Author: Lars Hjemli <hjemli@gmail.com>
Avoid SEGFAULT on invalid requests When an unknown page is requested, either on the querystring or via PATH_INFO, we end up with a null-referencing cgit_cmd. This null- pointer is then used as argument to the hc() function (which decides what tab to render as 'active'), but this function failed to check if a valid cmd was specified and a SEGFAULT would occur. This patch fixes the issue by introducing a 'fallback-cmd' which specifies what tab to render as 'active' when no valid cmd is requested. While at it, we now also keep track of the active repository even if an invalid cmd was requested since we want to show the error message about the invalid request in the correct context. Noticed-by: Robin Redeker <elmex@ta-sa.org> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
cgit.c | 1 - ui-shared.c | 7 ++++++-
diff --git a/cgit.c b/cgit.c index c82587b68b8cc5169f4265eaad98fbc938aa0b8e..6e5215e3b08edcbc5c09b9faf22a753762d0767c 100644 --- a/cgit.c +++ b/cgit.c @@ -289,7 +289,6 @@ cmd = cgit_get_cmd(ctx); if (!cmd) { ctx->page.title = "cgit error"; - ctx->repo = NULL; cgit_print_http_headers(ctx); cgit_print_docstart(ctx); cgit_print_pageheader(ctx); diff --git a/ui-shared.c b/ui-shared.c index 224e5f3b2f3da88d89a0ea3034b9182cf7775cd7..76cd00d3b146a8a1401f7e3be7b6fcaacc48dab3 100644 --- a/ui-shared.c +++ b/ui-shared.c @@ -577,14 +577,19 @@ html_hidden("q", ctx.qry.search); } } +const char *fallback_cmd = "repolist"; + char *hc(struct cgit_cmd *cmd, const char *page) { - return (strcmp(cmd->name, page) ? NULL : "active"); + return (strcmp(cmd ? cmd->name : fallback_cmd, page) ? NULL : "active"); } void cgit_print_pageheader(struct cgit_context *ctx) { struct cgit_cmd *cmd = cgit_get_cmd(ctx); + + if (!cmd && ctx->repo) + fallback_cmd = "summary"; html("<table id='header'>\n"); html("<tr>\n");