diff options
author | John Keeping | 2017-02-19 12:27:48 +0000 |
---|---|---|
committer | Jason A. Donenfeld | 2017-08-10 16:05:07 +0200 |
commit | 1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0 (patch) | |
tree | 37faf12c4a5d56ec24a886bb82956d206a6f3a57 | |
parent | 6d3c8bc37f6124c2193d66587079975d381aa435 (diff) | |
download | cgit-1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0.tar.gz cgit-1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0.tar.bz2 cgit-1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0.zip |
ui-shared: don't print path crumbs without a repo
cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo
is non-null. Currently we don't have any commands that set want_vpath
without also setting want_repo so it shouldn't be possible to fail this
test, but the check in cgit.c is in the wrong order so it is possible to
specify a query string like "?p=log&path=foo/bar" to end up here without
a valid repository.
This was found by American fuzzy lop [0].
[0] http://lcamtuf.coredump.cx/afl/
Signed-off-by: John Keeping <john@keeping.me.uk>
-rw-r--r-- | ui-shared.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ui-shared.c b/ui-shared.c index 2e4fcd9..e5c9a02 100644 --- a/ui-shared.c +++ b/ui-shared.c | |||
@@ -1039,7 +1039,7 @@ void cgit_print_pageheader(void) | |||
1039 | free(currenturl); | 1039 | free(currenturl); |
1040 | } | 1040 | } |
1041 | html("</td></tr></table>\n"); | 1041 | html("</td></tr></table>\n"); |
1042 | if (ctx.env.authenticated && ctx.qry.vpath) { | 1042 | if (ctx.env.authenticated && ctx.repo && ctx.qry.vpath) { |
1043 | html("<div class='path'>"); | 1043 | html("<div class='path'>"); |
1044 | html("path: "); | 1044 | html("path: "); |
1045 | cgit_print_path_crumbs(ctx.qry.vpath); | 1045 | cgit_print_path_crumbs(ctx.qry.vpath); |