From ccb4b5391382f4cdb5e5be49036e82e7d837b7af Mon Sep 17 00:00:00 2001 From: Holger Weiß Date: Tue, 31 Mar 2009 18:16:36 +0200 Subject: gitweb: Fix snapshots requested via PATH_INFO MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix the detection of the requested snapshot format, which failed for PATH_INFO URLs since the references to the hashes which describe the supported snapshot formats weren't dereferenced appropriately. Signed-off-by: Holger Weiß Acked-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 33ef190ceb..3f99361ed0 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -688,10 +688,10 @@ sub evaluate_path_info { # extensions. Allowed extensions are both the defined suffix # (which includes the initial dot already) and the snapshot # format key itself, with a prepended dot - while (my ($fmt, %opt) = each %known_snapshot_formats) { + while (my ($fmt, $opt) = each %known_snapshot_formats) { my $hash = $refname; my $sfx; - $hash =~ s/(\Q$opt{'suffix'}\E|\Q.$fmt\E)$//; + $hash =~ s/(\Q$opt->{'suffix'}\E|\Q.$fmt\E)$//; next unless $sfx = $1; # a valid suffix was found, so set the snapshot format # and reset the hash parameter -- cgit v1.3 From 74fd8728e2abd46a6276f6d48bfc6c9f01d74570 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Thu, 7 May 2009 19:11:29 +0200 Subject: gitweb: Remove function prototypes (cleanup) Use of function prototypes is considered bad practice in Perl. The ones used here didn't accomplish anything anyhow, so they've been removed. >From perlsub(1): [...] the intent of this feature [prototypes] is primarily to let you define subroutines that work like built-in functions [...] you can generate new syntax with it [...] We don't want to have subroutines behaving exactly like built-in functions, we don't want to define new syntax / syntactic sugar, so prototypes in gitweb are not needed... and they can have unintended consequences. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 3f99361ed0..06e91608fa 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -838,7 +838,7 @@ exit; ## ====================================================================== ## action links -sub href (%) { +sub href { my %params = @_; # default is to use -absolute url() i.e. $my_uri my $href = $params{-full} ? $my_url : $my_uri; @@ -1036,7 +1036,7 @@ sub esc_url { } # replace invalid utf8 character with SUBSTITUTION sequence -sub esc_html ($;%) { +sub esc_html { my $str = shift; my %opts = @_; @@ -1296,7 +1296,7 @@ use constant { }; # submodule/subproject, a commit object reference -sub S_ISGITLINK($) { +sub S_ISGITLINK { my $mode = shift; return (($mode & S_IFMT) == S_IFGITLINK) @@ -2615,7 +2615,7 @@ sub parsed_difftree_line { } # parse line of git-ls-tree output -sub parse_ls_tree_line ($;%) { +sub parse_ls_tree_line { my $line = shift; my %opts = @_; my %res; @@ -3213,7 +3213,6 @@ sub git_print_header_div { "\n\n"; } -#sub git_print_authorship (\%) { sub git_print_authorship { my $co = shift; @@ -3269,8 +3268,7 @@ sub git_print_page_path { print "
\n"; } -# sub git_print_log (\@;%) { -sub git_print_log ($;%) { +sub git_print_log { my $log = shift; my %opts = @_; -- cgit v1.3 From ad87e4f6f19e78b3f2d7dde3d3ed403db4f79a03 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 03:21:06 +0200 Subject: gitweb: Do not use bareword filehandles gitweb: Do not use bareword filehandles The script was using bareword filehandles. This is considered a bad practice so they have been changed to indirect filehandles. Changes touch git_get_project_ctags and mimetype_guess_file; while at it rename local variable from $mime to $mimetype (in mimetype_guess_file) to better reflect its value (its contents). Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 06e91608fa..584644cbee 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -2065,18 +2065,17 @@ sub git_get_project_ctags { my $ctags = {}; $git_dir = "$projectroot/$path"; - unless (opendir D, "$git_dir/ctags") { - return $ctags; - } - foreach (grep { -f $_ } map { "$git_dir/ctags/$_" } readdir(D)) { - open CT, $_ or next; - my $val = ; + opendir my $dh, "$git_dir/ctags" + or return $ctags; + foreach (grep { -f $_ } map { "$git_dir/ctags/$_" } readdir($dh)) { + open my $ct, $_ or next; + my $val = <$ct>; chomp $val; - close CT; + close $ct; my $ctag = $_; $ctag =~ s#.