diff options
author | Eric Wong <e@80x24.org> | 2019-06-04 08:36:18 +0000 |
---|---|---|
committer | Eric Wong <e@80x24.org> | 2019-06-04 10:06:18 +0000 |
commit | b04bdc8cd749dd3dfcc9351b2b47bfdf190b4a3a (patch) | |
tree | fa8f8fa07d4a221e38f9307758c68b5657755d1e /lib/PublicInbox/WWW.pm | |
parent | bbfa42a9ea55b7057c7a6b632f090763c9e7c655 (diff) | |
download | public-inbox-b04bdc8cd749dd3dfcc9351b2b47bfdf190b4a3a.tar.gz |
Don't inadvertantly serve git repos containing non-ASCII digit characters.
Diffstat (limited to 'lib/PublicInbox/WWW.pm')
-rw-r--r-- | lib/PublicInbox/WWW.pm | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/PublicInbox/WWW.pm b/lib/PublicInbox/WWW.pm index 7670224f..b0fad7fe 100644 --- a/lib/PublicInbox/WWW.pm +++ b/lib/PublicInbox/WWW.pm @@ -74,7 +74,8 @@ sub call { my $method = $env->{REQUEST_METHOD}; if ($method eq 'POST') { - if ($path_info =~ m!$INBOX_RE/(?:(\d+)/)?(git-upload-pack)\z!) { + if ($path_info =~ m!$INBOX_RE/(?:([0-9]+)/)? + (git-upload-pack)\z!x) { my ($part, $path) = ($2, $3); return invalid_inbox($ctx, $1) || serve_git($ctx, $part, $path); @@ -97,7 +98,7 @@ sub call { invalid_inbox($ctx, $1) || get_atom($ctx); } elsif ($path_info =~ m!$INBOX_RE/new\.html\z!o) { invalid_inbox($ctx, $1) || get_new($ctx); - } elsif ($path_info =~ m!$INBOX_RE/(?:(\d+)/)? + } elsif ($path_info =~ m!$INBOX_RE/(?:([0-9]+)/)? ($PublicInbox::GitHTTPBackend::ANY)\z!ox) { my ($part, $path) = ($2, $3); invalid_inbox($ctx, $1) || serve_git($ctx, $part, $path); |