Hello community, here is the log from the commit of package cgit.1853 for openSUSE:12.2:Update checked in at 2013-07-17 10:57:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/cgit.1853 (Old) and /work/SRC/openSUSE:12.2:Update/.cgit.1853.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cgit.1853" Changes: -------- New Changes file: --- /dev/null 2013-07-15 01:04:09.588030756 +0200 +++ /work/SRC/openSUSE:12.2:Update/.cgit.1853.new/cgit.changes 2013-07-17 10:58:00.000000000 +0200 @@ -0,0 +1,173 @@ +------------------------------------------------------------------- +Fri Jul 5 17:06:23 CEST 2013 - [email protected] + +- cgit-CVE-2013-2117-disallow-directory-traversal.patch: + Fix cgit: remote file disclosure flaw (CVE-2013-2117, + bnc#822166) + +------------------------------------------------------------------- +Mon Oct 29 11:45:50 CET 2012 - [email protected] + +- cgit-CVE-2012-4548-fix.diff: + Fix VUL-0: cgit: arbitrary code / command execution via + improperly quoted arguments (CVE-2012-4548, bnc#787074) + +------------------------------------------------------------------- +Wed Oct 10 15:24:59 CEST 2012 - [email protected] + +- cgit-CVE-2012-4465-fix.diff: + Fix VUL-0: specially-crafted commits can trigger a heap-based + buffer overflow (CVE-2012-4465, bnc#783012) + +------------------------------------------------------------------- +Mon Feb 13 10:44:54 UTC 2012 - [email protected] + +- patch license to follow spdx.org standard + +------------------------------------------------------------------- +Mon Nov 28 14:04:00 CET 2011 - [email protected] + +- Add patch cgit-fix-more-read_tree_recursive-invocations.diff: + + There are more incorrect invocations of read_tree_recursive(), + one example can be seen when visiting one of the 'plain' links + in the tree view (contents of the wrong file are shown). + + This time I did what I should have done last time and checked + and adjusted all invocations of read_tree_recursive(). + +------------------------------------------------------------------- +Tue Nov 22 09:24:35 UTC 2011 - [email protected] + +- Add patch cgit-fix-print-tree.diff: + The cgit build fix with respect to git-1.7.6 is incomplete: in + the file ui-tree.c ls_tree() has been patched to use pathspec + when invoking read_tree_recursive(), but cgit_print_tree() has + no t been touched. + + The resulting problem can be seen when browsing the tree of a cgit + repository: when you "drill down" into subfolders, parts of the + parent folder's contents will appear in the listing. + + This patch adjusts cgit_print_tree() accordingly, which fixes the problem. + +------------------------------------------------------------------- +Fri Oct 14 10:13:03 CEST 2011 - [email protected] + +- split from OBS git repo to an individual repo (since cgit-0.9 + doesn't build with git-1.7.7) +- merged fixes in git repo back to cgit repo +- updated to git 1.7.6.4 + +------------------------------------------------------------------- +Wed Aug 3 21:35:48 UTC 2011 - [email protected] + +- updated to cgit 0.9.0.2 +- fixed potential XSS vulnerability in rename hint +- fixed a segfault with git 1.7.6 + +------------------------------------------------------------------- +Mon Jun 27 18:22:11 CEST 2011 - [email protected] + +- updated to git 1.7.6: see git changelog for more details + +------------------------------------------------------------------- +Mon Jun 6 16:03:34 CEST 2011 - [email protected] + +- updated to git 1.7.5.4: see git changelog for more details + +------------------------------------------------------------------- +Mon Jun 6 12:24:02 CEST 2011 - [email protected] + +- Fix incompatibilies with git 1.7.5.x to build cgit again + +------------------------------------------------------------------- +Wed Jun 1 12:41:12 UTC 2011 - [email protected] + +- Do not buildrequire git, the package builds it's own git and the + buildrequires line only makes backporting harder. + +------------------------------------------------------------------- +Fri May 27 11:54:43 CEST 2011 - [email protected] + +- updated git 1.7.5.3: + See git changelog for more details + +------------------------------------------------------------------- +Mon Mar 28 18:26:17 CEST 2011 - [email protected] + +- updated to git 1.7.4.2: + documentation updates, small bug fixes; + see included Documentation/RelNotes/1.7.4.2.txt +- updated to cgit 0.9: + major updates; using git-1.7.4.x + +------------------------------------------------------------------- +Fri Dec 17 17:51:32 CET 2010 - [email protected] + +- updated to git 1.7.3.3: + In addition to the usual fixes, this release also includes + support for the new "add.ignoreErrors" name given to the + existing "add.ignore-errors" configuration variable. +- updated to git 1.7.3.4: + Among many fixes since v1.7.3.3, it contains a fix to a recently + discovered XSS vulnerability in Gitweb (CVE 2010-3906) + +------------------------------------------------------------------- +Thu Sep 30 08:21:27 CEST 2010 - [email protected] + +- updated to git 1.7.3: + major version update; new options and behavior for git-rebase, + git-clean, git-checkout, git-gui. + See release note: + http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.3.txt +- updated to git 1.7.3.1: + fix git-stash breakages +- Set NO_CROSS_DIRECTORY_HARDLINKS=1 to satisfy BS + +------------------------------------------------------------------- +Fri Aug 20 17:41:32 CEST 2010 - [email protected] + +- fixed more segfaults in cgit. + +------------------------------------------------------------------- +Fri Aug 20 16:29:03 CEST 2010 - [email protected] + +- fix cgit segfault when using git > 1.7 +- update to version 0.8.3.3 +- get debuginfo working, don't strip binaries. + +------------------------------------------------------------------- +Fri Aug 20 10:02:44 CEST 2010 - [email protected] + +- updated to git 1.7.2.2 + +------------------------------------------------------------------- +Thu Jul 29 13:52:36 CEST 2010 - [email protected] + +- fix missing link with libpthread + +------------------------------------------------------------------- +Thu Jul 29 13:43:28 CEST 2010 - [email protected] + +- updated to git 1.7.2.1: minor fixes for git-instaweb, git-web, + git-config. See release note: + http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.1.txt + +------------------------------------------------------------------- +Thu Jul 22 12:19:02 CEST 2010 - [email protected] + +- updated to git 1.7.2: mostly bug fixes and small enhancements; + see the release note: + http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.7.2.txt +- gitweb stuff is moved to /usr/share/gitweb + +------------------------------------------------------------------- +Sun Apr 25 18:29:34 UTC 2010 - [email protected] + +- Build against version 1.7.0.3 of git instead of 1.6.4.3. + +------------------------------------------------------------------- +Fri Feb 5 16:37:58 UTC 2010 - [email protected] + +- Initial release, version 0.8.3.1 New: ---- cgit-0.9.0.2.tar.bz2 cgit-CVE-2011-2711-fix.diff cgit-CVE-2012-4465-fix.diff cgit-CVE-2012-4548-fix.diff cgit-CVE-2013-2117-disallow-directory-traversal.patch cgit-fix-more-read_tree_recursive-invocations.diff cgit-fix-print-tree.diff cgit-git-1.7.6_build_fix.patch cgit-optflags.diff cgit.changes cgit.spec cgitrc git-1.7.6.