diff options
author | Lars Hjemli | 2007-05-15 23:28:40 +0200 |
---|---|---|
committer | Lars Hjemli | 2007-05-15 23:32:25 +0200 |
commit | 47a81c77fdd017227632c4df9a0b7b135b8a738d (patch) | |
tree | 5ffdd5f4c1af112d50e6bec01de722299ca2e7d1 | |
parent | ad3b39d3b8443e142a6bfee34d527c99cd5f280d (diff) | |
download | cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.gz cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.bz2 cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.zip |
Restrict deep nesting of configfiles
There is no point in restricting the number of included config-
files, but there is a point in restricting the nestinglevel
of configfiles: to avoid recursive inclusions. This is easily
achieved by decrementing the static nesting-variable upon exit
from cgit_read_config().
Also fix some whitespace breakage.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | parsing.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -70,13 +70,15 @@ int cgit_read_config(const char *filename, configfn fn) | |||
70 | const char *value; | 70 | const char *value; |
71 | FILE *f; | 71 | FILE *f; |
72 | 72 | ||
73 | /* cancel the reading of yet another configfile after 16 invocations */ | 73 | /* cancel deeply nested include-commands */ |
74 | if (nesting++ > 16) | 74 | if (nesting > 8) |
75 | return -1; | 75 | return -1; |
76 | if (!(f = fopen(filename, "r"))) | 76 | if (!(f = fopen(filename, "r"))) |
77 | return -1; | 77 | return -1; |
78 | nesting++; | ||
78 | while((len = read_config_line(f, line, &value, sizeof(line))) > 0) | 79 | while((len = read_config_line(f, line, &value, sizeof(line))) > 0) |
79 | (*fn)(line, value); | 80 | (*fn)(line, value); |
81 | nesting--; | ||
80 | fclose(f); | 82 | fclose(f); |
81 | return 0; | 83 | return 0; |
82 | } | 84 | } |
@@ -108,7 +110,7 @@ int cgit_parse_query(char *txt, configfn fn) | |||
108 | return 0; | 110 | return 0; |
109 | 111 | ||
110 | t = txt = xstrdup(txt); | 112 | t = txt = xstrdup(txt); |
111 | 113 | ||
112 | while((c=*t) != '\0') { | 114 | while((c=*t) != '\0') { |
113 | if (c=='=') { | 115 | if (c=='=') { |
114 | *t = '\0'; | 116 | *t = '\0'; |
@@ -213,7 +215,7 @@ struct taginfo *cgit_parse_tag(struct tag *tag) | |||
213 | free(data); | 215 | free(data); |
214 | return 0; | 216 | return 0; |
215 | } | 217 | } |
216 | 218 | ||
217 | ret = xmalloc(sizeof(*ret)); | 219 | ret = xmalloc(sizeof(*ret)); |
218 | ret->tagger = NULL; | 220 | ret->tagger = NULL; |
219 | ret->tagger_email = NULL; | 221 | ret->tagger_email = NULL; |