about summary refs log tree commit diff
path: root/tests/valgrind/bin
diff options
context:
space:
mode:
authorLukas Fleischer <cgit@cryptocrack.de>2013-03-04 13:25:38 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2013-03-04 20:47:54 -0500
commit59fe348deaa270434f05afc56ca8d13618af9ca9 (patch)
treef9122014182ced8f9b7071c4ef69adfc2d7042fd /tests/valgrind/bin
parentcgit_print_commit(): Free tmp variable (diff)
downloadcgit-pink-59fe348deaa270434f05afc56ca8d13618af9ca9.tar.gz
cgit-pink-59fe348deaa270434f05afc56ca8d13618af9ca9.zip
cgit_print_snapshot_links(): Free prefix variable
Fixes following memory leak seen with "PATH_INFO=/cgit/commit/":

    ==16894== 12 bytes in 1 blocks are definitely lost in loss record 9 of 92
    ==16894==    at 0x4C2C04B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==16894==    by 0x56F2DF1: strdup (in /usr/lib/libc-2.17.so)
    ==16894==    by 0x46CAC8: xstrdup (wrapper.c:35)
    ==16894==    by 0x414E34: cgit_print_snapshot_links (ui-shared.c:926)
    ==16894==    by 0x40CFA1: cgit_print_commit (ui-commit.c:102)
    ==16894==    by 0x407B06: commit_fn (cmd.c:54)
    ==16894==    by 0x405E16: process_request (cgit.c:574)
    ==16894==    by 0x4074C8: cache_process (cache.c:322)
    ==16894==    by 0x406C4F: main (cgit.c:872)

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Diffstat (limited to 'tests/valgrind/bin')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-05-17 11:09:41 +0000


 


no longer needed since the context is always read from the
global context variable.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>



2014-01-16auth: have cgit calculate login addressJason A. Donenfeld

This way we're sure to use virtual root, or any other strangeness
encountered.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>



2014-01-16auth: lua string comparisons are time invariantJason A. Donenfeld

By default, strings are compared by hash, so we can remove this comment.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>



2014-01-16authentication: use hidden form instead of refererJason A. Donenfeld

This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>



2014-01-16auth: add basic authentication filter frameworkJason A. Donenfeld

This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>



2014-01-16t0111: Additions and fixesLukas Fleischer

* Rename the capitalize-* filters to dump.* since they also dump the
  arguments.

* Add full argument validation to the email filters.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>



2014-01-16parsing.c: Remove leading space from committerLukas Fleischer