summaryrefslogtreecommitdiffabout
authorLars Hjemli <hjemli@gmail.com>2009-01-11 20:23:04 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2009-01-11 20:23:04 (UTC)
commiteb14609dc46461728a065c0a243b338fc32fd762 (patch) (unidiff)
treef00563342db8859f46ac8141fdaa5d4e17eb940e
parent720b6ece90900df9f836a45d8e7f1cd56f62400a (diff)
downloadcgit-eb14609dc46461728a065c0a243b338fc32fd762.zip
cgit-eb14609dc46461728a065c0a243b338fc32fd762.tar.gz
cgit-eb14609dc46461728a065c0a243b338fc32fd762.tar.bz2
Avoid SEGFAULT on invalid requests
When an unknown page is requested, either on the querystring or via PATH_INFO, we end up with a null-referencing cgit_cmd. This null- pointer is then used as argument to the hc() function (which decides what tab to render as 'active'), but this function failed to check if a valid cmd was specified and a SEGFAULT would occur. This patch fixes the issue by introducing a 'fallback-cmd' which specifies what tab to render as 'active' when no valid cmd is requested. While at it, we now also keep track of the active repository even if an invalid cmd was requested since we want to show the error message about the invalid request in the correct context. Noticed-by: Robin Redeker <elmex@ta-sa.org> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--cgit.c1
-rw-r--r--ui-shared.c7
2 files changed, 6 insertions, 2 deletions
diff --git a/cgit.c b/cgit.c
index c82587b..6e5215e 100644
--- a/cgit.c
+++ b/cgit.c
@@ -244,97 +244,96 @@ static int prepare_repo_cmd(struct cgit_context *ctx)
244 "config error"); 244 "config error");
245 tmp = fmt("Not a git repository: '%s'", ctx->repo->path); 245 tmp = fmt("Not a git repository: '%s'", ctx->repo->path);
246 ctx->repo = NULL; 246 ctx->repo = NULL;
247 cgit_print_http_headers(ctx); 247 cgit_print_http_headers(ctx);
248 cgit_print_docstart(ctx); 248 cgit_print_docstart(ctx);
249 cgit_print_pageheader(ctx); 249 cgit_print_pageheader(ctx);
250 cgit_print_error(tmp); 250 cgit_print_error(tmp);
251 cgit_print_docend(); 251 cgit_print_docend();
252 return 1; 252 return 1;
253 } 253 }
254 ctx->page.title = fmt("%s - %s", ctx->repo->name, ctx->repo->desc); 254 ctx->page.title = fmt("%s - %s", ctx->repo->name, ctx->repo->desc);
255 255
256 if (!ctx->qry.head) { 256 if (!ctx->qry.head) {
257 ctx->qry.nohead = 1; 257 ctx->qry.nohead = 1;
258 ctx->qry.head = find_default_branch(ctx->repo); 258 ctx->qry.head = find_default_branch(ctx->repo);
259 ctx->repo->defbranch = ctx->qry.head; 259 ctx->repo->defbranch = ctx->qry.head;
260 } 260 }
261 261
262 if (!ctx->qry.head) { 262 if (!ctx->qry.head) {
263 cgit_print_http_headers(ctx); 263 cgit_print_http_headers(ctx);
264 cgit_print_docstart(ctx); 264 cgit_print_docstart(ctx);
265 cgit_print_pageheader(ctx); 265 cgit_print_pageheader(ctx);
266 cgit_print_error("Repository seems to be empty"); 266 cgit_print_error("Repository seems to be empty");
267 cgit_print_docend(); 267 cgit_print_docend();
268 return 1; 268 return 1;
269 } 269 }
270 270
271 if (get_sha1(ctx->qry.head, sha1)) { 271 if (get_sha1(ctx->qry.head, sha1)) {
272 tmp = xstrdup(ctx->qry.head); 272 tmp = xstrdup(ctx->qry.head);
