diff options
Diffstat (limited to 'gitweb')
| -rwxr-xr-x | gitweb/gitweb.perl | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 01c13183cb..cd98888a93 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -1081,7 +1081,16 @@ sub evaluate_and_validate_params { if (length($searchtext) < 2) { die_error(403, "At least two characters are required for search parameter"); } - $search_regexp = $search_use_regexp ? $searchtext : quotemeta $searchtext; + if ($search_use_regexp) { + $search_regexp = $searchtext; + if (!eval { qr/$search_regexp/; 1; }) { + (my $error = $@) =~ s/ at \S+ line \d+.*\n?//; + die_error(400, "Invalid search regexp '$search_regexp'", + esc_html($error)); + } + } else { + $search_regexp = quotemeta $searchtext; + } } } @@ -5247,7 +5256,7 @@ sub git_patchset_body { # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . sub git_project_search_form { - my ($searchtext, $search_use_regexp); + my ($searchtext, $search_use_regexp) = @_; my $limit = ''; if ($project_filter) { @@ -5762,7 +5771,7 @@ sub git_tags_body { sub git_heads_body { # uses global variable $project - my ($headlist, $head, $from, $to, $extra) = @_; + my ($headlist, $head_at, $from, $to, $extra) = @_; $from = 0 unless defined $from; $to = $#{$headlist} if (!defined $to || $#{$headlist} < $to); @@ -5771,7 +5780,7 @@ sub git_heads_body { for (my $i = $from; $i <= $to; $i++) { my $entry = $headlist->[$i]; my %ref = %$entry; - my $curr = $ref{'id'} eq $head; + my $curr = defined $head_at && $ref{'id'} eq $head_at; if ($alternate) { print "<tr class=\"dark\">\n"; } else { @@ -6044,9 +6053,10 @@ sub git_search_files { my $alternate = 1; my $matches = 0; my $lastfile = ''; + my $file_href; while (my $line = <$fd>) { chomp $line; - my ($file, $file_href, $lno, $ltext, $binary); + my ($file, $lno, $ltext, $binary); last if ($matches++ > 1000); if ($line =~ /^Binary file (.+) matches$/) { $file = $1; |