summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--cache.c16
-rw-r--r--cgit.c2
-rw-r--r--cgit.h1
3 files changed, 18 insertions, 1 deletions
diff --git a/cache.c b/cache.c
index 1ff1251..8df7c26 100644
--- a/cache.c
+++ b/cache.c
@@ -1,28 +1,44 @@
/* cache.c: cache management
*
* Copyright (C) 2006 Lars Hjemli
*
* Licensed under GNU General Public License v2
* (see COPYING for full license text)
*/
#include "cgit.h"
const int NOLOCK = -1;
+char *cache_safe_filename(const char *unsafe)
+{
+ static char buf[PATH_MAX];
+ char *s = buf;
+ char c;
+
+ while(unsafe && (c = *unsafe++) != 0) {
+ if (c == '/' || c == ' ' || c == '&' || c == '|' ||
+ c == '>' || c == '<' || c == '.')
+ c = '_';
+ *s++ = c;
+ }
+ *s = '\0';
+ return buf;
+}
+
int cache_exist(struct cacheitem *item)
{
if (stat(item->name, &item->st)) {
item->st.st_mtime = 0;
return 0;
}
return 1;
}
int cache_create_dirs()
{
char *path;
path = fmt("%s", cgit_cache_root);
if (mkdir(path, S_IRWXU) && errno!=EEXIST)
return 0;
diff --git a/cgit.c b/cgit.c
index d975570..a3a04d9 100644
--- a/cgit.c
+++ b/cgit.c
@@ -9,33 +9,33 @@
#include "cgit.h"
const char cgit_version[] = CGIT_VERSION;
static void cgit_prepare_cache(struct cacheitem *item)
{
if (!cgit_query_repo) {
item->name = xstrdup(fmt("%s/index.html", cgit_cache_root));
item->ttl = cgit_cache_root_ttl;
} else if (!cgit_query_page) {
item->name = xstrdup(fmt("%s/%s/index.html", cgit_cache_root,
cgit_query_repo));
item->ttl = cgit_cache_repo_ttl;
} else {
item->name = xstrdup(fmt("%s/%s/%s/%s.html", cgit_cache_root,
cgit_query_repo, cgit_query_page,
- cgit_querystring));
+ cache_safe_filename(cgit_querystring)));
if (cgit_query_has_symref)
item->ttl = cgit_cache_dynamic_ttl;
else if (cgit_query_has_sha1)
item->ttl = cgit_cache_static_ttl;
else
item->ttl = cgit_cache_repo_ttl;
}
}
static void cgit_print_repo_page(struct cacheitem *item)
{
if (chdir(fmt("%s/%s", cgit_root, cgit_query_repo)) ||
cgit_read_config("info/cgit", cgit_repo_config_cb)) {
char *title = fmt("%s - %s", cgit_root_title, "Bad request");
cgit_print_docstart(title, item);
cgit_print_pageheader(title, 0);
diff --git a/cgit.h b/cgit.h
index f915c86..3601e49 100644
--- a/cgit.h
+++ b/cgit.h
@@ -74,32 +74,33 @@ extern void *cgit_free_commitinfo(struct commitinfo *info);
extern char *fmt(const char *format,...);
extern void html(const char *txt);
extern void htmlf(const char *format,...);
extern void html_txt(char *txt);
extern void html_ntxt(int len, char *txt);
extern void html_attr(char *txt);
extern void html_hidden(char *name, char *value);
extern void html_link_open(char *url, char *title, char *class);
extern void html_link_close(void);
extern void html_filemode(unsigned short mode);
extern int cgit_read_config(const char *filename, configfn fn);
extern int cgit_parse_query(char *txt, configfn fn);
extern struct commitinfo *cgit_parse_commit(struct commit *commit);
+extern char *cache_safe_filename(const char *unsafe);
extern int cache_lock(struct cacheitem *item);
extern int cache_unlock(struct cacheitem *item);
extern int cache_cancel_lock(struct cacheitem *item);
extern int cache_exist(struct cacheitem *item);
extern int cache_expired(struct cacheitem *item);
extern char *cgit_repourl(const char *reponame);
extern char *cgit_pageurl(const char *reponame, const char *pagename,
const char *query);
extern void cgit_print_error(char *msg);
extern void cgit_print_date(unsigned long secs);
extern void cgit_print_docstart(char *title, struct cacheitem *item);
extern void cgit_print_docend();
extern void cgit_print_pageheader(char *title, int show_search);