273 ctx->qry.head = ctx->repo->defbranch; 273 ctx->qry.head = ctx->repo->defbranch;
274 cgit_print_http_headers(ctx); 274 cgit_print_http_headers(ctx);
275 cgit_print_docstart(ctx); 275 cgit_print_docstart(ctx);
276 cgit_print_pageheader(ctx); 276 cgit_print_pageheader(ctx);
277 cgit_print_error(fmt("Invalid branch: %s", tmp)); 277 cgit_print_error(fmt("Invalid branch: %s", tmp));
278 cgit_print_docend(); 278 cgit_print_docend();
279 return 1; 279 return 1;
280 } 280 }
281 return 0; 281 return 0;
282} 282}
283 283
284static void process_request(void *cbdata) 284static void process_request(void *cbdata)
285{ 285{
286 struct cgit_context *ctx = cbdata; 286 struct cgit_context *ctx = cbdata;
287 struct cgit_cmd *cmd; 287 struct cgit_cmd *cmd;
288 288
289 cmd = cgit_get_cmd(ctx); 289 cmd = cgit_get_cmd(ctx);
290 if (!cmd) { 290 if (!cmd) {
291 ctx->page.title = "cgit error"; 291 ctx->page.title = "cgit error";
292 ctx->repo = NULL;
293 cgit_print_http_headers(ctx); 292 cgit_print_http_headers(ctx);
294 cgit_print_docstart(ctx); 293 cgit_print_docstart(ctx);
295 cgit_print_pageheader(ctx); 294 cgit_print_pageheader(ctx);
296 cgit_print_error("Invalid request"); 295 cgit_print_error("Invalid request");
297 cgit_print_docend(); 296 cgit_print_docend();
298 return; 297 return;
299 } 298 }
300 299
301 if (cmd->want_repo && !ctx->repo) { 300 if (cmd->want_repo && !ctx->repo) {
302 cgit_print_http_headers(ctx); 301 cgit_print_http_headers(ctx);
303 cgit_print_docstart(ctx); 302 cgit_print_docstart(ctx);
304 cgit_print_pageheader(ctx); 303 cgit_print_pageheader(ctx);
305 cgit_print_error(fmt("No repository selected")); 304 cgit_print_error(fmt("No repository selected"));
306 cgit_print_docend(); 305 cgit_print_docend();
307 return; 306 return;
308 } 307 }
309 308
310 if (ctx->repo && prepare_repo_cmd(ctx)) 309 if (ctx->repo && prepare_repo_cmd(ctx))
311 return; 310 return;
312 311
313 if (cmd->want_layout) { 312 if (cmd->want_layout) {
314 cgit_print_http_headers(ctx); 313 cgit_print_http_headers(ctx);
315 cgit_print_docstart(ctx); 314 cgit_print_docstart(ctx);
316 cgit_print_pageheader(ctx); 315 cgit_print_pageheader(ctx);
317 } 316 }
318 317
319 cmd->fn(ctx); 318 cmd->fn(ctx);
320 319
321 if (cmd->want_layout) 320 if (cmd->want_layout)
322 cgit_print_docend(); 321 cgit_print_docend();
323} 322}
324 323
325int cmp_repos(const void *a, const void *b) 324int cmp_repos(const void *a, const void *b)
326{ 325{
327 const struct cgit_repo *ra = a, *rb = b; 326 const struct cgit_repo *ra = a, *rb = b;
328 return strcmp(ra->url, rb->url); 327 return strcmp(ra->url, rb->url);
329} 328}
330 329
331void print_repo(struct cgit_repo *repo) 330void print_repo(struct cgit_repo *repo)
332{ 331{
333 printf("repo.url=%s\n", repo->url); 332 printf("repo.url=%s\n", repo->url);
334 printf("repo.name=%s\n", repo->name); 333 printf("repo.name=%s\n", repo->name);
335 printf("repo.path=%s\n", repo->path); 334 printf("repo.path=%s\n", repo->path);
336 if (repo->owner) 335 if (repo->owner)
337 printf("repo.owner=%s\n", repo->owner); 336 printf("repo.owner=%s\n", repo->owner);
338 if (repo->desc) 337 if (repo->desc)
339 printf("repo.desc=%s\n", repo->desc); 338 printf("repo.desc=%s\n", repo->desc);
