From 4174da45a36fdf2f65914f22865dcc48433554c2 Mon Sep 17 00:00:00 2001 From: Robby Workman Date: Thu, 24 Aug 2017 19:22:28 -0500 Subject: development/cgit: Include some upstream git patches Some general bugfixes, but more importantly, patch 0005 fixes a segfault in git's pathspec.c that we were seeing on the SBo git server. Thanks to John Keeping (cgit contributor) for helping with debug suggestions and identifying the specific commit we needed to fix it. Signed-off-by: Robby Workman --- ...ed-don-t-print-path-crumbs-without-a-repo.patch | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch (limited to 'development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch') diff --git a/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch b/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch new file mode 100644 index 0000000000..99af79c4ba --- /dev/null +++ b/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch @@ -0,0 +1,37 @@ +From 1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0 Mon Sep 17 00:00:00 2001 +From: John Keeping +Date: Sun, 19 Feb 2017 12:27:48 +0000 +Subject: [PATCH 12/15] ui-shared: don't print path crumbs without a repo + +cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo +is non-null. Currently we don't have any commands that set want_vpath +without also setting want_repo so it shouldn't be possible to fail this +test, but the check in cgit.c is in the wrong order so it is possible to +specify a query string like "?p=log&path=foo/bar" to end up here without +a valid repository. + +This was found by American fuzzy lop [0]. + +[0] http://lcamtuf.coredump.cx/afl/ + +Signed-off-by: John Keeping +--- + ui-shared.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ui-shared.c b/ui-shared.c +index 2e4fcd9..e5c9a02 100644 +--- a/ui-shared.c ++++ b/ui-shared.c +@@ -1039,7 +1039,7 @@ void cgit_print_pageheader(void) + free(currenturl); + } + html("\n"); +- if (ctx.env.authenticated && ctx.qry.vpath) { ++ if (ctx.env.authenticated && ctx.repo && ctx.qry.vpath) { + html("
"); + html("path: "); + cgit_print_path_crumbs(ctx.qry.vpath); +-- +2.14.1 + -- cgit v1.2.3