cgit/ui-summary.c, branch lf/filter

filter: return on null filter from open and close

2014-01-14T01:00:07Z

So that we don't have to include the if(filter) open_filter(filter) block everywhere, we introduce the guard in the function itself. This should simplify quite a bit of code. Signed-off-by: Jason A. Donenfeld

filter: pass extra arguments via cgit_open_filter

2014-01-12T19:20:20Z

This avoids poking into the filter data structure at various points in the code. We rely on the fact that the number of arguments is fixed based on the filter type (set in cgit_new_filter) and that the call sites all know which filter type they're using. Signed-off-by: John Keeping

Replace most uses of strncmp() with prefixcmp()

2014-01-10T16:01:29Z

This is a preparation for replacing all prefix checks with either strip_prefix() or starts_with() when Git 1.8.6 is released. Signed-off-by: Lukas Fleischer

Update copyright information

2014-01-08T14:10:49Z

* Name "cgit Development Team" as copyright holder to avoid listing every single developer. * Update copyright ranges. Signed-off-by: Lukas Fleischer

ui-summary: do not free ref

2013-05-28T07:31:45Z

Signed-off-by: Jason A. Donenfeld

readme: use string_list instead of space deliminations

2013-05-26T14:30:03Z

Now this is possible in cgitrc - readme=:README.md readme=:readme.md readme=:README.mkd readme=:readme.mkd readme=:README.rst readme=:readme.rst readme=:README.html readme=:readme.html readme=:README.htm readme=:readme.htm readme=:README.txt readme=:readme.txt readme=:README readme=:readme readme=:INSTALL.txt readme=:install.txt readme=:INSTALL readme=:install Suggested-by: John Keeping Signed-off-by: Jason A. Donenfeld

ui-summary: Disallow directory traversal

2013-05-25T18:33:28Z

Using the url= query string, it was possible request arbitrary files from the filesystem if the readme for a given page was set to a filesystem file. The following request would return my /etc/passwd file: http://git.zx2c4.com/?url=/somerepo/about/../../../../etc/passwd http://data.zx2c4.com/cgit-directory-traversal.png This fix uses realpath(3) to canonicalize all paths, and then compares the base components. This fix introduces a subtle timing attack, whereby a client can check whether or not strstr is called using timing measurements in order to determine if a given file exists on the filesystem. This fix also does not account for filesystem race conditions (TOCTOU) in resolving symlinks. Signed-off-by: Jason A. Donenfeld

readme: Accept multiple candidates and test them.

2013-05-25T18:33:28Z

The readme variable may now contain multiple space deliminated entries, which per usual are either a filepath or a git ref filepath. If multiple are specified, cgit will now select the first one in the list that exists. This is to make it easier to specify multiple default readme types in the main cgitrc file and have them automatically get applied to each repo based on what exists. Signed-off-by: Jason A. Donenfeld

ui-summary: Pass filename to about-filter

2013-05-25T18:33:28Z

This gives the about-filter API the same semantics as source-filter, where the filter receives the filename so it can decide what to do next with it. While we're at it, plug a memory leak. Signed-off-by: Jason A. Donenfeld

ui-summary: Use default branch for readme if : prefix

2013-05-25T18:33:28Z

If the readme value begins with ":", and has no specified branch before it, use the repository's default branch. Signed-off-by: Jason A. Donenfeld