340 if (repo->readme) 339 if (repo->readme)
diff --git a/ui-shared.c b/ui-shared.c
index 224e5f3..76cd00d 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -532,105 +532,110 @@ int print_archive_ref(const char *refname, const unsigned char *sha1,
532 return 0; 532 return 0;
533 hashcpy(fileid, tag->tagged->sha1); 533 hashcpy(fileid, tag->tagged->sha1);
534 } else if (obj->type != OBJ_BLOB) { 534 } else if (obj->type != OBJ_BLOB) {
535 return 0; 535 return 0;
536 } else { 536 } else {
537 hashcpy(fileid, sha1); 537 hashcpy(fileid, sha1);
538 } 538 }
539 if (!*header) { 539 if (!*header) {
540 html("<h1>download</h1>\n"); 540 html("<h1>download</h1>\n");
541 *header = 1; 541 *header = 1;
542 } 542 }
543 url = cgit_pageurl(ctx.qry.repo, "blob", 543 url = cgit_pageurl(ctx.qry.repo, "blob",
544 fmt("id=%s&amp;path=%s", sha1_to_hex(fileid), 544 fmt("id=%s&amp;path=%s", sha1_to_hex(fileid),
545 buf)); 545 buf));
546 html_link_open(url, NULL, "menu"); 546 html_link_open(url, NULL, "menu");
547 html_txt(strlpart(buf, 20)); 547 html_txt(strlpart(buf, 20));
548 html_link_close(); 548 html_link_close();
549 return 0; 549 return 0;
550} 550}
551 551
552void add_hidden_formfields(int incl_head, int incl_search, char *page) 552void add_hidden_formfields(int incl_head, int incl_search, char *page)
553{ 553{
554 char *url; 554 char *url;
555 555
556 if (!ctx.cfg.virtual_root) { 556 if (!ctx.cfg.virtual_root) {
557 url = fmt("%s/%s", ctx.qry.repo, page); 557 url = fmt("%s/%s", ctx.qry.repo, page);
558 if (ctx.qry.path) 558 if (ctx.qry.path)
559 url = fmt("%s/%s", url, ctx.qry.path); 559 url = fmt("%s/%s", url, ctx.qry.path);
560 html_hidden("url", url); 560 html_hidden("url", url);
561 } 561 }
562 562
563 if (incl_head && ctx.qry.head && ctx.repo->defbranch && 563 if (incl_head && ctx.qry.head && ctx.repo->defbranch &&
564 strcmp(ctx.qry.head, ctx.repo->defbranch)) 564 strcmp(ctx.qry.head, ctx.repo->defbranch))
565 html_hidden("h", ctx.qry.head); 565 html_hidden("h", ctx.qry.head);
566 566
567 if (ctx.qry.sha1) 567 if (ctx.qry.sha1)
568 html_hidden("id", ctx.qry.sha1); 568 html_hidden("id", ctx.qry.sha1);
569 if (ctx.qry.sha2) 569 if (ctx.qry.sha2)
570 html_hidden("id2", ctx.qry.sha2); 570 html_hidden("id2", ctx.qry.sha2);
571 571
572 if (incl_search) { 572 if (incl_search) {
573 if (ctx.qry.grep) 573 if (ctx.qry.grep)
574 html_hidden("qt", ctx.qry.grep); 574 html_hidden("qt", ctx.qry.grep);
575 if (ctx.qry.search) 575 if (ctx.qry.search)
576 html_hidden("q", ctx.qry.search); 576 html_hidden("q", ctx.qry.search);
577 } 577 }
578} 578}
579 579
580const char *fallback_cmd = "repolist";
581
580char *hc(struct cgit_cmd *cmd, const char *page) 582char *hc(struct cgit_cmd *cmd, const char *page)
581{ 583{
582 return (strcmp(cmd->name, page) ? NULL : "active"); 584 return (strcmp(cmd ? cmd->name : fallback_cmd, page) ? NULL : "active");
583} 585}
584 586
585void cgit_print_pageheader(struct cgit_context *ctx) 587void cgit_print_pageheader(struct cgit_context *ctx)
586{ 588{
587 struct cgit_cmd *cmd = cgit_get_cmd(ctx); 589 struct cgit_cmd *cmd = cgit_get_cmd(ctx);
588 590
591 if (!cmd && ctx->repo)
592 fallback_cmd = "summary";
