summaryrefslogtreecommitdiffabout
authorLars Hjemli <hjemli@gmail.com>2009-01-11 20:23:04 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2009-01-11 20:23:04 (UTC)
commiteb14609dc46461728a065c0a243b338fc32fd762 (patch) (unidiff)
treef00563342db8859f46ac8141fdaa5d4e17eb940e
parent720b6ece90900df9f836a45d8e7f1cd56f62400a (diff)
downloadcgit-eb14609dc46461728a065c0a243b338fc32fd762.zip
cgit-eb14609dc46461728a065c0a243b338fc32fd762.tar.gz
cgit-eb14609dc46461728a065c0a243b338fc32fd762.tar.bz2
Avoid SEGFAULT on invalid requests
When an unknown page is requested, either on the querystring or via PATH_INFO, we end up with a null-referencing cgit_cmd. This null- pointer is then used as argument to the hc() function (which decides what tab to render as 'active'), but this function failed to check if a valid cmd was specified and a SEGFAULT would occur. This patch fixes the issue by introducing a 'fallback-cmd' which specifies what tab to render as 'active' when no valid cmd is requested. While at it, we now also keep track of the active repository even if an invalid cmd was requested since we want to show the error message about the invalid request in the correct context. Noticed-by: Robin Redeker <elmex@ta-sa.org> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--cgit.c1
-rw-r--r--ui-shared.c7
2 files changed, 6 insertions, 2 deletions
diff --git a/cgit.c b/cgit.c
index c82587b..6e5215e 100644
--- a/cgit.c
+++ b/cgit.c
@@ -280,25 +280,24 @@ static int prepare_repo_cmd(struct cgit_context *ctx)
280 } 280 }
281 return 0; 281 return 0;
282} 282}
283 283
284static void process_request(void *cbdata) 284static void process_request(void *cbdata)
285{ 285{
286 struct cgit_context *ctx = cbdata; 286 struct cgit_context *ctx = cbdata;
287 struct cgit_cmd *cmd; 287 struct cgit_cmd *cmd;
288 288
289 cmd = cgit_get_cmd(ctx); 289 cmd = cgit_get_cmd(ctx);
290 if (!cmd) { 290 if (!cmd) {
291 ctx->page.title = "cgit error"; 291 ctx->page.title = "cgit error";
292 ctx->repo = NULL;
293 cgit_print_http_headers(ctx); 292 cgit_print_http_headers(ctx);
294 cgit_print_docstart(ctx); 293 cgit_print_docstart(ctx);
295 cgit_print_pageheader(ctx); 294 cgit_print_pageheader(ctx);
296 cgit_print_error("Invalid request"); 295 cgit_print_error("Invalid request");
297 cgit_print_docend(); 296 cgit_print_docend();
298 return; 297 return;
299 } 298 }
300 299
301 if (cmd->want_repo && !ctx->repo) { 300 if (cmd->want_repo && !ctx->repo) {
302 cgit_print_http_headers(ctx); 301 cgit_print_http_headers(ctx);
303 cgit_print_docstart(ctx); 302 cgit_print_docstart(ctx);
304 cgit_print_pageheader(ctx); 303 cgit_print_pageheader(ctx);
diff --git a/ui-shared.c b/ui-shared.c
index 224e5f3..76cd00d 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -568,33 +568,38 @@ void add_hidden_formfields(int incl_head, int incl_search, char *page)
568 html_hidden("id", ctx.qry.sha1); 568 html_hidden("id", ctx.qry.sha1);
569 if (ctx.qry.sha2) 569 if (ctx.qry.sha2)
570 html_hidden("id2", ctx.qry.sha2); 570 html_hidden("id2", ctx.qry.sha2);
571 571
572 if (incl_search) { 572 if (incl_search) {
573 if (ctx.qry.grep) 573 if (ctx.qry.grep)
574 html_hidden("qt", ctx.qry.grep); 574 html_hidden("qt", ctx.qry.grep);
575 if (ctx.qry.search) 575 if (ctx.qry.search)
576 html_hidden("q", ctx.qry.search); 576 html_hidden("q", ctx.qry.search);
577 } 577 }
578} 578}
579 579
580const char *fallback_cmd = "repolist";
581
580char *hc(struct cgit_cmd *cmd, const char *page) 582char *hc(struct cgit_cmd *cmd, const char *page)
581{ 583{
582 return (strcmp(cmd->name, page) ? NULL : "active"); 584 return (strcmp(cmd ? cmd->name : fallback_cmd, page) ? NULL : "active");
583} 585}
584 586
585void cgit_print_pageheader(struct cgit_context *ctx) 587void cgit_print_pageheader(struct cgit_context *ctx)
586{ 588{
587 struct cgit_cmd *cmd = cgit_get_cmd(ctx); 589 struct cgit_cmd *cmd = cgit_get_cmd(ctx);
588 590
591 if (!cmd && ctx->repo)
592 fallback_cmd = "summary";
593
589 html("<table id='header'>\n"); 594 html("<table id='header'>\n");
590 html("<tr>\n"); 595 html("<tr>\n");
591 html("<td class='logo' rowspan='2'><a href='"); 596 html("<td class='logo' rowspan='2'><a href='");
592 if (ctx->cfg.logo_link) 597 if (ctx->cfg.logo_link)
593 html_attr(ctx->cfg.logo_link); 598 html_attr(ctx->cfg.logo_link);
594 else 599 else
595 html_attr(cgit_rooturl()); 600 html_attr(cgit_rooturl());
596 html("'><img src='"); 601 html("'><img src='");
597 html_attr(ctx->cfg.logo); 602 html_attr(ctx->cfg.logo);
598 html("' alt='cgit logo'/></a></td>\n"); 603 html("' alt='cgit logo'/></a></td>\n");
599 604
600 html("<td class='main'>"); 605 html("<td class='main'>");