Fixes project denial of service via gitmodules using Extended ASCII.34259-project-denial-of-service-via-gitmodules-fix

author: Tiago Botelho <tiagonbotelho@hotmail.com> 2017-09-15 15:28:41 +0100
committer: Tiago Botelho <tiagonbotelho@hotmail.com> 2017-09-15 17:30:55 +0100
commit: 0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb (patch)
tree: 073dba598e04de1301be2261e9be17ce5c61e019 /app
parent: 5d3f7b133fba9bba876da5ef13c630320a920e3f (diff)
download: gitlab-ce-0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb.tar.gz
1 files changed, 8 insertions, 4 deletions
diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index 88f7702db1e..40d69e30188 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -87,10 +87,14 @@ module SubmoduleHelper
       namespace = @project.namespace.full_path
     end
 
-    [
-      namespace_project_path(namespace, base),
-      namespace_project_tree_path(namespace, base, commit)
-    ]
+    begin
+      [
+        namespace_project_path(namespace, base),
+        namespace_project_tree_path(namespace, base, commit)
+      ]
+    rescue ActionController::UrlGenerationError
+      [nil, nil]
+    end
   end
 
   def sanitize_submodule_url(url)
author	Tiago Botelho <tiagonbotelho@hotmail.com>	2017-09-15 15:28:41 +0100
committer	Tiago Botelho <tiagonbotelho@hotmail.com>	2017-09-15 17:30:55 +0100
commit	0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb (patch)
tree	073dba598e04de1301be2261e9be17ce5c61e019 /app
parent	5d3f7b133fba9bba876da5ef13c630320a920e3f (diff)
download	gitlab-ce-0169dd7f6f82bc91635a3d8ddfa8bd4b6a98f2eb.tar.gz