summaryrefslogtreecommitdiffabout
authorLars Hjemli <hjemli@gmail.com>2007-12-02 23:39:20 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2007-12-02 23:39:20 (UTC)
commit2216fd6472fe183439df1a39c1c06974abc3f150 (patch) (unidiff)
tree063180038252f9a7116bed384aab20717e4990e4
parent7b346647c9d8cc3b4acccecc3ede526dc4b2fb06 (diff)
downloadcgit-2216fd6472fe183439df1a39c1c06974abc3f150.zip
cgit-2216fd6472fe183439df1a39c1c06974abc3f150.tar.gz
cgit-2216fd6472fe183439df1a39c1c06974abc3f150.tar.bz2
Compare string lengths when parsing the snapshot mask
We used to rely on the result from strncmp() without comparing the length of the strings involved. Even worse, any single-character format specifier would enable zip-format due to the optional '.'-prefix since the length of the mask then would become zero. Noticed-by: Evan Martin <sys@neugierig.org> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--ui-snapshot.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/ui-snapshot.c b/ui-snapshot.c
index 4d1aa88..dfedd8f 100644
--- a/ui-snapshot.c
+++ b/ui-snapshot.c
@@ -101,56 +101,57 @@ void cgit_print_snapshot(struct cacheitem *item, const char *head,
101 args.tree = commit->tree; 101 args.tree = commit->tree;
102 args.time = commit->date; 102 args.time = commit->date;
103 cgit_print_snapshot_start(sat->mimetype, filename, item); 103 cgit_print_snapshot_start(sat->mimetype, filename, item);
104 (*sat->write_func)(&args); 104 (*sat->write_func)(&args);
105 return; 105 return;
106 } 106 }
107 cgit_print_error(fmt("Unsupported snapshot format: %s", filename)); 107 cgit_print_error(fmt("Unsupported snapshot format: %s", filename));
108} 108}
109 109
110void cgit_print_snapshot_links(const char *repo, const char *head, 110void cgit_print_snapshot_links(const char *repo, const char *head,
111 const char *hex, int snapshots) 111 const char *hex, int snapshots)
112{ 112{
113 const struct snapshot_archive_t* sat; 113 const struct snapshot_archive_t* sat;
114 char *filename; 114 char *filename;
115 int f; 115 int f;
116 116
117 for(f=0; f<snapshot_archives_len; f++) { 117 for(f=0; f<snapshot_archives_len; f++) {
118 sat = &snapshot_archives[f]; 118 sat = &snapshot_archives[f];
119 if(!(snapshots & sat->bit)) 119 if(!(snapshots & sat->bit))
120 continue; 120 continue;
121 filename = fmt("%s-%s%s", cgit_repobasename(repo), hex, 121 filename = fmt("%s-%s%s", cgit_repobasename(repo), hex,
122 sat->suffix); 122 sat->suffix);
123 cgit_snapshot_link(filename, NULL, NULL, (char *)head, 123 cgit_snapshot_link(filename, NULL, NULL, (char *)head,
124 (char *)hex, filename); 124 (char *)hex, filename);
125 html("<br/>"); 125 html("<br/>");
126 } 126 }
127} 127}
128 128
129int cgit_parse_snapshots_mask(const char *str) 129int cgit_parse_snapshots_mask(const char *str)
130{ 130{
131 const struct snapshot_archive_t* sat; 131 const struct snapshot_archive_t* sat;
132 static const char *delim = " \t,:/|;"; 132 static const char *delim = " \t,:/|;";
133 int f, tl, rv = 0; 133 int f, tl, sl, rv = 0;
134 134
135 /* favor legacy setting */ 135 /* favor legacy setting */
136 if(atoi(str)) 136 if(atoi(str))
137 return 1; 137 return 1;
138 for(;;) { 138 for(;;) {
139 str += strspn(str,delim); 139 str += strspn(str,delim);
140 tl = strcspn(str,delim); 140 tl = strcspn(str,delim);
141 if(!tl) 141 if(!tl)
142 break; 142 break;
143 for(f=0; f<snapshot_archives_len; f++) { 143 for(f=0; f<snapshot_archives_len; f++) {
144 sat = &snapshot_archives[f]; 144 sat = &snapshot_archives[f];
145 if(!(strncmp(sat->suffix, str, tl) && 145 sl = strlen(sat->suffix);
146 strncmp(sat->suffix+1, str, tl-1))) { 146 if((tl == sl && !strncmp(sat->suffix, str, tl)) ||
147 (tl == sl-1 && !strncmp(sat->suffix+1, str, tl-1))) {
147 rv |= sat->bit; 148 rv |= sat->bit;
148 break; 149 break;
149 } 150 }
150 } 151 }
151 str += tl; 152 str += tl;
152 } 153 }
153 return rv; 154 return rv;
154} 155}
155 156
156/* vim:set sw=8: */ 157/* vim:set sw=8: */