From: Krzesimir Nowak <krzesimir@endocode.com>
To: git@vger.kernel.org
Cc: gitster@pobox.com, jnareb@gmail.com, sunshine@sunshineco.com,
Krzesimir Nowak <krzesimir@endocode.com>
Subject: [PATCH 3/5] gitweb: Return plain booleans in validation methods
Date: Wed, 4 Dec 2013 14:43:01 +0100 [thread overview]
Message-ID: <1386164583-14109-4-git-send-email-krzesimir@endocode.com> (raw)
In-Reply-To: <1386164583-14109-1-git-send-email-krzesimir@endocode.com>
Users of validate_* passing "0" might get failures on correct name
because of coercion of "0" to false in code like:
die_error(500, "invalid ref") unless (check_ref_format ("0"));
Signed-off-by: Krzesimir Nowak <krzesimir@endocode.com>
---
gitweb/gitweb.perl | 45 +++++++++++++++++++++++++--------------------
1 file changed, 25 insertions(+), 20 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index 67415b9..3434602 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -1419,63 +1419,68 @@ sub href {
## validation, quoting/unquoting and escaping
sub validate_action {
- my $input = shift || return undef;
- return undef unless exists $actions{$input};
- return $input;
+ my $input = shift;
+
+ return 0 unless defined $input;
+ return 0 unless exists $actions{$input};
+ return 1;
}
sub validate_project {
- my $input = shift || return undef;
+ my $input = shift;
+
+ return 0 unless defined $input;
if (!validate_pathname($input) ||
!(-d "$projectroot/$input") ||
!check_export_ok("$projectroot/$input") ||
($strict_export && !project_in_list($input))) {
- return undef;
+ return 0;
} else {
- return $input;
+ return 1;
}
}
sub validate_pathname {
- my $input = shift || return undef;
+ my $input = shift;
+ return 0 unless defined $input;
# no '.' or '..' as elements of path, i.e. no '.' nor '..'
# at the beginning, at the end, and between slashes.
# also this catches doubled slashes
if ($input =~ m!(^|/)(|\.|\.\.)(/|$)!) {
- return undef;
+ return 0;
}
# no null characters
if ($input =~ m!\0!) {
- return undef;
+ return 0;
}
- return $input;
+ return 1;
}
sub check_ref_format {
- my $input = shift || return undef;
+ my $input = shift;
+ return 0 unless defined $input;
# restrictions on ref name according to git-check-ref-format
if ($input =~ m!(/\.|\.\.|[\000-\040\177 ~^:?*\[]|/$)!) {
- return undef;
+ return 0;
}
- return $input;
+ return 1;
}
sub validate_refname {
- my $input = shift || return undef;
+ my $input = shift;
+ return undef unless defined $input;
# textual hashes are O.K.
if ($input =~ m/^[0-9a-fA-F]{40}$/) {
- return $input;
+ return 1;
}
# it must be correct pathname
- $input = validate_pathname($input)
- or return undef;
+ validate_pathname($input) or return 0;
# check git-check-ref-format restrictions
- check_ref_format($input)
- or return undef;
- return $input;
+ check_ref_format($input) or return 0;
+ return 1;
}
# decode sequences of octets in utf8 into Perl's internal form,
--
1.8.3.1
next prev parent reply other threads:[~2013-12-04 13:43 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-04 13:42 [PATCH 0/5] Show extra branch refs in gitweb v6 Krzesimir Nowak
2013-12-04 13:42 ` [PATCH 1/5] gitweb: Add a comment explaining the meaning of $/ Krzesimir Nowak
2013-12-04 15:11 ` Jakub Narębski
2013-12-04 15:46 ` Krzesimir Nowak
2013-12-04 16:19 ` Martin Langhoff
2013-12-04 20:28 ` Junio C Hamano
2013-12-05 9:16 ` Krzesimir Nowak
2013-12-04 17:34 ` Jakub Narębski
2013-12-04 17:37 ` Jakub Narębski
2013-12-04 13:43 ` [PATCH 2/5] gitweb: Move check-ref-format code into separate function Krzesimir Nowak
2013-12-04 15:56 ` Jakub Narębski
2013-12-05 9:19 ` Krzesimir Nowak
2013-12-04 20:31 ` Junio C Hamano
2013-12-05 9:18 ` Krzesimir Nowak
2013-12-04 13:43 ` Krzesimir Nowak [this message]
2013-12-04 16:07 ` [PATCH 3/5] gitweb: Return plain booleans in validation methods Jakub Narębski
2013-12-04 18:11 ` Junio C Hamano
2013-12-05 9:23 ` Krzesimir Nowak
2013-12-05 18:16 ` Junio C Hamano
2013-12-05 19:11 ` Jakub Narębski
2013-12-05 20:01 ` Junio C Hamano
2013-12-04 13:43 ` [PATCH 4/5] gitweb: Add a feature for adding more branch refs Krzesimir Nowak
2013-12-04 18:06 ` Jakub Narębski
2013-12-05 10:00 ` Krzesimir Nowak
2013-12-05 11:40 ` Jakub Narębski
2013-12-10 16:04 ` Krzesimir Nowak
2013-12-10 18:54 ` Junio C Hamano
2013-12-10 19:06 ` Jakub Narębski
2013-12-10 19:44 ` Junio C Hamano
2013-12-04 13:43 ` [PATCH 5/5] gitweb: Denote non-heads, non-remotes branches Krzesimir Nowak
2013-12-04 18:54 ` Jakub Narębski
2013-12-04 20:37 ` [PATCH 0/5] Show extra branch refs in gitweb v6 Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1386164583-14109-4-git-send-email-krzesimir@endocode.com \
--to=krzesimir@endocode.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jnareb@gmail.com \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).