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cgit.spec ++++++ # # spec file for package cgit # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define git_version 1.7.6.4 Name: cgit Url: http://hjemli.net/git/cgit/ Version: 0.9.0.2 Release: 0 Summary: A web frontend for git repositories License: GPL-2.0 Group: Development/Libraries/C and C++ Source0: %{name}-%{version}.tar.bz2 Source1: git-%{git_version}.tar.gz Source2: cgitrc Patch: cgit-optflags.diff Patch1: cgit-git-1.7.6_build_fix.patch Patch2: cgit-CVE-2011-2711-fix.diff Patch3: cgit-fix-print-tree.diff Patch4: cgit-fix-more-read_tree_recursive-invocations.diff Patch5: cgit-CVE-2012-4465-fix.diff Patch6: cgit-CVE-2012-4548-fix.diff Patch7: cgit-CVE-2013-2117-disallow-directory-traversal.patch # Requirements for cgit BuildRequires: gnu-crypto BuildRequires: libopenssl-devel BuildRequires: libzip-devel # Requirements for cgitrc man page generation BuildRequires: asciidoc BuildRequires: libxslt BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This is an attempt to create a fast web interface for the git scm, using a builtin cache to decrease server io-pressure. Authors: -------- Lars Hjemli ([email protected]) %prep %setup -q %setup -q -T -D -a 1 %patch -p1 %patch1 -p1 %patch2 -p1 %patch3 %patch4 %patch5 -p1 %patch6 -p1 %patch7 -p1 rm -rf git mv git-%{git_version} git %build make V=1 %install make install DESTDIR="%{buildroot}" CGIT_SCRIPT_PATH=/srv/www/htdocs/cgit make install-man DESTDIR="%{buildroot}" mkdir -p "%{buildroot}"/srv/www/cgi-bin/cgit/ mv "%{buildroot}"/srv/www/{htdocs,cgi-bin}/cgit/cgit.cgi mkdir -p "%{buildroot}"/etc cp %{SOURCE2} "%{buildroot}"/etc/cgitrc %clean rm -rf %{buildroot} %files %defattr(-,root,root) %doc README COPYING %doc %{_mandir}/man5/cgitrc.5.gz %dir /srv/www/htdocs/cgit %dir /srv/www/cgi-bin/cgit /srv/www/cgi-bin/cgit/cgit.cgi /srv/www/htdocs/cgit/cgit.css /srv/www/htdocs/cgit/cgit.png /usr/lib/cgit %config(noreplace) /etc/cgitrc %changelog ++++++ cgit-CVE-2011-2711-fix.diff ++++++ >From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer <[email protected]> Date: Fri, 22 Jul 2011 11:47:19 +0000 Subject: Fix potential XSS vulnerability in rename hint The file name displayed in the rename hint should be escaped to avoid XSS. Note that this vulnerability is only applicable when an attacker has gained push access to the repository. Signed-off-by: Lukas Fleischer <[email protected]> Signed-off-by: Lars Hjemli <[email protected]> --- --- ui-diff.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) --- a/ui-diff.c +++ b/ui-diff.c @@ -97,10 +97,12 @@ htmlf("</td><td class='%s'>", class); cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1, ctx.qry.sha2, info->new_path, 0); - if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) - htmlf(" (%s from %s)", - info->status == DIFF_STATUS_COPIED ? "copied" : "renamed", - info->old_path); + if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) { + htmlf(" (%s from ", + info->status == DIFF_STATUS_COPIED ? "copied" : "renamed"); + html_txt(info->old_path); + html(")"); + } html("</td><td class='right'>"); if (info->binary) { htmlf("bin</td><td class='graph'>%ld -> %ld bytes", ++++++ cgit-CVE-2012-4465-fix.diff ++++++ >From 7757d1b046ecb67b830151d20715c658867df1ec Mon Sep 17 00:00:00 2001 From: Jim Meyering <[email protected]> Date: Mon, 23 Apr 2012 20:06:35 +0000 Subject: do not write outside heap buffer * parsing.c (substr): Handle tail < head. This started when I noticed some cgit segfaults on savannah.gnu.org. Finding the offending URL/commit and then constructing a stand-alone reproducer were far more time-consuming than writing the actual patch. The problem arises with a commit like this, in which the user name part of