aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLars Hjemli2007-05-15 23:28:40 +0200
committerLars Hjemli2007-05-15 23:32:25 +0200
commit47a81c77fdd017227632c4df9a0b7b135b8a738d (patch)
tree5ffdd5f4c1af112d50e6bec01de722299ca2e7d1
parentad3b39d3b8443e142a6bfee34d527c99cd5f280d (diff)
downloadcgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.gz
cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.tar.bz2
cgit-47a81c77fdd017227632c4df9a0b7b135b8a738d.zip
Restrict deep nesting of configfiles
There is no point in restricting the number of included config- files, but there is a point in restricting the nestinglevel of configfiles: to avoid recursive inclusions. This is easily achieved by decrementing the static nesting-variable upon exit from cgit_read_config(). Also fix some whitespace breakage. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r--parsing.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/parsing.c b/parsing.c
index 8e15e5a..36b0f0c 100644
--- a/parsing.c
+++ b/parsing.c
@@ -70,13 +70,15 @@ int cgit_read_config(const char *filename, configfn fn)
70 const char *value; 70 const char *value;
71 FILE *f; 71 FILE *f;
72 72
73 /* cancel the reading of yet another configfile after 16 invocations */ 73 /* cancel deeply nested include-commands */
74 if (nesting++ > 16) 74 if (nesting > 8)
75 return -1; 75 return -1;
76 if (!(f = fopen(filename, "r"))) 76 if (!(f = fopen(filename, "r")))
77 return -1; 77 return -1;
78 nesting++;
78 while((len = read_config_line(f, line, &value, sizeof(line))) > 0) 79 while((len = read_config_line(f, line, &value, sizeof(line))) > 0)
79 (*fn)(line, value); 80 (*fn)(line, value);
81 nesting--;
80 fclose(f); 82 fclose(f);
81 return 0; 83 return 0;
82} 84}
@@ -108,7 +110,7 @@ int cgit_parse_query(char *txt, configfn fn)
108 return 0; 110 return 0;
109 111
110 t = txt = xstrdup(txt); 112 t = txt = xstrdup(txt);
111 113
112 while((c=*t) != '\0') { 114 while((c=*t) != '\0') {
113 if (c=='=') { 115 if (c=='=') {
114 *t = '\0'; 116 *t = '\0';
@@ -213,7 +215,7 @@ struct taginfo *cgit_parse_tag(struct tag *tag)
213 free(data); 215 free(data);
214 return 0; 216 return 0;
215 } 217 }
216 218
217 ret = xmalloc(sizeof(*ret)); 219 ret = xmalloc(sizeof(*ret));
218 ret->tagger = NULL; 220 ret->tagger = NULL;
219 ret->tagger_email = NULL; 221 ret->tagger_email = NULL;