| author | Lars Hjemli <hjemli@gmail.com> | 2007-05-15 21:28:40 (UTC) |
|---|---|---|
| committer | Lars Hjemli <hjemli@gmail.com> | 2007-05-15 21:32:25 (UTC) |
| commit | 47a81c77fdd017227632c4df9a0b7b135b8a738d (patch) (side-by-side diff) | |
| tree | 5ffdd5f4c1af112d50e6bec01de722299ca2e7d1 | |
| parent | ad3b39d3b8443e142a6bfee34d527c99cd5f280d (diff) | |
| download | cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.zip cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.gz cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.bz2 | |
Restrict deep nesting of configfiles
There is no point in restricting the number of included config-
files, but there is a point in restricting the nestinglevel
of configfiles: to avoid recursive inclusions. This is easily
achieved by decrementing the static nesting-variable upon exit
from cgit_read_config().
Also fix some whitespace breakage.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
| -rw-r--r-- | parsing.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -71,11 +71,13 @@ int cgit_read_config(const char *filename, configfn fn) FILE *f; - /* cancel the reading of yet another configfile after 16 invocations */ - if (nesting++ > 16) + /* cancel deeply nested include-commands */ + if (nesting > 8) return -1; if (!(f = fopen(filename, "r"))) return -1; + nesting++; while((len = read_config_line(f, line, &value, sizeof(line))) > 0) (*fn)(line, value); + nesting--; fclose(f); return 0; @@ -109,5 +111,5 @@ int cgit_parse_query(char *txt, configfn fn) t = txt = xstrdup(txt); - + while((c=*t) != '\0') { if (c=='=') { @@ -214,5 +216,5 @@ struct taginfo *cgit_parse_tag(struct tag *tag) return 0; } - + ret = xmalloc(sizeof(*ret)); ret->tagger = NULL; |