diff options
Diffstat (limited to 'app/models/repository.rb')
| -rw-r--r-- | app/models/repository.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/app/models/repository.rb b/app/models/repository.rb index 2ffd9558ebc..a67bb7294e6 100644 --- a/app/models/repository.rb +++ b/app/models/repository.rb @@ -938,9 +938,11 @@ class Repository end def search_files_by_name(query, ref) - return [] if empty? || query.blank? + safe_query = Regexp.escape(query.sub(/^\/*/, "")) + + return [] if empty? || safe_query.blank? - args = %W(ls-tree --full-tree -r #{ref || root_ref} --name-status | #{Regexp.escape(query)}) + args = %W(ls-tree --full-tree -r #{ref || root_ref} --name-status | #{safe_query}) run_git(args).first.lines.map(&:strip) end |