From: Jakub Narebski <jnareb@gmail.com>
To: rajesh boyapati <boyapatisrajesh@gmail.com>
Cc: git@vger.kernel.org
Subject: [PATCH] gitweb: Silence stderr in parse_commit*() subroutines
Date: Sat, 11 Feb 2012 14:02:30 +0100 [thread overview]
Message-ID: <201202111402.31684.jnareb@gmail.com> (raw)
In-Reply-To: <201202092114.40832.jnareb@gmail.com>
On Thu, 9 Feb 2012, Jakub Narebski wrote:
> On Wed, 8 Feb 2012, rajesh boyapati wrote:
> > 2012/2/8 Jakub Narebski <jnareb@gmail.com>
>
> [...]
> > > Does the following patch help, and does it fix the issue?
> > >
> > > (Nb. you can try to simply change filename, and apply it with fuzz
> > > against index.cgi file).
> > > -- >8 -- ----- ----- ----- ----- ----- -- >8 --
> > > From: Jakub Narebski <jnareb@gmail.com>
> > > Subject: [PATCH] gitweb: Harden parse_commit and parse_commits
> [...]
> > When I applied the above patch and also the patch from your previous
> > e-mail, I am getting this error
> > >>>>>>>>>>>>>
> > [2012-02-08 14:09:58,396] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision
> > 'HEAD'
> > [2012-02-08 14:10:06,732] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision
> > 'HEAD'
> > [2012-02-08 14:10:11,404] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: bad revision
> > 'HEAD'
> > [2012-02-08 14:10:15,270] ERROR
> > com.google.gerrit.httpd.gitweb.GitWebServlet : CGI: fatal: Not a valid
> > object name HEAD
> > <<<<<<<<<<<<<<
> > With these patches, the previous errors at line numbers are gone.
>
> Thanks for information.
>
>
> This final issue will be a bit harder to fix. This error message
>
> fatal: bad revision 'HEAD'
>
> comes from git (I think from "git rev-list" command), and not from gitweb.
> It is printed on STDERR of git command. What has to be done to fix it is
> to capture stderr of a process, or silence it.
>
> Unfortunately it is not that easy. We use list form of open, which avoids
> using a shell interpreter to run command, and is safer wrt. shell escaping.
>
> The only place where gitweb cares about redirecting standard error from git
> command is git_object(). It is a bit hacky, and might be not entirely safe.
> To fix this issue we would have to do the same in parse_commit*() as in
> git_object(), or provide some kind of wrapper like IPC::Run provides
> for redirecting stderr of called command.
>
> Note that this issue was not considered very important, because this message
> doesn't goes into web server logs when running gitweb via mod_cgi with
> Apache... and probably also with other web servers. Gerrit (or rather
> whatever it uses for serving CGI scripts) might be exception here.
Anyway, here is the patch that should fix those "CGI: fatal: Not a valid
object name HEAD" errors for you.
I'll resend the all the patches as single patch series for inclusion in
git, but I am not sure if this latest patch will be accepted because of
drawbacks of its implementation.
-- >8 ---- ----- ----- ----- >8 --
From: Jakub Narebski <jnareb@gmail.com>
Subject: [PATCH] gitweb: Silence stderr in parse_commit*() subroutines
git-rev-list command in parse_commit() and parse_commits() can fail
because $commit_id doesn't point to a valid commit; for example if we
are on unborn branch HEAD doesn't point to a valid commit.
In this case git-rev-list prints
fatal: bad revision 'HEAD'
on its standard error. This commit silences this warning, at the cost
of using shell to redirect it to /dev/null, and relying on
quote_command() to protect against code injection.
Note however that such error message from git (from extrenal command)
usually but not always does not appear in web server logs.
