List Info

Thread: gitweb: Don't use quotemeta on internally generated strings
gitweb: Don't use quotemeta on internally generated strings
user name
 2006-09-28 23:51:43 
Do not use quotemeta on internally generated strings
such as filenames of snapshot, blobs, etc.
quotemeta quotes any characters not matching /A-Za-z_0-9/.
Which means that we get strings like this:

before:
linux-2.6.git-5c2d97cb31fb77981797fec46230ca005b865799.
tar.gz
after: 
linux-2.6.git-5c2d97cb31fb77981797fec46230ca005b865799.tar.g
z

This patch fixes this.

Signed-off-by: Luben Tuikov <ltuikovyahoo.com>
---
 gitweb/gitweb.perl |    9 ++++-----
 1 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index 9052647..fdbdb82 100755
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
 -2660,7
+2660,7  sub git_blob_plain {
 	print $cgi->header(
 		-type => "$type",
 		-expires=>$expires,
-		-content_disposition => 'inline; filename="' .
quotemeta($save_as) . '"');
+		-content_disposition => 'inline; filename="' .
"$save_as" . '"');
 	undef $/;
 	binmode STDOUT, ':raw';
 	print <$fd>;
 -2835,7
+2835,7  sub git_snapshot {
 	print $cgi->header(
 		-type => 'application/x-tar',
 		-content_encoding => $ctype,
-		-content_disposition => 'inline; filename="' .
quotemeta($filename) . '"',
+		-content_disposition => 'inline; filename="' .
"$filename" . '"',
 		-status => '200 OK');
 
 	my $git_command = git_cmd_str();
 -2933,7
+2933,6  sub git_commit {
 
 	my views_nav = ();
 	if (defined $file_name && defined $co{'parent'}) {
-		my $parent = $co{'parent'};
 		push views_nav,
 			$cgi->a({-href =>
href(action=>"blame", hash_parent=>$parent,
file_name=>$file_name)},
 			        "blame");
 -3145,7
+3144,7  sub git_blobdiff {
 			-type => 'text/plain',
 			-charset => 'utf-8',
 			-expires => $expires,
-			-content_disposition => 'inline; filename="' .
quotemeta($file_name) . '.patch"');
+			-content_disposition => 'inline; filename="' .
"$file_name" . '.patch"');
 
 		print "X-Git-Url: " . $cgi->self_url() .
"nn";
 
 -3248,7
+3247,7  sub git_commitdiff {
 			-type => 'text/plain',
 			-charset => 'utf-8',
 			-expires => $expires,
-			-content_disposition => 'inline; filename="' .
quotemeta($filename) . '"');
+			-content_disposition => 'inline; filename="' .
"$filename" . '"');
 		my %ad = parse_date($co{'author_epoch'},
$co{'author_tz'});
 		print <<TEXT;
 From: $co{'author'}
-- 
1.4.2.1.g05f0f
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )