diff options
Diffstat (limited to 'development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch')
-rw-r--r-- | development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch b/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch deleted file mode 100644 index 99af79c4ba..0000000000 --- a/development/cgit/patches/0012-ui-shared-don-t-print-path-crumbs-without-a-repo.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 1b4ef6783a71962f8b5da3a23f2830f0f0f55ea0 Mon Sep 17 00:00:00 2001 -From: John Keeping <john@keeping.me.uk> -Date: Sun, 19 Feb 2017 12:27:48 +0000 -Subject: [PATCH 12/15] ui-shared: don't print path crumbs without a repo - -cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo -is non-null. Currently we don't have any commands that set want_vpath -without also setting want_repo so it shouldn't be possible to fail this -test, but the check in cgit.c is in the wrong order so it is possible to -specify a query string like "?p=log&path=foo/bar" to end up here without -a valid repository. - -This was found by American fuzzy lop [0]. - -[0] http://lcamtuf.coredump.cx/afl/ - -Signed-off-by: John Keeping <john@keeping.me.uk> ---- - ui-shared.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ui-shared.c b/ui-shared.c -index 2e4fcd9..e5c9a02 100644 ---- a/ui-shared.c -+++ b/ui-shared.c -@@ -1039,7 +1039,7 @@ void cgit_print_pageheader(void) - free(currenturl); - } - html("</td></tr></table>\n"); -- if (ctx.env.authenticated && ctx.qry.vpath) { -+ if (ctx.env.authenticated && ctx.repo && ctx.qry.vpath) { - html("<div class='path'>"); - html("path: "); - cgit_print_path_crumbs(ctx.qry.vpath); --- -2.14.1 - |