diff options
| author | Junio C Hamano <gitster@pobox.com> | 2012-03-12 15:45:57 -0700 | 
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2012-03-12 15:45:58 -0700 | 
| commit | f629c233e6dd72924ed2672db142708b71dc663e (patch) | |
| tree | 278174a5628b3e30efaea6491d883e1cc596352f /gitweb/gitweb.perl | |
| parent | b91a13bbdca0095b1dc9ffb06bcb5caf4aab56b6 (diff) | |
| parent | e65ceb61cd7d3fabedea8cb545f8c210b48552d4 (diff) | |
| download | git-f629c233e6dd72924ed2672db142708b71dc663e.tar.gz | |
Merge branch 'jn/maint-do-not-match-with-unsanitized-searchtext' into maint
"gitweb" did use quotemeta() to prepare search string when asked to
do a fixed-string project search, but did not use it by mistake and
used the user-supplied string instead.
By Jakub Narebski
* jn/maint-do-not-match-with-unsanitized-searchtext:
  gitweb: Fix fixed string (non-regexp) project search
Diffstat (limited to 'gitweb/gitweb.perl')
| -rwxr-xr-x | gitweb/gitweb.perl | 16 | 
1 files changed, 8 insertions, 8 deletions
| diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 20ace61b6d..b9c33ba31d 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -2978,10 +2978,10 @@ sub filter_forks_from_projects_list {  sub search_projects_list {  	my ($projlist, %opts) = @_;  	my $tagfilter  = $opts{'tagfilter'}; -	my $searchtext = $opts{'searchtext'}; +	my $search_re = $opts{'search_regexp'};  	return @$projlist -		unless ($tagfilter || $searchtext); +		unless ($tagfilter || $search_re);  	my @projects;   PROJECT: @@ -2993,10 +2993,10 @@ sub search_projects_list {  				grep { lc($_) eq lc($tagfilter) } keys %{$pr->{'ctags'}};  		} -		if ($searchtext) { +		if ($search_re) {  			next unless -				$pr->{'path'} =~ /$searchtext/ || -				$pr->{'descr_long'} =~ /$searchtext/; +				$pr->{'path'} =~ /$search_re/ || +				$pr->{'descr_long'} =~ /$search_re/;  		}  		push @projects, $pr; @@ -5291,7 +5291,7 @@ sub git_project_list_body {  	my $show_ctags  = gitweb_check_feature('ctags');  	my $tagfilter = $show_ctags ? $input_params{'ctag'} : undef;  	$check_forks = undef -		if ($tagfilter || $searchtext); +		if ($tagfilter || $search_regexp);  	# filtering out forks before filling info allows to do less work  	@projects = filter_forks_from_projects_list(\@projects) @@ -5299,9 +5299,9 @@ sub git_project_list_body {  	@projects = fill_project_list_info(\@projects);  	# searching projects require filling to be run before it  	@projects = search_projects_list(\@projects, -	                                 'searchtext' => $searchtext, +	                                 'search_regexp' => $search_regexp,  	                                 'tagfilter'  => $tagfilter) -		if ($tagfilter || $searchtext); +		if ($tagfilter || $search_regexp);  	$order ||= $default_projects_order;  	$from = 0 unless defined $from; | 