*/##; $ctags->{$ctag} = $val; } - closedir D; + closedir $dh; $ctags; } @@ -2804,18 +2803,18 @@ sub mimetype_guess_file { -r $mimemap or return undef; my %mimemap; - open(MIME, $mimemap) or return undef; - while () { + open(my $mh, $mimemap) or return undef; + while (<$mh>) { next if m/^#/; # skip comments - my ($mime, $exts) = split(/\t+/); + my ($mimetype, $exts) = split(/\t+/); if (defined $exts) { my @exts = split(/\s+/, $exts); foreach my $ext (@exts) { - $mimemap{$ext} = $mime; + $mimemap{$ext} = $mimetype; } } } - close(MIME); + close($mh); $filename =~ /\.([^.]*)$/; return $mimemap{$1}; -- cgit v1.3 From dff2b6d4842eef0a03a3c8b3761f72e2b55b609e Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Sun, 10 May 2009 02:38:34 +0200 Subject: gitweb: Always use three argument form of open In most cases (except insert_file() subroutine) we used old two argument form of 'open' to open files for reading. This can cause subtle bugs when $projectroot or $projects_list file starts with mode characters ('>', '<', '+<', '|', etc.) or with leading whitespace; and also when $projects_list file or $mimetypes_file or ctags files end with trailing whitespace or '|'. Additionally it is also more clear to explicitly state that we open those files for reading. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 584644cbee..e7cab9020f 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -2050,7 +2050,7 @@ sub git_get_project_description { my $path = shift; $git_dir = "$projectroot/$path"; - open my $fd, "$git_dir/description" + open my $fd, '<', "$git_dir/description" or return git_get_project_config('description'); my $descr = <$fd>; close $fd; @@ -2068,7 +2068,7 @@ sub git_get_project_ctags { opendir my $dh, "$git_dir/ctags" or return $ctags; foreach (grep { -f $_ } map { "$git_dir/ctags/$_" } readdir($dh)) { - open my $ct, $_ or next; + open my $ct, '<', $_ or next; my $val = <$ct>; chomp $val; close $ct; @@ -2128,7 +2128,7 @@ sub git_get_project_url_list { my $path = shift; $git_dir = "$projectroot/$path"; - open my $fd, "$git_dir/cloneurl" + open my $fd, '<', "$git_dir/cloneurl" or return wantarray ? @{ config_to_multi(git_get_project_config('url')) } : config_to_multi(git_get_project_config('url')); @@ -2186,7 +2186,7 @@ sub git_get_projects_list { # 'libs%2Fklibc%2Fklibc.git H.+Peter+Anvin' # 'linux%2Fhotplug%2Fudev.git Greg+Kroah-Hartman' my %paths; - open my ($fd), $projects_list or return; + open my $fd, '<', $projects_list or return; PROJECT: while (my $line = <$fd>) { chomp $line; @@ -2249,7 +2249,7 @@ sub git_get_project_list_from_file { # 'libs%2Fklibc%2Fklibc.git H.+Peter+Anvin' # 'linux%2Fhotplug%2Fudev.git Greg+Kroah-Hartman' if (-f $projects_list) { - open (my $fd , $projects_list); + open(my $fd, '<', $projects_list); while (my $line = <$fd>) { chomp $line; my ($pr, $ow) = split ' ', $line; @@ -2803,7 +2803,7 @@ sub mimetype_guess_file { -r $mimemap or return undef; my %mimemap; - open(my $mh, $mimemap) or return undef; + open(my $mh, '<', $mimemap) or return undef; while (<$mh>) { next if m/^#/; # skip comments my ($mimetype, $exts) = split(/\t+/); -- cgit v1.3 From 34122b57eca747022336f5a3dc1aa80377d1ce56 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 03:29:40 +0200 Subject: gitweb: Always use three argument form of open From 94638fb6edf3ea693228c680a6a30271ccd77522 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 03:25:55 +0200 Subject: [PATCH] gitweb: Localize magic variable $/ Instead of undefining and then restoring magic variable $/ (input record separator) for 'slurp mode', localize it. While at it, state explicitely that "local $/;" makes it undefined, by using explicit "local $/ = undef;". Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index e7cab9020f..4efeeedccf 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -3325,7 +3325,7 @@ sub git_get_link_target { open my $fd, "-|", git_cmd(), "cat-file", "blob", $hash or return; { - local $/; + local $/ = undef; $link_target = <$fd>; } close $fd @@ -4800,11 +4800,10 @@ sub git_blob_plain { -content_disposition => ($sandbox ? 'attachment' : 'inline') . '; filename="' . $save_as . '"'); - undef $/; + local $/ = undef; binmode STDOUT, ':raw'; print <$fd>; binmode STDOUT, ':utf8'; # as set at the beginning of gitweb.cgi - $/ = "\n"; close $fd; } @@ -4906,12 +4905,16 @@ sub git_tree { } } die_error(404, "No such tree") unless defined($hash); - $/ = "\0"; - open my $fd, "-|", git_cmd(), "ls-tree", '-z', $hash - or die_error(500, "Open git-ls-tree failed"); - my @entries = map { chomp; $_ } <$fd>; - close $fd or die_error(404, "Reading tree failed"); - $/ = "\n"; + + my @entries = (); + { + local $/ = "\0"; + open my $fd, "-|", git_cmd(), "ls-tree", '-z', $hash + or die_error(500, "Open git-ls-tree failed"); + @entries = map { chomp; $_ } <$fd>; + close $fd + or die_error(404, "Reading tree failed"); + } my $refs = git_get_references(); my $ref = format_ref_marker($refs, $hash_base); @@ -5806,7 +5809,7 @@ sub git_search { print "\n"; my $alternate = 1; - $/ = "\n"; + local $/ = "\n"; open my $fd, '-|', git_cmd(), '--no-pager', 'log', @diff_opts, '--pretty=format:%H', '--no-abbrev', '--raw', "-S$searchtext", ($search_use_regexp ? '--pickaxe-regex' : ()); @@ -5876,7 +5879,7 @@ sub git_search { print "
