Author: Lars Hjemli <hjemli@gmail.com>
Remove troublesome chars from cachefile names Add a funtion cache_safe_filename() which replaces possibly bad filename characters with '_'. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
cache.c | 16 ++++++++++++++++ cgit.c | 2 +- cgit.h | 1 +
diff --git a/cache.c b/cache.c index 1ff1251dfb856e4e8ad2a9a15c502b13ada00f53..8df7c2677bc24f6980888f95523931b7538bd74a 100644 --- a/cache.c +++ b/cache.c @@ -10,6 +10,22 @@ #include "cgit.h" const int NOLOCK = -1; +char *cache_safe_filename(const char *unsafe) +{ + static char buf[PATH_MAX]; + char *s = buf; + char c; + + while(unsafe && (c = *unsafe++) != 0) { + if (c == '/' || c == ' ' || c == '&' || c == '|' || + c == '>' || c == '<' || c == '.') + c = '_'; + *s++ = c; + } + *s = '\0'; + return buf; +} + int cache_exist(struct cacheitem *item) { if (stat(item->name, &item->st)) { diff --git a/cgit.c b/cgit.c index d975570a73e361606753f641a629b05846914052..a3a04d9106515a318618268f636e0c7fe2a0a57f 100644 --- a/cgit.c +++ b/cgit.c @@ -22,7 +22,7 @@ item->ttl = cgit_cache_repo_ttl; } else { item->name = xstrdup(fmt("%s/%s/%s/%s.html", cgit_cache_root, cgit_query_repo, cgit_query_page, - cgit_querystring)); + cache_safe_filename(cgit_querystring))); if (cgit_query_has_symref) item->ttl = cgit_cache_dynamic_ttl; else if (cgit_query_has_sha1) diff --git a/cgit.h b/cgit.h index f915c860411ad9a1b3abeba86f935e2a9ce2b936..3601e49a831b52c418b7c1c307742b26e28f7734 100644 --- a/cgit.h +++ b/cgit.h @@ -87,6 +87,7 @@ extern int cgit_read_config(const char *filename, configfn fn); extern int cgit_parse_query(char *txt, configfn fn); extern struct commitinfo *cgit_parse_commit(struct commit *commit); +extern char *cache_safe_filename(const char *unsafe); extern int cache_lock(struct cacheitem *item); extern int cache_unlock(struct cacheitem *item); extern int cache_cancel_lock(struct cacheitem *item);