aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
...
* ui-shared: Avoid new line injection into redirect headerJason A. Donenfeld2016-01-141-1/+3
* Fix missing prototype declarations•••Signed-off-by: Peter Colberg <peter@colberg.org> Peter Colberg2016-01-146-15/+15
* ui-repolist: return HTTP 404 if no repositories found•••Return HTTP status code 404 Not found when querying a non-existent repository, which signals to search engines that a repository no longer exists. Further, some webservers such as nginx permit logging requests to different files depending on the HTTP code. Signed-off-by: Peter Colberg <peter@colberg.org> Peter Colberg2016-01-131-3/+17
* ui-repolist: extract repo visibility criteria to separate function•••Signed-off-by: Peter Colberg <peter@colberg.org> Peter Colberg2016-01-131-3/+10
* Fix segmentation fault in hc()•••The ctx.qry.page variable might be unset at this point, e.g. when an invalid command is passed and cgit_print_pageheader() is called to show an error message. Signed-off-by: Lukas Fleischer <lfleischer@lfos.de> Lukas Fleischer2016-01-131-0/+3
* git: update to v2.7.0•••Update to git version v2.7.0. * Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove get_object_hash.) changed API: Convert all instances of get_object_hash to use an appropriate reference to the hash member of the oid member of struct object. This provides no functional change, as it is essentially a macro substitution. Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2016-01-1313-26/+26
* ui-repolist: initialize char *buf to NULL•••readfile() can fail if the agefile is not readable. Make sure free() does not free an ininitialized string. Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2016-01-131-1/+1
* filter: avoid integer overflow in authenticate_post•••ctx.env.content_length is an unsigned int, coming from the CONTENT_LENGTH environment variable, which is parsed by strtoul. The HTTP/1.1 spec says that "any Content-Length greater than or equal to zero is a valid value." By storing this into an int, we potentially overflow it, resulting in the following bounding check failing, leading to a buffer overflow. Reported-by: Erik Cabetas <Erik@cabetas.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-11-241-1/+1
* about-formatting.sh: comment text out of dateJason A. Donenfeld2015-11-121-1/+1
* filters: port syntax-highlighting.py to python 3.x•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-121-10/+9
* md2html: the default of stdin works fine•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-10-121-2/+1
* filters: misc cleanups•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-10-122-2/+1
* md2html: use pure python•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-10-121-6/+9
* cache: fix resource leak: close file handle before return•••Coverity-id: 13910 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-3/+9
* ui-atom: fix resource leak: free allocation from cgit_pageurl•••Coverity-id: 13945 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-1/+4
* ui-atom: fix resource leak: free before return•••Coverity-id: 13946 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-1/+2
* ui-atom: fix resource leak: free allocation from cgit_repourl•••Coverity-id: 13947 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-1/+3
* ui-blob: fix resource leak: free before return•••Coverity-id: 13944 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-0/+1
* ui-blob: fix resource leak: free before return•••Coverity-id: 13943 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-101-0/+1
* ui-plain: fix resource leak: free before assigning NULL•••Coverity-id: 13939 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-1/+3
* ui-plain: fix resource leak: free before return•••Coverity-id: 13940 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-0/+1
* ui-repolist: fix resource leak: free allocation from cgit_currenturl•••Coverity-id: 13930 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-1/+3
* ui-repolist: fix resource leak: free before return•••Coverity-id: 13931 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-1/+3
* filters: Simplify converters•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-10-094-1734/+284
* ui-shared: fix resource leak: free allocation from cgit_hosturl•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-2/+3
* ui-shared: return value of cgit_hosturl is not const•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-092-4/+4
* cmd: fix resource leak: free allocation from cgit_currenturl and fmtalloc•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-3/+7
* ui-shared: fix resource leak: free allocation from cgit_currenturl•••Coverity-id: 13927 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-3/+8
* ui-shared: return value of cgit_currenturl is not const•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-092-3/+3
* ui-shared: fix resource leak: free allocation from cgit_fileurl•••Coverity-id: 13918 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-5/+11
* ui-ssdiff: fix resource leak: free allocation from cgit_fileurl•••Coverity-id: 13929 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-2/+6
* ui-tree: fix resource leak: free before return•••Coverity-id: 13938 Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-091-0/+1
* Avoid use of non-reentrant functions•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-10-091-3/+3
* Makefile: fix MAKEFLAGS tests with multiple flags•••findstring is defined as $(findstring FIND,IN) so if multiple flags are set these tests do the wrong thing unless $(MAKEFLAGS) is the second argument. Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-10-091-1/+1
* ui-refs: remove useless null check•••There is no way that "tag" can be null here. Coverity-id: 13950 Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-10-091-1/+1
* ui-blob: remove useless null check•••We have already called strlen() on "path" by the time we get here, so we know it can't be null. Coverity-id: 13954 Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-10-091-1/+1
* scan-tree: remove useless strdup()•••parse_configfile() takes a "const char *" and doesn't hold any references to it after it returns; there is no reason to pass it a duplicate. Coverity-id: 13941 Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-10-091-1/+1
* cgit.c: remove useless null check•••Everywhere else in this function we do not check whether the value is null and parse_configfile() never passes a null value to this callback. Coverity-id: 13846 Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-10-091-1/+1
* git: update to v2.6.1•••Update to git version v2.6.1, no changes required. Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-10-062-1/+1
* mime: rewrite detection function•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-08-171-36/+26
* ui-summary: send images plain for about page•••The about page used to display just fine, but images were broken: The binary image data was embedded in html code. Use cgit_print_plain() to send images in plain mode and make them available on about page. Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-08-171-2/+13
* refactor get_mimetype_from_file() to get_mimetype_for_filename()•••* handle mimetype within a single function * return allocated memory on success Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-08-173-47/+40
* move get_mimetype_from_file() to shared•••Signed-off-by: Christian Hesse <mail@eworm.de> Christian Hesse2015-08-173-40/+42
* cmd: fix command definition•••The previous commit removed the "pre" field from "struct cgit_cmd" but forgot to update this macro. Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de> John Keeping2015-08-141-1/+1
* cmd: no need for pre function hook now•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Jason A. Donenfeld2015-08-143-20/+9
* ui-shared: cache errors for "dynamic TTL"•••Most errors we generate are (potentially) transient, such as non-existent object IDs so we don't want them to be cached forever. Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-08-141-0/+1
* cmd: remove "want_layout" field•••No commands use this any more. Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-08-143-34/+24
* tree: move layout into page function•••This also allows us to return proper HTTP error codes when the requested tree is not found and display an error message in one case (invalid path inside valid commit) where we previously just displayed an empty page. Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-08-142-6/+19
* tag: move layout into page function•••This also allows us to return proper HTTP error codes when something goes wrong. Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-08-142-4/+11
* summary: move layout into page function•••Signed-off-by: John Keeping <john@keeping.me.uk> John Keeping2015-08-142-1/+3
generated by cgit (git 2.51.1) at 2025-12-13 12:17:28 +0000