From: Jakub Narebski <jnareb@gmail.com>
To: rajesh boyapati <boyapatisrajesh@gmail.com>
Cc: git@vger.kernel.org
Subject: [PATCH] gitweb: Harden parse_commit and parse_commits
Date: Wed, 8 Feb 2012 16:04:16 +0100 [thread overview]
Message-ID: <201202081604.17187.jnareb@gmail.com> (raw)
In-Reply-To: <201202071753.12436.jnareb@gmail.com>
On Tue, 7 Feb 2012, Jakub Narebski wrote:
> On Mon, 6 Feb 2012, rajesh boyapati wrote:
[...]
> > Then, I restarted gerrit server to take changes.
> > Now the error log of gerrit shows:
>
> > [2012-02-06 11:21:46,726] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision
> > 'HEAD'
> > [2012-02-06 11:21:49,167] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: [Mon Feb 6 11:21:49
> > 2012] gitweb.cgi: Use of uninitialized value $commit_id in open at
> > /usr/lib/cgi-bin/gitweb.cgi line 2817.
> > [2012-02-06 11:21:49,169] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision ''
> [the same errors repeated few times]
>
> > <<<<<<<<<<<<<<<<
> > Previously, there is a error showing at line 4720. Now, with this patch,
> > that error has gone.
>
> As I said I was able to find a fix only for part of the issue.
> Unfortunately I was not able to reproduce this error in this form.
> Note that the error location doesn't help much, because it is more
> interesting for find which callers of parse_commits() pass undefined
> $commit_id.
>
> I can try to harden parse_commits() against bogus parameters; maybe
> this would help.
Does the following patch help, and does it fix the issue?
(Nb. you can try to simply change filename, and apply it with fuzz
against index.cgi file).
-- >8 -- ----- ----- ----- ----- ----- -- >8 --
From: Jakub Narebski <jnareb@gmail.com>
Subject: [PATCH] gitweb: Harden parse_commit and parse_commits
Gitweb has problems and gives errors when repository it shows is on
unborn branch (HEAD doesn't point to a valid commit), but there exist
other branches.
One of errors that shows in gitweb logs is undefined $commit_id in
parse_commits() subroutine. Therefore we harden both parse_commit()
and parse_commits() against undefined $commit_id, and against no
output from git-rev-list because HEAD doesn't point to a commit.
Reported-by: rajesh boyapati <boyapatisrajesh@gmail.com>
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
---
gitweb/gitweb.perl | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index f9535eb..1181aeb 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -3334,6 +3334,8 @@ sub parse_commit {
my ($commit_id) = @_;
my %co;
+ return unless defined $commit_id;
+
local $/ = "\0";
open my $fd, "-|", git_cmd(), "rev-list",
@@ -3343,7 +3345,9 @@ sub parse_commit {
$commit_id,
"--",
or die_error(500, "Open git-rev-list failed");
- %co = parse_commit_text(<$fd>, 1);
+ my $commit_text = <$fd>;
+ %co = parse_commit_text($commit_text, 1)
+ if defined $commit_text;
close $fd;
return %co;
@@ -3353,6 +3357,7 @@ sub parse_commits {
my ($commit_id, $maxcount, $skip, $filename, @args) = @_;
my @cos;
+ return unless defined $commit_id;
$maxcount ||= 1;
$skip ||= 0;
--
1.7.9
next prev parent reply other threads:[~2012-02-08 15:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5fa08a8b-f0a2-4796-bf0d-06a8f13bf703@b23g2000yqn.googlegroups.com>
2012-01-27 18:15 ` Fwd: Git-web error rajesh boyapati
2012-01-27 21:39 ` Fwd: Gitweb error Jakub Narebski
[not found] ` <CA+EqV8w5qz+iwg_PPB4M5Q-LS48B=yncR9UdR-r58BLtAEPPrA@mail.gmail.com>
2012-01-29 0:37 ` Jakub Narebski
[not found] ` <CA+EqV8xB6vcDrqM3EY7uRfu0c7sOj6FbMXci+5w2qgi5RSWrbw@mail.gmail.com>
2012-01-30 19:08 ` Jakub Narebski
[not found] ` <CA+EqV8y3dhR8+PJbMxMNEsGjDOx6dxtPYjn8kDvAZxCAO7iS5w@mail.gmail.com>
2012-02-03 21:33 ` [PATCH] gitweb: Deal with HEAD pointing to unborn branch in "heads" view Jakub Narebski
[not found] ` <CA+EqV8w6k2VrEtMydhGKZHbQdXHxCE3WA_0rtS-AY4cmQvii=A@mail.gmail.com>
2012-02-07 16:53 ` Jakub Narebski
2012-02-08 15:04 ` Jakub Narebski [this message]
[not found] ` <CA+EqV8xiLYo8XE--c1QfuXdhentUFpHqfPYXHt72eCpEA_hCNQ@mail.gmail.com>
2012-02-09 20:14 ` [PATCH] gitweb: Harden parse_commit and parse_commits Jakub Narebski
2012-02-11 13:02 ` [PATCH] gitweb: Silence stderr in parse_commit*() subroutines Jakub Narebski
[not found] ` <CA+EqV8xTsavQFWsoijrt+0UcfxSZO2voL=CawrRPvDeB=qHQfg@mail.gmail.com>
2012-02-13 18:15 ` Jakub Narebski
[not found] ` <CA+EqV8xin_ubOoGouhHz2qnzoHrpMMQsjUTXnrtmsxRTLPZtZQ@mail.gmail.com>
2012-02-13 19:04 ` Jakub Narebski
[not found] ` <CA+EqV8w5jCHa2NY+NLaht901Qk=kQvALG3EA6BkePiGow3YFeQ@mail.gmail.com>
2012-02-15 10:04 ` Jakub Narebski
2012-02-13 18:44 ` Junio C Hamano
2012-02-13 19:12 ` Jakub Narebski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201202081604.17187.jnareb@gmail.com \
--to=jnareb@gmail.com \
--cc=boyapatisrajesh@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).