about summary refs log tree commit diff
path: root/.gitmodules
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2012-10-27 20:03:41 -0600
committerJason A. Donenfeld <Jason@zx2c4.com>2012-10-27 20:05:50 -0600
commit7ea35f9f8ecf61ab42be9947aae1176ab6e089bd (patch)
treee6639ab10546026d9ff73dd6e9381a5808218ed9 /.gitmodules
parentFix man page typo. (diff)
downloadcgit-pink-7ea35f9f8ecf61ab42be9947aae1176ab6e089bd.tar.gz
cgit-pink-7ea35f9f8ecf61ab42be9947aae1176ab6e089bd.zip
syntax-highlighting.sh: Fix command injection.
By not quoting the argument, an attacker with the ability to add files
to the repository could pass arbitrary arguments to the highlight
command, in particular, the --plug-in argument which can lead to
arbitrary command execution.

This patch adds simple argument quoting.
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-26 16:38:37 +0000


 


 McEnroe


2021-01-12Use hilex for bin HTMLJune McEnroe


2021-01-12Don't output a pre in hilex by defaultJune McEnroe


2021-01-12Move hilex out of hilex directoryJune McEnroe


2021-01-12Consolidate hilex formatters into hilex.cJune McEnroe


2021-01-12Remove hacky tagging from hilexJune McEnroe

God that makes the lexers so much simpler.



2021-01-12Add htagml -iJune McEnroe


2021-01-12Render tag index in HTMLJune McEnroe


2021-01-12Add htagml -xJune McEnroe


2021-01-12Prevent matching the same tag twiceJune McEnroe


2021-01-12Process htagml file line by lineJune McEnroe

This simplifies some things, adds support for line number tag
definitions, and should enable combining htagml with other preprocessors
in the future.



2021-01-12Split fields by tab onlyJune McEnroe

Also don't fail hard on non-forward-search definitions.



2021-01-12List both Makefile and html.sh under README.7June McEnroe


2021-01-12Add htagml exampleJune McEnroe


2021-01-12Use mandoc and htagml for bin htmlJune McEnroe


2021-01-12Add htagmlJune McEnroe


2021-01-12Replace causal.agency with a simple mdoc pageJune McEnroe


2021-01-11Publish "Using vi"June McEnroe


2021-01-11Enable diff.colorMovedJune McEnroe


2021-01-10Set less search case-insensitiveJune McEnroe


2021-01-10Set EXINITJune McEnroe

neovim is laggy as hell in my OpenBSD VM, so I switched to vi so I
could type without getting frustrated.



2021-01-09Add c -t flag to print expression typeJune McEnroe

Also add missing float case.



2021-01-05Update taglineJune McEnroe