summary refs log tree commit diff
path: root/.gitignore
diff options
context:
space:
mode:
authorKlemens Nanni <klemens@posteo.de>2021-06-11 12:30:58 +0000
committerJune McEnroe <june@causal.agency>2021-06-11 20:57:40 -0400
commitcdd4ccf16ff6ccc202d3422fcd0ec7ca9f3a8229 (patch)
tree3e8134723ecc031075b8ae8991ba2322518d4218 /.gitignore
parentRename file to saveFile (diff)
downloadcatgirl-cdd4ccf16ff6ccc202d3422fcd0ec7ca9f3a8229.tar.gz
catgirl-cdd4ccf16ff6ccc202d3422fcd0ec7ca9f3a8229.zip
Open save file once in uiLoad() and keep it open until uiSave()
Opening the same file *path* twice is a TOCTOU, although not a critical
one: worst case we load from one file and save to another - the impact
depends on how and when catgirl is started the next anyway.

More importantly, keeping the file handle open at runtime allows us to
drop all filesystem related promises for `-s/save' on OpenBSD.

uiLoad() now opens "r+", meaning "Open for reading and writing." up
front so uiSave() can write to it.  In the case of a nonexistent save
file, it now opens with "w" meaning "Open for writing.  The file is
created if it does not exist.", i.e. the same write/create semantics as
"w" except uiLoad() no longer truncates. existing files.