the "Author" field is empty: $ git log -1 commit 6f3f41d73393278f3ede68a2cb1e7a2a23fa3421 Author: <T at h.or> Date: Mon Apr 23 22:29:16 2012 +0200 Here's what happens: (this is due to buf=malloc(0); strncpy (buf, head, -1); where "head" may point to plenty of attacker-specified non-NUL bytes, so we can overwrite a zero-length heap buffer with arbitrary data) Invalid write of size 1 at 0x4A09361: strncpy (mc_replace_strmem.c:463) by 0x408977: substr (parsing.c:61) by 0x4089EF: parse_user (parsing.c:73) by 0x408D10: cgit_parse_commit (parsing.c:153) by 0x40A540: cgit_mk_refinfo (shared.c:171) by 0x40A581: cgit_refs_cb (shared.c:181) by 0x43DEB3: do_for_each_ref (refs.c:690) by 0x41075E: cgit_print_branches (ui-refs.c:191) by 0x416EF2: cgit_print_summary (ui-summary.c:56) by 0x40780A: summary_fn (cmd.c:120) by 0x40667A: process_request (cgit.c:544) by 0x404078: cache_process (cache.c:322) Address 0x4c718d0 is 0 bytes after a block of size 0 alloc'd at 0x4A0884D: malloc (vg_replace_malloc.c:263) by 0x455C85: xmalloc (wrapper.c:35) by 0x40894C: substr (parsing.c:60) by 0x4089EF: parse_user (parsing.c:73) by 0x408D10: cgit_parse_commit (parsing.c:153) by 0x40A540: cgit_mk_refinfo (shared.c:171) by 0x40A581: cgit_refs_cb (shared.c:181) by 0x43DEB3: do_for_each_ref (refs.c:690) by 0x41075E: cgit_print_branches (ui-refs.c:191) by 0x416EF2: cgit_print_summary (ui-summary.c:56) by 0x40780A: summary_fn (cmd.c:120) by 0x40667A: process_request (cgit.c:544) Invalid write of size 1 at 0x4A09400: strncpy (mc_replace_strmem.c:463) by 0x408977: substr (parsing.c:61) by 0x4089EF: parse_user (parsing.c:73) by 0x408D10: cgit_parse_commit (parsing.c:153) by 0x40A540: cgit_mk_refinfo (shared.c:171) by 0x40A581: cgit_refs_cb (shared.c:181) by 0x43DEB3: do_for_each_ref (refs.c:690) by 0x41075E: cgit_print_branches (ui-refs.c:191) by 0x416EF2: cgit_print_summary (ui-summary.c:56) by 0x40780A: summary_fn (cmd.c:120) by 0x40667A: process_request (cgit.c:544) by 0x404078: cache_process (cache.c:322) Address 0x4c7192b is not stack'd, malloc'd or (recently) free'd Invalid write of size 1 at 0x4A0940E: strncpy (mc_replace_strmem.c:463) by 0x408977: substr (parsing.c:61) by 0x4089EF: parse_user (parsing.c:73) by 0x408D10: cgit_parse_commit (parsing.c:153) by 0x40A540: cgit_mk_refinfo (shared.c:171) by 0x40A581: cgit_refs_cb (shared.c:181) by 0x43DEB3: do_for_each_ref (refs.c:690) by 0x41075E: cgit_print_branches (ui-refs.c:191) by 0x416EF2: cgit_print_summary (ui-summary.c:56) by 0x40780A: summary_fn (cmd.c:120) by 0x40667A: process_request (cgit.c:544) by 0x404078: cache_process (cache.c:322) Address 0x4c7192d is not stack'd, malloc'd or (recently) free'd Process terminating with default action of signal 11 (SIGSEGV) Access not within mapped region at address 0x502F000 at 0x4A09400: strncpy (mc_replace_strmem.c:463) by 0x408977: substr (parsing.c:61) by 0x4089EF: parse_user (parsing.c:73) by 0x408D10: cgit_parse_commit (parsing.c:153) by 0x40A540: cgit_mk_refinfo (shared.c:171) by 0x40A581: cgit_refs_cb (shared.c:181) by 0x43DEB3: do_for_each_ref (refs.c:690) by 0x41075E: cgit_print_branches (ui-refs.c:191) by 0x416EF2: cgit_print_summary (ui-summary.c:56) by 0x40780A: summary_fn (cmd.c:120) by 0x40667A: process_request (cgit.c:544) by 0x404078: cache_process (cache.c:322) This happens when tail - head == -1 here: (parsing.c) char *substr(const char *head, const char *tail) { char *buf; buf = xmalloc(tail - head + 1); strncpy(buf, head, tail - head); buf[tail - head] = '\0'; return buf; } char *parse_user(char *t, char **name, char **email, unsigned long *date) { char *p = t; int mode = 1; while (p && *p) { if (mode == 1 && *p == '<') { *name = substr(t, p - 