When size is zero, subtracting one from it turns it into
ULONG_MAX which causes an out-of-bounds access on buf.
Signed-off-by: Eric Wong <normalperson@yhbt.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When downloading a blob identified by its path, the client might want
to know if the blob has been modified since a previous download of the
same path. To this end, an ETag containing the blob SHA1 seems to be
ideal.
Todo: add support for HEAD requests...
Suggested-by: Owen Taylor <otaylor@redhat.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When activated, cgit will neither generate http headers nor any 'framing'
html elements (like <html> and <body>). Also, all page content is now
wrapped in a <div id='cgit'> element to make it easier to select the
correct cgit classes when embedded/themed.
Suggested-by: Matt Sealey <matt@genesi-usa.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
First, an apostrophe is not a quote. Second, we also need to escape
quotes. And finally, quotes are encoded as '"', not '"e;'.
Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
When a commit is referenced by a branch or tag the commit subject-
line will be suffixed with the proper decorations, hence the test
for this line needs to be updated.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This adds the tag and branch head decorations to the commit pages. This is
similar to how commits are displayed in the standard gitweb interface.
Signed-off-by: Justin Waters <justin.waters@timesys.com>
CGIT_DATA_PATH defaults to CGIT_SCRIPT_PATH, but allows users to
install the cgi and the data files in different locations.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When an unknown page is requested, either on the querystring or via
PATH_INFO, we end up with a null-referencing cgit_cmd. This null-
pointer is then used as argument to the hc() function (which decides
what tab to render as 'active'), but this function failed to check if a
valid cmd was specified and a SEGFAULT would occur. This patch fixes the
issue by introducing a 'fallback-cmd' which specifies what tab to render
as 'active' when no valid cmd is requested.
While at it, we now also keep track of the active repository even if an
invalid cmd was requested since we want to show the error message about
the invalid request in the correct context.
Noticed-by: Robin Redeker <elmex@ta-sa.org>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
In the log interface, there is a toggle link at the top, but it isn't clear
what's being toggled. I've changed it to "Expand" and "Collapse" to make it
clear that you are getting more and less information, respectively.
Signed-off-by: Justin Waters <justin.waters@timesys.com>
Commits are now decorated with a clickable 'label' for each ref pointing
at it, similar to how gitweb and gitk displays commit decorations.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>