uiSave() now truncates the save file to avoid appending in general.
Diffstat (limited to '.gitignore')
0 files changed, 0 insertions, 0 deletions
ogheader'>2014-01-14filter: return on null filter from open and closeJason A. Donenfeld So that we don't have to include the if(filter) open_filter(filter) block everywhere, we introduce the guard in the function itself. This should simplify quite a bit of code. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-14filter: add lua supportJason A. Donenfeld Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-14filter: basic write hooking infrastructureJason A. Donenfeld Filters can now call hook_write and unhook_write if they want to redirect writing to stdout to a different function. This saves us from potential file descriptor pipes and other less efficient mechanisms. We do this instead of replacing the call in html_raw because some places stdlib's printf functions are used (ui-patch or within git itself), which has its own internal buffering, which makes it difficult to interlace our function calls. So, we dlsym libc's write and then override it in the link stage. While we're at it, we move considerations of argument count into the generic new filter handler. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-14filter: allow for cleanup hook for filter typesJason A. Donenfeld At some point, we're going to want to do lazy deallocation of filters. For example, if we implement lua, we'll want to load the lua runtime once for each filter, even if that filter is called many times. Similarly, for persistent exec filters, we'll want to load it once, despite many open_filter and close_filter calls, and only reap the child process at the end of the cgit process. For this reason, we add here a cleanup function that is called at the end of cgit's main(). Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-14filter: introduce "filter type" prefixJohn Keeping This allows different filter implementations to be specified in the configuration file. Currently only "exec" is supported, but it may now be specified either with or without the "exec:" prefix. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-14filter: add interface layerJohn Keeping Change the existing cgit_{open,close,fprintf}_filter functions to delegate to filter-specific implementations accessed via function pointers on the cgit_filter object. We treat the "exec" filter type slightly specially here by putting its structure definition in the header file and providing an "init" function to set up the function pointers. This is required so that the ui-snapshot.c code that applies a compression filter can continue to use the filter interface to do so. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-14filter: add fprintf_filter functionJohn Keeping This stops the code in cgit.c::print_repo needing to inspect the cgit_filter structure, meaning that we can abstract out different filter types that will have different fields that need to be printed. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-14authors: specify maintainersJason A. Donenfeld Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-13filters: Improved syntax-highlighting.pyStefan Tatschner - Switched back to python2 according to a problem in pygments with python3. With the next release of pygments this problem should be fixed. Issue see here: https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3 - Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures that even destroyed files do not cause any errors in the filter. - Improved language guessing: -> At first use guess_lexer_for_filename for a better detection of the used programming languages (even mixed cases will be detected, e.g. php + html). -> If nothing was found look if there is a shebang and use guess_lexer. -> As default/fallback choose TextLexer. Signed-off-by: Stefan Tatschner <stefan@sevenbyte.org> 2014-01-12tests: add CGIT_TEST_OPTS variable to MakefileJohn Keeping This allows running the entire test suite with a set of command-line options. For example: make test CGIT_TEST_OPTS=--valgrind Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12ui-repolist: HTML-escape cgit_rooturl() responseJohn Keeping This is for consistency with other callers. The value returned from cgit_rooturl is not guaranteed to be HTML-safe. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12ui-shared: URL-escape script_nameJohn Keeping As far as I know, there is no requirement that $SCRIPT_NAME contain only URL-safe characters, so we need to make sure that any special characters are escaped. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12ui-refs: escape HTML chars in author and tagger namesJohn Keeping Everywhere else we use html_txt to escape any special characters in these variables. Do so here as well. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12filter: pass extra arguments via cgit_open_filterJohn Keeping This avoids poking into the filter data structure at various points in the code. We rely on the fact that the number of arguments is fixed based on the filter type (set in cgit_new_filter) and that the call sites all know which filter type they're using. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12ui-snapshot: set unused cgit_filter fields to zeroJohn Keeping By switching the assignment of fields in the cgit_filter structure to use designated initializers, the compiler will initialize all other fields to their default value. This will be needed when we add the extra_args field in the next patch. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12html: remove redundant htmlfd variableJohn Keeping This is never changed from STDOUT_FILENO, so just use that value directly. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12tests: add Valgrind supportJohn Keeping Now running tests with the "--valgrind" option will run cgit under Valgrind instead of all Git commands. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-12cache: don't leave cache_slot fields uninitializedJohn Keeping Valgrind says: ==18344== Conditional jump or move depends on uninitialised value(s) ==18344== at 0x406C83: open_slot (cache.c:63) ==18344== by 0x407478: cache_ls (cache.c:403) ==18344== by 0x404C9A: process_request (cgit.c:639) ==18344== by 0x406BD2: fill_slot (cache.c:190) ==18344== by 0x4071A0: cache_process (cache.c:284) ==18344== by 0x404461: main (cgit.c:952) ==18344== Uninitialised value was created by a stack allocation ==18344== at 0x40738B: cache_ls (cache.c:375) This is caused by the keylen field being used to calculate whether or not a slot is matched. We never then check the value of this and the length of data read depends on the key length read from the file so this isn't dangerous, but it's nice to avoid branching based on uninitialized data. Signed-off-by: John Keeping <john@keeping.me.uk> 2014-01-10filter: split filter functions into their own fileJason A. Donenfeld A first step for more interesting things. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-10filter: make exit status localJason A. Donenfeld It's only used in one place, and not useful to have around since close_filter will die() if exit_status isn't what it expects, anyway. So this is best as just a local variable instead of as part of the struct. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-10parsing: fix header typoJason A. Donenfeld 2014-01-10cgit.c: Fix comment on bit mask hackLukas Fleischer * Formatting and spelling fixes. * A bit mask with the size of one byte only allows for storing 8 (not 255!) different flags. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-10cgit.c: Use "else" for mutually exclusive branchesLukas Fleischer When parsing command line arguments, no pair of command line options can ever match simultaneously. Use "else if" blocks to reflect this. This change improves both readability and speed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-10ui-snapshot.c: Do not reinvent suffixcmp()Lukas Fleischer Use suffixcmp() from Git instead of reimplementing it. This is a preparation for moving to ends_with() in Git 1.8.6. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-10Refactor cgit_parse_snapshots_mask()Lukas Fleischer Use Git string lists instead of str{spn,cspn,ncmp}() magic. This significantly improves readability. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-10Disallow use of undocumented snapshot delimitersLukas Fleischer Since the introduction of selective snapshot format configuration in dc3c9b5 (allow selective enabling of snapshots, 2007-07-21), we allowed seven different delimiters for snapshot formats, while the documentation has always been clear about spaces being the only valid delimiter: The value is a space-separated list of zero or more of the values "tar", "tar.gz", "tar.bz2", "tar.xz" and "zip". Supporting the undocumented delimiters makes the code unnecessarily complex. Remove them. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-10Replace most uses of strncmp() with prefixcmp()Lukas Fleischer This is a preparation for replacing all prefix checks with either strip_prefix() or starts_with() when Git 1.8.6 is released. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-09README: Fix dependenciesLukas Fleischer * Remove the dependency on Git (which can be obtained automatically when building, using either the Git submodule or `make get-git`). * Use proper upstream names of dependencies. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-08README: Spelling and formatting fixesLukas Fleischer * Several small spelling and capitalization fixes. * Use consistent and better-looking formatting that is compatible with AsciiDoc (and partly compatible with RST). Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-08Fix UTF-8 with syntax-highlighting.pyPřemysl Janouch Previously the script tried to encode output from Pygments with the ASCII codec, which failed. Signed-off-by: Přemysl Janouch <p.janouch@gmail.com> 2014-01-08Add a suggestion to the manpagePřemysl Janouch So that people wishing to use "enable-http-clone" don't have to find out the correct settings on their own. Signed-off-by: Přemysl Janouch <p.janouch@gmail.com> 2014-01-08Fix the example configurationPřemysl Janouch "enable-git-clone" doesn't exist, replaced with "enable-http-clone". Signed-off-by: Přemysl Janouch <p.janouch@gmail.com> 2014-01-08Fix about-formatting.shPřemysl Janouch dash failed to parse the script. Signed-off-by: Přemysl Janouch <p.janouch@gmail.com> 2014-01-08Fix some spelling errorsPřemysl Janouch Signed-off-by: Přemysl Janouch <p.janouch@gmail.com> 2014-01-08filters: highlight.sh: add css comments for highlight 2.6 and 3.8Ferry Huberts