[PATCH] Disallow downloading disabled snapshot formats

John Keeping john at keeping.me.uk
Fri Jan 10 15:50:14 CET 2014


On Fri, Jan 10, 2014 at 03:38:06PM +0100, Lukas Fleischer wrote:
> We did only display enabled snapshot formats but we did not prevent from
> downloading disabled formats when requested. Fix this by adding an
> appropriate check.
> 
> Also, add a test case that checks whether downloading disabled snapshot
> formats is denied, as expected.
> 
> Signed-off-by: Lukas Fleischer <cgit at cryptocrack.de>
> ---
>  tests/t0107-snapshot.sh | 5 +++++
>  ui-snapshot.c           | 2 +-
>  2 files changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/tests/t0107-snapshot.sh b/tests/t0107-snapshot.sh
> index 6cf7aaa..01e8d22 100755
> --- a/tests/t0107-snapshot.sh
> +++ b/tests/t0107-snapshot.sh
> @@ -79,4 +79,9 @@ test_expect_success UNZIP 'verify unzipped file-5' '
>  	test_line_count = 1 master/file-5
>  '
>  
> +test_expect_success 'try to download a disabled snapshot format' '
> +	cgit_url "foo/snapshot/master.tar.xz" |
> +	grep "Unsupported snapshot format"

I really dislike seeing pipes in the test suite.  Can we redirect to
file instead and then grep the file?  This helps ensure that the exit
code from CGit is correct (I don't know if we expect it to be zero or
non-zero here, but if the latter then at least test_must_fail checks
that the process didn't segfault - I suspect it should be zero though).

> +'
> +
>  test_done
> diff --git a/ui-snapshot.c b/ui-snapshot.c
> index 8f82119..ab20a4a 100644
> --- a/ui-snapshot.c
> +++ b/ui-snapshot.c
> @@ -205,7 +205,7 @@ void cgit_print_snapshot(const char *head, const char *hex,
>  	}
>  
>  	f = get_format(filename);
> -	if (!f) {
> +	if (!f || (snapshots & f->bit) == 0) {
>  		show_error("Unsupported snapshot format: %s", filename);
>  		return;
>  	}


More information about the CGit mailing list