![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a59d4af)
raw | patch | inline | side by side (parent: a59d4af)
| author | Kay Sievers <kay.sievers@suse.de> | |
| Sun, 7 Aug 2005 18:15:57 +0000 (20:15 +0200) | ||
| committer | Kay Sievers <kay.sievers@suse.de> | |
| Sun, 7 Aug 2005 18:15:57 +0000 (20:15 +0200) |
| gitweb.cgi | patch | blob | history |
diff --git a/gitweb.cgi b/gitweb.cgi
index 8c46a3a04bb89c4ab66982c2214386f9de3d1120..c702c9a2ef3850f47da92adcbfe80365896f4a70 100755 (executable)
--- a/gitweb.cgi
+++ b/gitweb.cgi
my $cgi = new CGI;
-my $version = "055";
+my $version = "056";
my $projectroot = "/home/kay/public_html/pub/scm";
my $defaultprojects = "linux/kernel/git";
my $gitbin = "/home/kay/bin/git";
# validate input
if (defined($project) && $project =~ /(^|\/)(|\.|\.\.)($|\/)/) {
- error_page("403 Permission denied", "Invalid project parameter.");
+ die_error("", "Invalid project parameter.");
}
if (defined($action) && !$action =~ m/^[0-9a-zA-Z\.\-]+$/) {
- error_page("403 Permission denied", "Invalid action parameter.");
+ die_error("", "Invalid action parameter.");
}
if (defined($hash) && !($hash =~ m/^[0-9a-fA-F]{40}$/)) {
- error_page("403 Permission denied", "Invalid hash parameter.");
+ die_error("", "Invalid hash parameter.");
}
if (defined($hash_parent) && !($hash_parent =~ m/^[0-9a-fA-F]{40}$/)) {
- error_page("403 Permission denied", "Invalid parent hash parameter.");
+ die_error("", "Invalid parent hash parameter.");
}
if (defined($time_back) && !($time_back =~ m/^[0-9]+$/)) {
- error_page("403 Permission denied", "Invalid time parameter.");
+ die_error("", "Invalid time parameter.");
} else {
$time_back = 1;
}
print "</body>\n</html>";
}
-sub error_page {
- my $status = shift || "403 Permission denied";
+sub die_error {
+ my $status = shift || "403 Forbidden";
my $error = shift || "Malformed query, file missing or permission denied";
git_header_html($status);
print "<div class=\"page_body\">\n" .
sub git_head {
my $path = shift;
- open my $fd, "$projectroot/$path/HEAD";
+ open(my $fd, "$projectroot/$path/HEAD") || die_error("", "Invalid project directory.");;
my $head = <$fd>;
close $fd;
chomp $head;
$co{'committer_name'} =~ s/ <.*//;
}
}
+ if (!defined($co{'tree'})) { die_error("", "Invalid commit object."); }
$co{'parents'} = \@parents;
$co{'parent'} = $parents[0];
my (@comment) = map { chomp; $_ } <$fd>;
# create tmp from-file
if ($from ne "") {
$from_tmp = "$gittmp/gitweb_" . $$ . "_from";
- open my $fd2, "> $from_tmp";
+ open(my $fd2, "> $from_tmp");
open my $fd, "-|", "$gitbin/cat-file blob $from";
my @file = <$fd>;
print $fd2 @file;
# show list of default projects
if ($project eq "") {
- opendir(my $fd, "$projectroot/$defaultprojects");
+ opendir(my $fd, "$projectroot/$defaultprojects") || die_error("", "No projects found.");
my (@users) = sort grep(!/^\./, readdir($fd));
closedir($fd);
git_header_html();
if ($action eq "blob") {
git_header_html();
print "<div class=\"page_body\"><pre><br/><br/>\n";
- open my $fd, "-|", "$gitbin/cat-file blob $hash";
+ open(my $fd, "-|", "$gitbin/cat-file blob $hash");
my $nr;
while (my $line = <$fd>) {
$nr++;
print "</div>";
git_footer_html();
} else {
- error_page("403 Forbidden", "unknown action");
+ die_error("", "unknown action");
}