From: Jakub Narebski <jnareb@gmail.com>
To: rajesh boyapati <boyapatisrajesh@gmail.com>
Cc: git@vger.kernel.org
Subject: [PATCH] gitweb: Harden parse_commit and parse_commits
Date: Wed, 8 Feb 2012 16:04:16 +0100 [thread overview]
Message-ID: <201202081604.17187.jnareb@gmail.com> (raw)
In-Reply-To: <201202071753.12436.jnareb@gmail.com>
On Tue, 7 Feb 2012, Jakub Narebski wrote:
> On Mon, 6 Feb 2012, rajesh boyapati wrote:
[...]
> > Then, I restarted gerrit server to take changes.
> > Now the error log of gerrit shows:
>
> > [2012-02-06 11:21:46,726] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision
> > 'HEAD'
> > [2012-02-06 11:21:49,167] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: [Mon Feb 6 11:21:49
> > 2012] gitweb.cgi: Use of uninitialized value $commit_id in open at
> > /usr/lib/cgi-bin/gitweb.cgi line 2817.
> > [2012-02-06 11:21:49,169] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision ''
> [the same errors repeated few times]
>
> > <<<<<<<<<<<<<<<<
> > Previously, there is a error showing at line 4720. Now, with this patch,
> > that error has gone.
>
> As I said I was able to find a fix only for part of the issue.
> Unfortunately I was not able to reproduce this error in this form.
> Note that the error location doesn't help much, because it is more
> interesting for find which callers of parse_commits() pass undefined
> $commit_id.
>
> I can try to harden parse_commits() against bogus parameters; maybe
> this would help.
Does the following patch help, and does it fix the issue?
(Nb. you can try to simply change filename, and apply it with fuzz
against index.cgi file).
-- >8 -- ----- ----- ----- ----- ----- -- >8 --
From: Jakub Narebski <jnareb@gmail.com>
Subject: [PATCH] gitweb: Harden parse_commit and parse_commits
Gitweb has problems and gives errors when repository it shows is on
unborn branch (HEAD doesn't point to a valid commit), but there exist
other branches.
One of errors that shows in gitweb logs is undefined $commit_id in
parse_commits() subroutine. Therefore we harden both parse_commit()
and parse_commits() against undefined $commit_id, and against no
output from git-rev-list because HEAD doesn't point to a commit.
Reported-by: rajesh boyapati <boyapatisrajesh@gmail.com>
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
---
gitweb/gitweb.perl | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index f9535eb..1181aeb 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -3334,6 +3334,8 @@ sub parse_commit {
my ($commit_id) = @_;
my %co;
+ return unless defined $commit_id;
+
local $/ = "\0";
open my $fd, "-|", git_cmd(), "rev-list",
@@ -3343,7 +3345,9 @@ sub parse_commit {
$commit_id,
"--",
or die_error(500, "Open git-rev-list failed");
- %co = parse_commit_text(<$fd>, 1);
+ my $commit_text = <$fd>;
+ %co = parse_commit_text($commit_text, 1)
+ if defined $commit_text;
close $fd;
return %co;
@@ -3353,6 +3357,7 @@ sub parse_commits {
my ($commit_id, $maxcount, $skip, $filename, @args) = @_;
my @cos;
+ return unless defined $commit_id;
$maxcount ||= 1;
$skip ||= 0;
--
1.7.9
next prev parent reply other threads:[~2012-02-08 15:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5fa08a8b-f0a2-4796-bf0d-06a8f13bf703@b23g2000yqn.googlegroups.com>
2012-01-27 18:15 ` Fwd: Git-web error rajesh boyapati
2012-01-27 21:39 ` Fwd: Gitweb error Jakub Narebski
[not found] ` <CA+EqV8w5qz+iwg_PPB4M5Q-LS48B=yncR9UdR-r58BLtAEPPrA@mail.gmail.com>
2012-01-29 0:37 ` Jakub Narebski
[not found] ` <CA+EqV8xB6vcDrqM3EY7uRfu0c7sOj6FbMXci+5w2qgi5RSWrbw@mail.gmail.com>
2012-01-30 19:08 ` Jakub Narebski
[not found] ` <CA+EqV8y3dhR8+PJbMxMNEsGjDOx6dxtPYjn8kDvAZxCAO7iS5w@mail.gmail.com>
2012-02-03 21:33 ` [PATCH] gitweb: Deal with HEAD pointing to unborn branch in "heads" view Jakub Narebski
[not found] ` <CA+EqV8w6k2VrEtMydhGKZHbQdXHxCE3WA_0rtS-AY4cmQvii=A@mail.gmail.com>
2012-02-07 16:53 ` Jakub Narebski
2012-02-08 15:04 ` Jakub Narebski [this message]
[not found] ` <CA+EqV8xiLYo8XE--c1QfuXdhentUFpHqfPYXHt72eCpEA_hCNQ@mail.gmail.com>
2012-02-09 20:14 ` [PATCH] gitweb: Harden parse_commit and parse_commits Jakub Narebski
2012-02-11 13:02 ` [PATCH] gitweb: Silence stderr in parse_commit*() subroutines Jakub Narebski
[not found] ` <CA+EqV8xTsavQFWsoijrt+0UcfxSZO2voL=CawrRPvDeB=qHQfg@mail.gmail.com>
2012-02-13 18:15 ` Jakub Narebski
[not found] ` <CA+EqV8xin_ubOoGouhHz2qnzoHrpMMQsjUTXnrtmsxRTLPZtZQ@mail.gmail.com>
2012-02-13 19:04 ` Jakub Narebski
[not found] ` <CA+EqV8w5jCHa2NY+NLaht901Qk=kQvALG3EA6BkePiGow3YFeQ@mail.gmail.com>
2012-02-15 10:04 ` Jakub Narebski
2012-02-13 18:44 ` Junio C Hamano
2012-02-13 19:12 ` Jakub Narebski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201202081604.17187.jnareb@gmail.com \
--to=jnareb@gmail.com \
--cc=boyapatisrajesh@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.