\n"; my $alternate = 1; my $matches = 0; - $/ = "\n"; + local $/ = "\n"; open my $fd, "-|", git_cmd(), 'grep', '-n', $search_use_regexp ? ('-E', '-i') : '-F', $searchtext, $co{'tree'}; -- cgit v1.3 From 68cedb1fea0bbcd5f7c32ce10e3c346bc6db38c5 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Sun, 10 May 2009 02:40:37 +0200 Subject: gitweb: Use block form of map/grep in a few cases more Use block form of 'grep' i.e. 'grep {BLOCK} LIST' rather than 'grep(EXPR, LIST)' in filter_snapshot_fmts subroutine. This makes code more readable, as expression is rather long, and statement above there is 'map' with very similar expression also in the block form. Remove unnecessary and misleading parentheses around block form 'map' arguments in quote_command subroutine. The inner "map" in format_snapshot_links was left alone, as it is not clear whether adding parentheses or changing it into block form would improve readibility and clarity of this code. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 4efeeedccf..8c51f3e79e 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -458,8 +458,8 @@ sub filter_snapshot_fmts { @fmts = map { exists $known_snapshot_format_aliases{$_} ? $known_snapshot_format_aliases{$_} : $_} @fmts; - @fmts = grep(exists $known_snapshot_formats{$_}, @fmts); - + @fmts = grep { + exists $known_snapshot_formats{$_} } @fmts; } our $GITWEB_CONFIG = $ENV{'GITWEB_CONFIG'} || "++GITWEB_CONFIG++"; @@ -1838,7 +1838,7 @@ sub git_cmd { # Try to avoid using this function wherever possible. sub quote_command { return join(' ', - map( { my $a = $_; $a =~ s/(['!])/'\\$1'/g; "'$a'" } @_ )); + map { my $a = $_; $a =~ s/(['!])/'\\$1'/g; "'$a'" } @_ ); } # get HEAD ref of given project as hash -- cgit v1.3 From 3278fbc5ce39e0f7bf095ce99912dccbc347b4d7 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 19:37:28 +0200 Subject: gitweb: Replace wrongly added tabs with spaces In two places there was hard tab character instead of space. Fix this. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 8c51f3e79e..beb79eebd5 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -3990,7 +3990,7 @@ sub fill_project_list_info { ($pname !~ /\/$/) && (-d "$projectroot/$pname")) { $pr->{'forks'} = "-d $projectroot/$pname"; - } else { + } else { $pr->{'forks'} = 0; } } @@ -6282,7 +6282,7 @@ XML # end of feed if ($format eq 'rss') { print "\n\n"; - } elsif ($format eq 'atom') { + } elsif ($format eq 'atom') { print "\n"; } } -- cgit v1.3 From e8bb4b38dfcbd5ff02ceb5e925d53c1460887df5 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 19:39:43 +0200 Subject: gitweb: Use capturing parentheses only when you intend to capture Non-capturing groups are useful because they have better runtime performance and do not copy strings to the magic global capture variables. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index beb79eebd5..097bd18be5 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -828,7 +828,7 @@ if (!defined $action) { if (!defined($actions{$action})) { die_error(400, "Unknown action"); } -if ($action !~ m/^(opml|project_list|project_index)$/ && +if ($action !~ m/^(?:opml|project_list|project_index)$/ && !$project) { die_error(400, "Project needed"); } -- cgit v1.3 From 095e914281395f6c0529ce39939d804eb2ccec02 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 19:42:47 +0200 Subject: gitweb: Simplify snapshot format detection logic in evaluate_path_info This issue was caught by perlcritic in harsh severity level noticing that catch variable was used outside conditional thanks to the Perl::Critic::Policy::RegularExpressions::ProhibitCaptureWithoutTest policy. See "Perl Best Practices", chapter 12. Regular Expressions, section 12.15. Captured Values: Pattern matches that fail never assign anything to $1, $2, etc., nor do they leave those variables undefined. After an unsuccessful pattern match, the numeric capture variables remain exactly as they were before the match was attempted. New version is in my opinion much easier to understand; previous version worked correctly due to the fact that we returned from loop on first found match. Signed-off-by: Jakub Narebski Acked-by: Giuseppe Bilotta Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 097bd18be5..c72ae10ef1 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -690,9 +690,10 @@ sub evaluate_path_info { # format key itself, with a prepended dot while (my ($fmt, $opt) = each %known_snapshot_formats) { my $hash = $refname; - my $sfx; - $hash =~ s/(\Q$opt->{'suffix'}\E|\Q.