Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | check for flyspray-links in summary/refs-page | lookshe | 2016-02-26 | 2 | -7/+7 |
| | |||||
* | skip FS# not followed by number correctly | lookshe | 2016-02-26 | 1 | -23/+30 |
| | |||||
* | implementation to link FS#[0-9]+ to flyspray (FS#141) | lookshe | 2016-02-26 | 7 | -4/+115 |
| | |||||
* | normal path in titleflatten_tree | lookshe | 2016-02-09 | 1 | -15/+2 |
| | |||||
* | normalized indenting | lookshe | 2016-02-08 | 3 | -89/+89 |
| | |||||
* | reverted changes to run under python 2.6 | lookshe | 2016-02-08 | 1 | -4/+2 |
| | |||||
* | Merge branch 'master' into flatten_tree | lookshe | 2016-02-08 | 4 | -7/+46 |
|\ | |||||
| * | ui-tree: put reverse path in title | Jason A. Donenfeld | 2016-01-18 | 1 | -0/+34 |
| | | |||||
| * | syntax-highlighting: always use utf-8 to avoid ascii codec issues | Jason A. Donenfeld | 2016-01-18 | 1 | -0/+3 |
| | | |||||
| * | cache: don't check for match with no key | John Keeping | 2016-01-17 | 1 | -2/+3 |
| | | | | | | | | | | | | | | | | | | | | | | We call open_slot() from cache_ls() without a key since we simply want to read the path out of the header. Should the file happen to contain an empty key then we end up calling memcmp() with NULL and a non-zero length. Fix this by assigning slot->match only if a key is set, which is always will be in the code paths where we use slot->match. Coverity-id: 13807 Signed-off-by: John Keeping <john@keeping.me.uk> | ||||
| * | cache: use size_t for string lengths | John Keeping | 2016-01-17 | 1 | -2/+2 |
| | | | | | | | | | | | | | | Avoid integer truncation on 64-bit systems. Coverity-id: 13864 Signed-off-by: John Keeping <john@keeping.me.uk> | ||||
| * | ui-log: handle parse_commit() errors | John Keeping | 2016-01-17 | 1 | -1/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | If parse_commit() fails, none of the fields in the commit structure will have been populated so we will dereference NULL when accessing item->tree. There isn't much we can do about the error at this point, but if we return true then we'll try parsing the commit again from print_commit() and we can report an error to the user at that point. Coverity-id: 13801 Signed-off-by: John Keeping <john@keeping.me.uk> | ||||
* | | call read_tree_recursive two times with different context to list ↵ | lookshe | 2016-02-02 | 1 | -2/+18 |
| | | | | | | | | directories first | ||||
* | | identify head to use a bit prettier | lookshe | 2016-02-01 | 1 | -5/+1 |
| | | |||||
* | | author link with correct branches | lookshe | 2016-02-01 | 5 | -6/+10 |
| | | |||||
* | | escaped author link | lookshe | 2016-02-01 | 1 | -1/+2 |
| | | |||||
* | | added link to author (similar to gitweb) | lookshe | 2016-02-01 | 5 | -3/+16 |
| | | |||||
* | | reverted to use old perl markdown converter | lookshe | 2016-01-14 | 3 | -285/+1737 |
| | | |||||
* | | set ignore whitespace as default | lookshe | 2016-01-14 | 1 | -0/+1 |
| | | |||||
* | | reverted syntax-hightling.py to python2 | lookshe | 2016-01-14 | 1 | -9/+10 |
| | | |||||
* | | flatten tree for more direct links like github | lookshe | 2016-01-14 | 1 | -0/+70 |
|/ | |||||
* | Bump versionv0.12 | Jason A. Donenfeld | 2016-01-14 | 1 | -1/+1 |
| | |||||
* | ui-plain: add enable-html-serving flag | Jason A. Donenfeld | 2016-01-14 | 5 | -0/+29 |
| | | | | Unrestricts plain/ to contents likely to be executed by browser. | ||||
* | ui-blob: set CSP just in case | Jason A. Donenfeld | 2016-01-14 | 1 | -0/+3 |
| | |||||
* | ui-blob: always use generic mimetypes | Jason A. Donenfeld | 2016-01-14 | 1 | -6/+4 |
| | |||||
* | ui-blob: Do not accept mimetype from user | Jason A. Donenfeld | 2016-01-14 | 3 | -4/+0 |
| | |||||
* | ui-shared: prevent malicious filename from injecting headers | Jason A. Donenfeld | 2016-01-14 | 3 | -3/+32 |
| | |||||
* | ui-shared: Avoid new line injection into redirect header | Jason A. Donenfeld | 2016-01-14 | 1 | -1/+3 |
| | |||||
* | Fix missing prototype declarations | Peter Colberg | 2016-01-14 | 6 | -15/+15 |
| | | | | Signed-off-by: Peter Colberg <peter@colberg.org> | ||||
* | ui-repolist: return HTTP 404 if no repositories found | Peter Colberg | 2016-01-13 | 1 | -3/+17 |
| | | | | | | | | | Return HTTP status code 404 Not found when querying a non-existent repository, which signals to search engines that a repository no longer exists. Further, some webservers such as nginx permit logging requests to different files depending on the HTTP code. Signed-off-by: Peter Colberg <peter@colberg.org> | ||||
