From d05c19eeb2cc9341ba3e9b629d99b87cdb1e4bb9 Mon Sep 17 00:00:00 2001 From: Kay Sievers Date: Sun, 7 Aug 2005 20:27:49 +0200 Subject: [PATCH] v229 --- gitweb.cgi | 43 +++++++++++++++++++++++++++---------------- 1 file changed, 27 insertions(+), 16 deletions(-) diff --git a/gitweb.cgi b/gitweb.cgi index 9a45684806..0e2a9602c4 100755 --- a/gitweb.cgi +++ b/gitweb.cgi @@ -15,7 +15,7 @@ use CGI::Carp qw(fatalsToBrowser); use Fcntl ':mode'; my $cgi = new CGI; -my $version = "227"; +my $version = "229"; my $my_url = $cgi->url(); my $my_uri = $cgi->url(-absolute => 1); my $rss_link = ""; @@ -94,13 +94,24 @@ if (defined $file_name) { my $hash = $cgi->param('h'); if (defined $hash) { - if ($hash =~ m/(^|\/)(|\.|\.\.)($|\/)/) { - undef $hash; - die_error(undef, "Non-canonical hash parameter."); - } - if ($hash =~ m/[^a-zA-Z0-9_\.\/\-\+\#\~\:\!]/) { - undef $hash; - die_error(undef, "Invalid character in hash parameter."); + if (!($hash =~ m/^[0-9a-fA-F]{40}$/)) { + if ($hash =~ m/(^|\/)(|\.|\.\.)($|\/)/) { + undef $hash; + die_error(undef, "Non-canonical hash parameter."); + } + if ($hash =~ m/[^a-zA-Z0-9_\.\/\-\+\#\~\:\!]/) { + undef $hash; + die_error(undef, "Invalid character in hash parameter."); + } + # replace branch-name with hash + my $branchlist = git_read_refs("refs/heads"); + foreach my $entry (@$branchlist) { + my %branch = %$entry; + if ($branch{'name'} eq $hash) { + $hash = $branch{'id'}; + last; + } + } } } @@ -915,14 +926,14 @@ sub git_summary { if ($i-- > 0) { print "$tag{'age'}\n" . "" . - $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'name'}", -class => "list"}, "" . + $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'id'}", -class => "list"}, "" . escapeHTML($tag{'name'}) . "") . "\n" . "" . - $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'name'}"}, $tag{'type'}); + $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'id'}"}, $tag{'type'}); if ($tag{'type'} eq "commit") { - print " | " . $cgi->a({-href => "$my_uri?p=$project;a=shortlog;h=$tag{'name'}"}, "shortlog") . - " | " . $cgi->a({-href => "$my_uri?p=$project;a=log;h=$tag{'name'}"}, "log"); + print " | " . $cgi->a({-href => "$my_uri?p=$project;a=shortlog;h=$tag{'id'}"}, "shortlog") . + " | " . $cgi->a({-href => "$my_uri?p=$project;a=log;h=$tag{'id'}"}, "log"); } print "\n" . ""; @@ -1002,14 +1013,14 @@ sub git_tags { $alternate ^= 1; print "$tag{'age'}\n" . "" . - $cgi->a({-href => "$my_uri?p=$project;a=shortlog;h=$tag{'name'}", -class => "list"}, + $cgi->a({-href => "$my_uri?p=$project;a=shortlog;h=$tag{'id'}", -class => "list"}, "" . escapeHTML($tag{'name'}) . "") . "\n" . "" . - $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'name'}"}, $tag{'type'}); + $cgi->a({-href => "$my_uri?p=$project;a=$tag{'type'};h=$tag{'id'}"}, $tag{'type'}); if ($tag{'type'} eq "commit") { print " | " . $cgi->a({-href => "$my_uri?p=$project;a=shortlog;h=$tag{'name'}"}, "shortlog") . - " | " . $cgi->a({-href => "$my_uri?p=$project;a=log;h=$tag{'name'}"}, "log"); + " | " . $cgi->a({-href => "$my_uri?p=$project;a=log;h=$tag{'id'}"}, "log"); } print "\n" . ""; @@ -1777,7 +1788,7 @@ sub git_history { print "\n"; my $alternate = 0; while (my $line = <$fd>) { - if ($line =~ m/^([0-9a-fA-F]{40}) /){ + if ($line =~ m/^([0-9a-fA-F]{40})/){ $commit = $1; next; }