From 9cae75d040d9102d4b628ba3c828d95d0251f5c0 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Thu, 21 Jul 2011 03:24:54 +0000 Subject: html.c: avoid out-of-bounds access for url_escape_table This fixes a segfault for me with with -O2 optimization on x86 with gcc (Debian 4.4.5-8) 4.4.5 I can reliably reproduce it with the following parameters when pointed to the git.git repository: PATH_INFO='/git-core.git/diff/' QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8' Signed-off-by: Eric Wong Signed-off-by: Lars Hjemli --- html.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/html.c b/html.c index 24a03a5..5b07aa0 100644 --- a/html.c +++ b/html.c @@ -162,7 +162,7 @@ void html_url_path(const char *txt) { const char *t = txt; while(t && *t){ - int c = *t; + unsigned char c = *t; const char *e = url_escape_table[c]; if (e && c!='+' && c!='&') { html_raw(txt, t - txt); @@ -179,7 +179,7 @@ void html_url_arg(const char *txt) { const char *t = txt; while(t && *t){ - int c = *t; + unsigned char c = *t; const char *e = url_escape_table[c]; if (c == ' ') e = "+"; -- cgit 1.4.1 From 654ebb55d4e436ad145061ffb87111cbfcd88565 Mon Sep 17 00:00:00 2001 From: Lars Hjemli Date: Thu, 21 Jul 2011 14:23:50 +0000 Subject: CGIT 0.9.0.2 Signed-off-by: Lars Hjemli --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f6d6968..3ddd728 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -CGIT_VERSION = v0.9.0.1 +CGIT_VERSION = v0.9.0.2 CGIT_SCRIPT_NAME = cgit.cgi CGIT_SCRIPT_PATH = /var/www/htdocs/cgit CGIT_DATA_PATH = $(CGIT_SCRIPT_PATH) -- cgit 1.4.1