$fmt\E)$//; - next unless $sfx = $1; + unless ($hash =~ s/(\Q$opt->{'suffix'}\E|\Q.$fmt\E)$//) { + next; + } + my $sfx = $1; # a valid suffix was found, so set the snapshot format # and reset the hash parameter $input_params{'snapshot_format'} = $fmt; -- cgit v1.3 From 15c54fe7aa9376de2e03045122723ebde09bfeeb Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Mon, 11 May 2009 19:45:11 +0200 Subject: gitweb: Remove unused $hash_base parameter from normalize_link_target ...since it was decided for normalize_link_target to only mangle pathname, and do not try to check if target is present in $hash_base tree, for performance reasons. Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index c72ae10ef1..05702e4070 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -3339,10 +3339,7 @@ sub git_get_link_target { # return target of link relative to top directory (top tree); # return undef if it is not possible (including absolute links). sub normalize_link_target { - my ($link_target, $basedir, $hash_base) = @_; - - # we can normalize symlink target only if $hash_base is provided - return unless $hash_base; + my ($link_target, $basedir) = @_; # absolute symlinks (beginning with '/') cannot be normalized return if (substr($link_target, 0, 1) eq '/'); @@ -3398,7 +3395,7 @@ sub git_print_tree_entry { if (S_ISLNK(oct $t->{'mode'})) { my $link_target = git_get_link_target($t->{'hash'}); if ($link_target) { - my $norm_target = normalize_link_target($link_target, $basedir, $hash_base); + my $norm_target = normalize_link_target($link_target, $basedir); if (defined $norm_target) { print " -> " . $cgi->a({-href => href(action=>"object", hash_base=>$hash_base, -- cgit v1.3 From 14afe77486281e411bfadd131e5c8ffc44e22a26 Mon Sep 17 00:00:00 2001 From: Jakub Narebski Date: Fri, 22 May 2009 17:35:46 +0200 Subject: gitweb: Sanitize title attribute in format_subject_html Replace control characters with question mark '?' (like in chop_and_esc_str). A little background: some web browsers turn on strict (and unforgiving) XML validating mode for XHTML documents served using application/xhtml+xml content type. This means among others that control characters are forbidden to appear in gitweb output. CGI.pm does by default slight escaping (using simple_escape subroutine from CGI::Util) of all _attribute_ values (depending on the value of autoEscape, by default on). This escaping, at least in CGI.pm version 3.10 (most current version at CPAN is 3.43), is minimal: only '"', '&', '<' and '>' are escaped using named HTML entity references (", &, < and > respectively). But simple_escape does not do escaping of control characters such as ^X which are invalid in XHTML (in strict mode). If by some accident commit message do contain some control character in first 50 characters (more or less) of first line of commit message, and this line is longer than 50 characters (so gitweb shortens it for display), then gitweb would put this control character in title attribute (and CGI.pm would not remove them). The tag _contents_ is safe because it is escaped using esc_html() explicitly, and it replaces control characters by their printable representation. While at it: chop_and_escape_str doesn't need capturing group. Noticed-by: Paul Gortmaker Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- gitweb/gitweb.perl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'gitweb/gitweb.perl') diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 06e91608fa..d143829c5d 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -1235,7 +1235,7 @@ sub chop_and_escape_str { if ($chopped eq $str) { return esc_html($chopped); } else { - $str =~ s/([[:cntrl:]])/?/g; + $str =~ s/[[:cntrl:]]/?/g; return $cgi->span({-title=>$str}, esc_html($chopped)); } } @@ -1458,6 +1458,7 @@ sub format_subject_html { $extra = '' unless defined($extra); if (length($short) < length($long)) { + $long =~ s/[[:cntrl:]]/?/g; return $cgi->a({-href => $href, -class => "list subject", -title => to_utf8($long)}, esc_html($short) . $extra); -- cgit v1.3