1
0
mirror of https://gitea.quitesimple.org/crtxcr/cgitsb synced 2024-11-23 00:12:10 +01:00

ui-shared: don't print path crumbs without a repo

cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo
is non-null.  Currently we don't have any commands that set want_vpath
without also setting want_repo so it shouldn't be possible to fail this
test, but the check in cgit.c is in the wrong order so it is possible to
specify a query string like "?p=log&path=foo/bar" to end up here without
a valid repository.

This was found by American fuzzy lop [0].

[0] http://lcamtuf.coredump.cx/afl/

Signed-off-by: John Keeping <john@keeping.me.uk>
This commit is contained in:
John Keeping 2017-02-19 12:27:48 +00:00 committed by Jason A. Donenfeld
parent 6d3c8bc37f
commit 1b4ef6783a

@ -1039,7 +1039,7 @@ void cgit_print_pageheader(void)
free(currenturl);
}
html("</td></tr></table>\n");
if (ctx.env.authenticated && ctx.qry.vpath) {
if (ctx.env.authenticated && ctx.repo && ctx.qry.vpath) {
html("<div class='path'>");
html("path: ");
cgit_print_path_crumbs(ctx.qry.vpath);