id: 13931
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 15:49:39 +02:00
Jason A. Donenfeld
525c815cc4 filters: Simplify converters
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-10-09 15:13:35 +02:00
Christian Hesse
6edfc1672c ui-shared: fix resource leak: free allocation from cgit_hosturl
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:04:42 +02:00
Christian Hesse
f77e2a8cfa ui-shared: return value of cgit_hosturl is not const
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:04:27 +02:00
Christian Hesse
6f2e4400fa cmd: fix resource leak: free allocation from cgit_currenturl and fmtalloc
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:03:58 +02:00
Christian Hesse
3e244a0cca ui-shared: fix resource leak: free allocation from cgit_currenturl
Coverity-id: 13927
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:02:41 +02:00
Christian Hesse
c5c0eb873e ui-shared: return value of cgit_currenturl is not const
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:00:56 +02:00
Christian Hesse
37fce9916a ui-shared: fix resource leak: free allocation from cgit_fileurl
Coverity-id: 13918
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 13:59:46 +02:00
Christian Hesse
fa5810ed8e ui-ssdiff: fix resource leak: free allocation from cgit_fileurl
Coverity-id: 13929
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 13:59:24 +02:00
Christian Hesse
896cd69dde ui-tree: fix resource leak: free before return
Coverity-id: 13938
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 13:58:25 +02:00
Jason A. Donenfeld
ad006918a5 Avoid use of non-reentrant functions
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-10-09 11:01:04 +02:00
John Keeping
35b3c67ac2 Makefile: fix MAKEFLAGS tests with multiple flags
findstring is defined as $(findstring FIND,IN) so if multiple flags are
set these tests do the wrong thing unless $(MAKEFLAGS) is the second
argument.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-10-09 10:56:06 +02:00
John Keeping
198a4404b9 ui-refs: remove useless null check
There is no way that "tag" can be null here.

Coverity-id: 13950
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-10-09 10:54:48 +02:00
John Keeping
509488d85c ui-blob: remove useless null check
We have already called strlen() on "path" by the time we get here, so we
know it can't be null.

Coverity-id: 13954
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-10-09 10:54:38 +02:00
John Keeping
687cdf6968 scan-tree: remove useless strdup()
parse_configfile() takes a "const char *" and doesn't hold any
references to it after it returns; there is no reason to pass it a
duplicate.

Coverity-id: 13941
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-10-09 10:54:30 +02:00
John Keeping
94182d6031 cgit.c: remove useless null check
Everywhere else in this function we do not check whether the value is
null and parse_configfile() never passes a null value to this callback.

Coverity-id: 13846
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-10-09 10:54:19 +02:00
Christian Hesse
978ce8c00c git: update to v2.6.1
Update to git version v2.6.1, no changes required.

Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-06 16:39:06 +02:00
Jason A. Donenfeld
73f199be3f mime: rewrite detection function
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-08-17 14:49:28 +02:00
Christian Hesse
790d2498cb ui-summary: send images plain for about page
The about page used to display just fine, but images were broken: The
binary image data was embedded in html code.
Use cgit_print_plain() to send images in plain mode and make them
available on about page.

Signed-off-by: Christian Hesse <mail@eworm.de>
2015-08-17 14:42:58 +02:00
Christian Hesse
aa943bc9a6 refactor get_mimetype_from_file() to get_mimetype_for_filename()
* handle mimetype within a single function
* return allocated memory on success

Signed-off-by: Christian Hesse <mail@eworm.de>
2015-08-17 14:25:08 +02:00
Christian Hesse
f5c83d7b5d move get_mimetype_from_file() to shared
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-08-17 14:25:08 +02:00
John Keeping
73ef8567f0 cmd: fix command definition
The previous commit removed the "pre" field from "struct cgit_cmd" but
forgot to update this macro.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2015-08-14 16:41:22 +02:00
Jason A. Donenfeld
03de473354 cmd: no need for pre function hook now
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2015-08-14 15:54:32 +02:00
John Keeping
c5975ae566 ui-shared: cache errors for "dynamic TTL"
Most errors we generate are (potentially) transient, such as
non-existent object IDs so we don't want them to be cached forever.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
a420c7ce9b cmd: remove "want_layout" field
No commands use this any more.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
9c70c0bfdb tree: move layout into page function
This also allows us to return proper HTTP error codes when the requested
tree is not found and display an error message in one case (invalid path
inside valid commit) where we previously just displayed an empty page.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
696a33b66f tag: move layout into page function
This also allows us to return proper HTTP error codes when something
goes wrong.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
a3daa41b78 summary: move layout into page function
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
892c5441f4 stats: move layout into page function
This also allows us to return proper HTTP error codes for invalid
requests.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
6d39dd1914 refs: move layout to page function
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
23c17d8ff0 log: move layout into page function
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
3b220eb22d diff: move layout to page function
The existing "show_ctrls" flag is used to control whether we are running
in an existing page or control the page ourselves.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
c53a15c77a commit: move layout into page function
This allows us to return a proper HTTP status code when an object is not
found by switching from cgit_print_error() to cgit_print_error_page().

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
51d9176e4b about: move layout into page functions
Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00
John Keeping
764987980e ui-shared: add cgit_print_layout_{start,end}()
These will avoid needing to call three functions to start page layout in
subsequent patches when we move the layout setup into each individual
page.

Signed-off-by: John Keeping <john@keeping.me.uk>
2015-08-14 15:46:51 +02:00