593
589 html("<table id='header'>\n"); 594 html("<table id='header'>\n");
590 html("<tr>\n"); 595 html("<tr>\n");
591 html("<td class='logo' rowspan='2'><a href='"); 596 html("<td class='logo' rowspan='2'><a href='");
592 if (ctx->cfg.logo_link) 597 if (ctx->cfg.logo_link)
593 html_attr(ctx->cfg.logo_link); 598 html_attr(ctx->cfg.logo_link);
594 else 599 else
595 html_attr(cgit_rooturl()); 600 html_attr(cgit_rooturl());
596 html("'><img src='"); 601 html("'><img src='");
597 html_attr(ctx->cfg.logo); 602 html_attr(ctx->cfg.logo);
598 html("' alt='cgit logo'/></a></td>\n"); 603 html("' alt='cgit logo'/></a></td>\n");
599 604
600 html("<td class='main'>"); 605 html("<td class='main'>");
601 if (ctx->repo) { 606 if (ctx->repo) {
602 cgit_index_link("index", NULL, NULL, NULL, 0); 607 cgit_index_link("index", NULL, NULL, NULL, 0);
603 html(" : "); 608 html(" : ");
604 cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL); 609 cgit_summary_link(ctx->repo->name, ctx->repo->name, NULL, NULL);
605 html("</td><td class='form'>"); 610 html("</td><td class='form'>");
606 html("<form method='get' action=''>\n"); 611 html("<form method='get' action=''>\n");
607 add_hidden_formfields(0, 1, ctx->qry.page); 612 add_hidden_formfields(0, 1, ctx->qry.page);
608 html("<select name='h' onchange='this.form.submit();'>\n"); 613 html("<select name='h' onchange='this.form.submit();'>\n");
609 for_each_branch_ref(print_branch_option, ctx->qry.head); 614 for_each_branch_ref(print_branch_option, ctx->qry.head);
610 html("</select> "); 615 html("</select> ");
611 html("<input type='submit' name='' value='switch'/>"); 616 html("<input type='submit' name='' value='switch'/>");
612 html("</form>"); 617 html("</form>");
613 } else 618 } else
614 html_txt(ctx->cfg.root_title); 619 html_txt(ctx->cfg.root_title);
615 html("</td></tr>\n"); 620 html("</td></tr>\n");
616 621
617 html("<tr><td class='sub'>"); 622 html("<tr><td class='sub'>");
618 if (ctx->repo) { 623 if (ctx->repo) {
619 html_txt(ctx->repo->desc); 624 html_txt(ctx->repo->desc);
620 html("</td><td class='sub right'>"); 625 html("</td><td class='sub right'>");
621 html_txt(ctx->repo->owner); 626 html_txt(ctx->repo->owner);
622 } else { 627 } else {
623 if (ctx->cfg.root_desc) 628 if (ctx->cfg.root_desc)
624 html_txt(ctx->cfg.root_desc); 629 html_txt(ctx->cfg.root_desc);
625 else if (ctx->cfg.index_info) 630 else if (ctx->cfg.index_info)
626 html_include(ctx->cfg.index_info); 631 html_include(ctx->cfg.index_info);
627 } 632 }
628 html("</td></tr></table>\n"); 633 html("</td></tr></table>\n");
629 634
630 html("<table class='tabs'><tr><td>\n"); 635 html("<table class='tabs'><tr><td>\n");
631 if (ctx->repo) { 636 if (ctx->repo) {
632 cgit_summary_link("summary", NULL, hc(cmd, "summary"), 637 cgit_summary_link("summary", NULL, hc(cmd, "summary"),
633 ctx->qry.head); 638 ctx->qry.head);
634 cgit_refs_link("refs", NULL, hc(cmd, "refs"), ctx->qry.head, 639 cgit_refs_link("refs", NULL, hc(cmd, "refs"), ctx->qry.head,
635 ctx->qry.sha1, NULL); 640 ctx->qry.sha1, NULL);
636 cgit_log_link("log", NULL, hc(cmd, "log"), ctx->qry.head, 641 cgit_log_link("log", NULL, hc(cmd, "log"), ctx->qry.head,