* | ui-repolist: extract repo visibility criteria to separate function | Peter Colberg | 2016-01-13 | 1 | -3/+10 |
| | | | | Signed-off-by: Peter Colberg <peter@colberg.org> | ||||
* | Fix segmentation fault in hc() | Lukas Fleischer | 2016-01-13 | 1 | -0/+3 |
| | | | | | | | | The ctx.qry.page variable might be unset at this point, e.g. when an invalid command is passed and cgit_print_pageheader() is called to show an error message. Signed-off-by: Lukas Fleischer <lfleischer@lfos.de> | ||||
* | git: update to v2.7.0 | Christian Hesse | 2016-01-13 | 13 | -26/+26 |
| | | | | | | | | | | | | | | Update to git version v2.7.0. * Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove get_object_hash.) changed API: Convert all instances of get_object_hash to use an appropriate reference to the hash member of the oid member of struct object. This provides no functional change, as it is essentially a macro substitution. Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-repolist: initialize char *buf to NULL | Christian Hesse | 2016-01-13 | 1 | -1/+1 |
| | | | | | | | readfile() can fail if the agefile is not readable. Make sure free() does not free an ininitialized string. Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | filter: avoid integer overflow in authenticate_post | Jason A. Donenfeld | 2015-11-24 | 1 | -1/+1 |
| | | | | | | | | | | | | ctx.env.content_length is an unsigned int, coming from the CONTENT_LENGTH environment variable, which is parsed by strtoul. The HTTP/1.1 spec says that "any Content-Length greater than or equal to zero is a valid value." By storing this into an int, we potentially overflow it, resulting in the following bounding check failing, leading to a buffer overflow. Reported-by: Erik Cabetas <Erik@cabetas.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | about-formatting.sh: comment text out of date | Jason A. Donenfeld | 2015-11-12 | 1 | -1/+1 |
| | |||||
* | filters: port syntax-highlighting.py to python 3.x | Christian Hesse | 2015-10-12 | 1 | -10/+9 |
| | | | | Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | md2html: the default of stdin works fine | Jason A. Donenfeld | 2015-10-12 | 1 | -2/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | filters: misc cleanups | Jason A. Donenfeld | 2015-10-12 | 2 | -2/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | md2html: use pure python | Jason A. Donenfeld | 2015-10-12 | 1 | -6/+9 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | cache: fix resource leak: close file handle before return | Christian Hesse | 2015-10-10 | 1 | -3/+9 |
| | | | | | Coverity-id: 13910 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-atom: fix resource leak: free allocation from cgit_pageurl | Christian Hesse | 2015-10-10 | 1 | -1/+4 |
| | | | | | Coverity-id: 13945 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-atom: fix resource leak: free before return | Christian Hesse | 2015-10-10 | 1 | -1/+2 |
| | | | | | Coverity-id: 13946 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-atom: fix resource leak: free allocation from cgit_repourl | Christian Hesse | 2015-10-10 | 1 | -1/+3 |
| | | | | | Coverity-id: 13947 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-blob: fix resource leak: free before return | Christian Hesse | 2015-10-10 | 1 | -0/+1 |
| | | | | | Coverity-id: 13944 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-blob: fix resource leak: free before return | Christian Hesse | 2015-10-10 | 1 | -0/+1 |
| | | | | | Coverity-id: 13943 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-plain: fix resource leak: free before assigning NULL | Christian Hesse | 2015-10-09 | 1 | -1/+3 |
| | | | | | Coverity-id: 13939 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-plain: fix resource leak: free before return | Christian Hesse | 2015-10-09 | 1 | -0/+1 |
| | | | | | Coverity-id: 13940 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-repolist: fix resource leak: free allocation from cgit_currenturl | Christian Hesse | 2015-10-09 | 1 | -1/+3 |
| | | | | | Coverity-id: 13930 Signed-off-by: Christian Hesse <mail@eworm.de> | ||||
* | ui-repolist: fix resource leak: free before return | Christian Hesse | 2015-10-09 | 1 | -1/+3 |
| | | | | | Coverity-id: 13931 Signed-off-by: Christian Hesse <mail@eworm.de> |