summaryrefslogtreecommitdiffabout
path: root/parsing.c
authorLars Hjemli <hjemli@gmail.com>2007-05-15 21:28:40 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2007-05-15 21:32:25 (UTC)
commit47a81c77fdd017227632c4df9a0b7b135b8a738d (patch) (unidiff)
tree5ffdd5f4c1af112d50e6bec01de722299ca2e7d1 /parsing.c
parentad3b39d3b8443e142a6bfee34d527c99cd5f280d (diff)
downloadcgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.zip
cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.gz
cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.bz2
Restrict deep nesting of configfiles
There is no point in restricting the number of included config- files, but there is a point in restricting the nestinglevel of configfiles: to avoid recursive inclusions. This is easily achieved by decrementing the static nesting-variable upon exit from cgit_read_config(). Also fix some whitespace breakage. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'parsing.c') (more/less context) (ignore whitespace changes)
-rw-r--r--parsing.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/parsing.c b/parsing.c
index 8e15e5a..36b0f0c 100644
--- a/parsing.c
+++ b/parsing.c
@@ -65,23 +65,25 @@ int read_config_line(FILE *f, char *line, const char **value, int bufsize)
65int cgit_read_config(const char *filename, configfn fn) 65int cgit_read_config(const char *filename, configfn fn)
66{ 66{
67 static int nesting; 67 static int nesting;
68 int len; 68 int len;
69 char line[256]; 69 char line[256];
70 const char *value; 70 const char *value;
71 FILE *f; 71 FILE *f;
72 72
73 /* cancel the reading of yet another configfile after 16 invocations */ 73 /* cancel deeply nested include-commands */
74 if (nesting++ > 16) 74 if (nesting > 8)
75 return -1; 75 return -1;
76 if (!(f = fopen(filename, "r"))) 76 if (!(f = fopen(filename, "r")))
77 return -1; 77 return -1;
78 nesting++;
78 while((len = read_config_line(f, line, &value, sizeof(line))) > 0) 79 while((len = read_config_line(f, line, &value, sizeof(line))) > 0)
79 (*fn)(line, value); 80 (*fn)(line, value);
81 nesting--;
80 fclose(f); 82 fclose(f);
81 return 0; 83 return 0;
82} 84}
83 85
84char *convert_query_hexchar(char *txt) 86char *convert_query_hexchar(char *txt)
85{ 87{
86 int d1, d2; 88 int d1, d2;
87 if (strlen(txt) < 3) { 89 if (strlen(txt) < 3) {
@@ -103,17 +105,17 @@ char *convert_query_hexchar(char *txt)
103int cgit_parse_query(char *txt, configfn fn) 105int cgit_parse_query(char *txt, configfn fn)
104{ 106{
105 char *t, *value = NULL, c; 107 char *t, *value = NULL, c;
106 108
107 if (!txt) 109 if (!txt)
108 return 0; 110 return 0;
109 111
110 t = txt = xstrdup(txt); 112 t = txt = xstrdup(txt);
111 113
112 while((c=*t) != '\0') { 114 while((c=*t) != '\0') {
113 if (c=='=') { 115 if (c=='=') {
114 *t = '\0'; 116 *t = '\0';
115 value = t+1; 117 value = t+1;
116 } else if (c=='+') { 118 } else if (c=='+') {
117 *t = ' '; 119 *t = ' ';
118 } else if (c=='%') { 120 } else if (c=='%') {
119 t = convert_query_hexchar(t); 121 t = convert_query_hexchar(t);
@@ -208,17 +210,17 @@ struct taginfo *cgit_parse_tag(struct tag *tag)
208 char *p, *t; 210 char *p, *t;
209 struct taginfo *ret; 211 struct taginfo *ret;
210 212
211 data = read_sha1_file(tag->object.sha1, &type, &size); 213 data = read_sha1_file(tag->object.sha1, &type, &size);
212 if (!data || type != OBJ_TAG) { 214 if (!data || type != OBJ_TAG) {
213 free(data); 215 free(data);
214 return 0; 216 return 0;
215 } 217 }
216 218
217 ret = xmalloc(sizeof(*ret)); 219 ret = xmalloc(sizeof(*ret));
218 ret->tagger = NULL; 220 ret->tagger = NULL;
219 ret->tagger_email = NULL; 221 ret->tagger_email = NULL;
220 ret->tagger_date = 0; 222 ret->tagger_date = 0;
221 ret->msg = NULL; 223 ret->msg = NULL;
222 224
223 p = data; 225 p = data;
224 226