3 files changed, 18 insertions, 1 deletions

diff --git a/cache.c b/cache.c
index 1ff1251..8df7c26 100644
--- a/cache.c
+++ b/cache.c
@@ -10,6 +10,22 @@
 
 const int NOLOCK = -1;
 
+char *cache_safe_filename(const char *unsafe)
+{
+        static char buf[PATH_MAX];
+        char *s = buf;
+        char c;
+
+        while(unsafe && (c = *unsafe++) != 0) {
+                if (c == '/' || c == ' ' || c == '&' || c == '|' || 
+                    c == '>' || c == '<' || c == '.')
+                        c = '_';
+                *s++ = c;
+        }
+        *s = '\0';
+        return buf;
+}
+
 int cache_exist(struct cacheitem *item)
 {
         if (stat(item->name, &item->st)) {
diff --git a/cgit.c b/cgit.c
index d975570..a3a04d9 100644
--- a/cgit.c
+++ b/cgit.c
@@ -22,7 +22,7 @@ static void cgit_prepare_cache(struct cacheitem *item)
         } else {
                 item->name = xstrdup(fmt("%s/%s/%s/%s.html", cgit_cache_root, 
                            cgit_query_repo, cgit_query_page, 
-                           cgit_querystring));
+                           cache_safe_filename(cgit_querystring)));
                 if (cgit_query_has_symref)
                         item->ttl = cgit_cache_dynamic_ttl;
                 else if (cgit_query_has_sha1)
diff --git a/cgit.h b/cgit.h
index f915c86..3601e49 100644
--- a/cgit.h
+++ b/cgit.h
@@ -87,6 +87,7 @@ extern int cgit_read_config(const char *filename, configfn fn);
 extern int cgit_parse_query(char *txt, configfn fn);
 extern struct commitinfo *cgit_parse_commit(struct commit *commit);
 
+extern char *cache_safe_filename(const char *unsafe);
 extern int cache_lock(struct cacheitem *item);
 extern int cache_unlock(struct cacheitem *item);
 extern int cache_cancel_lock(struct cacheitem *item);