about summary refs log tree commit diff
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-07-14 05:09:27 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2018-07-14 05:09:27 +0200
commit93a2c3305190ca87cc1a6c98868c251ef67c3f37 (patch)
tree9d38211667459409b313c223086439b01489e440
parentauth-filters: do not use HMAC-SHA1 (diff)
downloadcgit-pink-93a2c3305190ca87cc1a6c98868c251ef67c3f37.tar.gz
cgit-pink-93a2c3305190ca87cc1a6c98868c251ef67c3f37.zip
auth-filter: do not write more than we've read
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to '')
-rw-r--r--cgit.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/cgit.c b/cgit.c
index e2d7891..fda0aa4 100644
--- a/cgit.c
+++ b/cgit.c
@@ -659,13 +659,13 @@ static inline void open_auth_filter(const char *function)
 static inline void authenticate_post(void)
 {
 	char buffer[MAX_AUTHENTICATION_POST_BYTES];
-	unsigned int len;
+	ssize_t len;
 
 	open_auth_filter("authenticate-post");
 	len = ctx.env.content_length;
 	if (len > MAX_AUTHENTICATION_POST_BYTES)
 		len = MAX_AUTHENTICATION_POST_BYTES;
-	if (read(STDIN_FILENO, buffer, len) < 0)
+	if ((len = read(STDIN_FILENO, buffer, len)) < 0)
 		die_errno("Could not read POST from stdin");
 	if (write(STDOUT_FILENO, buffer, len) < 0)
 		die_errno("Could not write POST to stdout");
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-30 12:13:15 +0000
class='logmsg'> 2020-12-05Handle const strings in c -eJune McEnroe 2020-12-05Disable mouse in htopJune McEnroe I feel like this option is new, otherwise I would have unset it before. 2020-12-03Note lack of macro expansions in Q(...)June McEnroe 2020-12-02Fix missing "to" in "hot tips"June McEnroe 2020-12-02Publish "hot tips"June McEnroe 2020-11-26Publish "Inability"June McEnroe I don't know, it's something. 2020-11-26Render content into atom feedJune McEnroe And fix some atom lints. 2020-11-26Update plan with different things I won't doJune McEnroe 2020-11-19Add "Come On Petunia"June McEnroe 2020-11-13Add x4 to LESSJune McEnroe 2020-11-04Remove modified sensitivity settingsJune McEnroe 2020-10-29Remove editJune McEnroe 2020-10-27Switch gr alias back to git rebaseJune McEnroe I always type out git reset and sometimes still expect gr to be rebase... Never got used to it I guess. 2020-10-27Allow cd host: to cd to same path over sshJune McEnroe 2020-10-27Use SendEnv for cd host:pathJune McEnroe Works properly for weird paths, etc. 2020-10-27Allow cd host:path over sshJune McEnroe Requires AcceptEnv SSH_CD in the remote sshd_config. 2020-10-07Use mandoc -T utf8 for text.June McEnroe Don't depend on LANG being set. 2020-09-20Add The Awakened KingdomJune McEnroe A cute extra novella. Finally finished this series. 2020-09-12Move /opt/local back, cheat port select to use system manJune McEnroe This is not really how you're supposed to use the select system, I don't think, since the mandoc package actually creates those files, but it does work. This lets me actually use the git installed by MacPorts. 2020-09-12Move /opt/local behind /usr againJune McEnroe The reason I did this with pkgsrc was because I actually don't want the man(1) from mandoc, since it won't follow MANSECT. Same applies to MacPorts. I wish I could disable its man(1) with a variant or whatever. 2020-09-12Enable toc in cgit renderings of man pagesJune McEnroe But keep it disabled for READMEs since they always use non-standard sections and the TOC is just distracting there, I think. Also add the style so its h1 is the same size as the ones inside sections... 2020-09-11Install mandoc on macOSJune McEnroe 2020-09-11Rewrite install script yet againJune McEnroe 2020-09-11Remove NetBSD from install scriptJune McEnroe I never use it. 2020-09-11Use MacPorts rather than pkgsrcJune McEnroe My system is probably such a mess now... 2020-09-11Add debian VM name to sshJune McEnroe 2020-09-11Add influencer tweetJune McEnroe 2020-09-10Add The Kingdom of GodsJune McEnroe Reading has really slowed down :( 2020-09-07Add SunglassesJune McEnroe An IRC find. 2020-09-06Add Between the BreathsJune McEnroe One of those good songs from a soundtrack of a film that probably isn't? The summary sounds a lot more interesting than the title implies, at least. 2020-09-04Open /dev/tty in nudgeJune McEnroe This makes it work even when it's run connected to a pipe, i.e. as the notify command of catgirl... 2020-09-04Add nudgeJune McEnroe 2020-09-03Build fbclock with -lzJune McEnroe I guess this got lost somewhere, long ago... 2020-08-29Add tweets from retweetsJune McEnroe