1b9f409eb4
NOTE: this SR is intended to move cgit from git (as of now cgit.spec is
incldued in git package src). cgit will be no longer linked repo.
- split from OBS git repo to an individual repo (since cgit-0.9
doesn't build with git-1.7.7)
- merged fixes in git repo back to cgit repo
- updated to git 1.7.6.4
- updated to cgit 0.9.0.2
OBS-URL: https://build.opensuse.org/request/show/87800
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cgit?expand=0&rev=3
36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001
|
|
From: Lukas Fleischer <cgit@cryptocrack.de>
|
|
Date: Fri, 22 Jul 2011 11:47:19 +0000
|
|
Subject: Fix potential XSS vulnerability in rename hint
|
|
|
|
The file name displayed in the rename hint should be escaped to avoid
|
|
XSS. Note that this vulnerability is only applicable when an attacker
|
|
has gained push access to the repository.
|
|
|
|
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
|
|
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
|
|
---
|
|
---
|
|
ui-diff.c | 10 ++++++----
|
|
1 file changed, 6 insertions(+), 4 deletions(-)
|
|
|
|
--- a/ui-diff.c
|
|
+++ b/ui-diff.c
|
|
@@ -97,10 +97,12 @@
|
|
htmlf("</td><td class='%s'>", class);
|
|
cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
|
|
ctx.qry.sha2, info->new_path, 0);
|
|
- if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
|
|
- htmlf(" (%s from %s)",
|
|
- info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
|
|
- info->old_path);
|
|
+ if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
|
|
+ htmlf(" (%s from ",
|
|
+ info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
|
|
+ html_txt(info->old_path);
|
|
+ html(")");
|
|
+ }
|
|
html("</td><td class='right'>");
|
|
if (info->binary) {
|
|
htmlf("bin</td><td class='graph'>%ld -> %ld bytes",
|