Reported-by: rajesh boyapati <boyapatisrajesh@gmail.com>
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
---
gitweb/gitweb.perl | 10 ++++++----
1 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index 1181aeb..081ac45 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -3338,12 +3338,13 @@ sub parse_commit {
local $/ = "\0";
- open my $fd, "-|", git_cmd(), "rev-list",
+ open my $fd, "-|", quote_command(
+ git_cmd(), "rev-list",
"--parents",
"--header",
"--max-count=1",
$commit_id,
- "--",
+ "--") . ' 2>/dev/null',
or die_error(500, "Open git-rev-list failed");
my $commit_text = <$fd>;
%co = parse_commit_text($commit_text, 1)
@@ -3363,7 +3364,8 @@ sub parse_commits {
local $/ = "\0";
- open my $fd, "-|", git_cmd(), "rev-list",
+ open my $fd, "-|", quote_command(
+ git_cmd(), "rev-list",
"--header",
@args,
("--max-count=" . $maxcount),
@@ -3371,7 +3373,7 @@ sub parse_commits {
@extra_options,
$commit_id,
"--",
- ($filename ? ($filename) : ())
+ ($filename ? ($filename) : ())) . ' 2>/dev/null'
or die_error(500, "Open git-rev-list failed");
while (my $line = <$fd>) {
my %co = parse_commit_text($line);
--
1.7.9
next prev parent reply other threads:[~2012-02-11 13:02 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5fa08a8b-f0a2-4796-bf0d-06a8f13bf703@b23g2000yqn.googlegroups.com>
2012-01-27 18:15 ` Fwd: Git-web error rajesh boyapati
2012-01-27 21:39 ` Fwd: Gitweb error Jakub Narebski
[not found] ` <CA+EqV8w5qz+iwg_PPB4M5Q-LS48B=yncR9UdR-r58BLtAEPPrA@mail.gmail.com>
2012-01-29 0:37 ` Jakub Narebski
[not found] ` <CA+EqV8xB6vcDrqM3EY7uRfu0c7sOj6FbMXci+5w2qgi5RSWrbw@mail.gmail.com>
2012-01-30 19:08 ` Jakub Narebski
[not found] ` <CA+EqV8y3dhR8+PJbMxMNEsGjDOx6dxtPYjn8kDvAZxCAO7iS5w@mail.gmail.com>
2012-02-03 21:33 ` [PATCH] gitweb: Deal with HEAD pointing to unborn branch in "heads" view Jakub Narebski
[not found] ` <CA+EqV8w6k2VrEtMydhGKZHbQdXHxCE3WA_0rtS-AY4cmQvii=A@mail.gmail.com>
2012-02-07 16:53 ` Jakub Narebski
2012-02-08 15:04 ` [PATCH] gitweb: Harden parse_commit and parse_commits Jakub Narebski
[not found] ` <CA+EqV8xiLYo8XE--c1QfuXdhentUFpHqfPYXHt72eCpEA_hCNQ@mail.gmail.com>
2012-02-09 20:14 ` Jakub Narebski
2012-02-11 13:02 ` Jakub Narebski [this message]
[not found] ` <CA+EqV8xTsavQFWsoijrt+0UcfxSZO2voL=CawrRPvDeB=qHQfg@mail.gmail.com>
2012-02-13 18:15 ` [PATCH] gitweb: Silence stderr in parse_commit*() subroutines Jakub Narebski
[not found] ` <CA+EqV8xin_ubOoGouhHz2qnzoHrpMMQsjUTXnrtmsxRTLPZtZQ@mail.gmail.com>
2012-02-13 19:04 ` Jakub Narebski
[not found] ` <CA+EqV8w5jCHa2NY+NLaht901Qk=kQvALG3EA6BkePiGow3YFeQ@mail.gmail.com>
2012-02-15 10:04 ` Jakub Narebski
2012-02-13 18:44 ` Junio C Hamano
2012-02-13 19:12 ` Jakub Narebski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201202111402.31684.jnareb@gmail.com \
--to=jnareb@gmail.com \
--cc=boyapatisrajesh@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).