1); t = p; mode++; } else if (mode == 1 && *p == '\n') { The fix is to handle the case of (tail < head) before calling xmalloc, thus avoiding passing an invalid value to xmalloc. And here's the reproducer: It was tricky to reproduce, because git prohibits use of an empty "name" in a commit ID. To construct the offending commit, I had to resort to using "git hash-object". git init -q foo && ( cd foo && echo a > j && git add . && git ci -q --author='au <T at h.or>' -m. . && h=$(git cat-file commit HEAD|sed 's/au //' \ |git hash-object -t commit -w --stdin) && git co -q -b test $h && git br -q -D master && git br -q -m test master) git clone -q --bare foo foo.git cat <<EOF > in repo.url=foo.git repo.path=foo.git EOF CGIT_CONFIG=in QUERY_STRING=url=foo.git valgrind ./cgit The valgrind output is what you see above. AFAICS, this is not exploitable thanks (ironically) to the use of strncpy. Since that -1 translates to SIZE_MAX and this is strncpy, not only does it copy whatever is in "head" (up to first NUL), but it also writes SIZE_MAX - strlen(head) NUL bytes into the destination buffer, and that latter is guaranteed to evoke a segfault. Since cgit is single-threaded, AFAICS, there is no way that the buffer clobbering can be turned into an exploit. --- diff --git a/parsing.c b/parsing.c index 602e3de..1b2a551 100644 --- a/parsing.c +++ b/parsing.c @@ -56,6 +56,8 @@ char *substr(const char *head, const char *tail) { char *buf; + if (tail < head) + return xstrdup(""); buf = xmalloc(tail - head + 1); strncpy(buf, head, tail - head); buf[tail - head] = '\0'; -- cgit v0.9.0.3-79-g88f8 ++++++ cgit-CVE-2012-4548-fix.diff ++++++ >From 7ea35f9f8ecf61ab42be9947aae1176ab6e089bd Mon Sep 17 00:00:00 2001 From: Jason A. Donenfeld <[email protected]> Date: Sun, 28 Oct 2012 02:03:41 +0000 Subject: syntax-highlighting.sh: Fix command injection. By not quoting the argument, an attacker with the ability to add files to the repository could pass arbitrary arguments to the highlight command, in particular, the --plug-in argument which can lead to arbitrary command execution. This patch adds simple argument quoting. --- --- filters/syntax-highlighting.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/filters/syntax-highlighting.sh +++ b/filters/syntax-highlighting.sh @@ -31,4 +31,4 @@ EXTENSION="${BASENAME##*.}" # map Makefile and Makefile.* to .mk [ "${BASENAME%%.*}" == "Makefile" ] && EXTENSION=mk -exec highlight --force -f -I -X -S $EXTENSION 2>/dev/null +exec highlight --force -f -I -X -S "$EXTENSION" 2>/dev/null ++++++ cgit-CVE-2013-2117-disallow-directory-traversal.patch ++++++ >From babf94e04e74123eb658a823213c062663cdadd6 Mon Sep 17 00:00:00 2001 From: Jason A. Donenfeld <[email protected]> Date: Sat, 25 May 2013 17:47:15 +0000 Subject: ui-summary: Disallow directory traversal Using the url= query string, it was possible request arbitrary files from the filesystem if the readme for a given page was set to a filesystem file. The following request would return my /etc/passwd file: http://git.zx2c4.com/?url=/somerepo/about/../../../../etc/passwd http://data.zx2c4.com/cgit-directory-traversal.png This fix uses realpath(3) to canonicalize all paths, and then compares the base components. This fix introduces a subtle timing attack, whereby a client can check whether or not strstr is called using timing measurements in order to determine if a given file exists on the filesystem. This fix also does not account for filesystem race conditions (TOCTOU) in resolving symlinks. Signed-off-by: Jason A. Donenfeld <[email protected]> --- --- ui-summary.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) --- a/ui-summary.c +++ b/ui-summary.c @@ -96,6 +96,7 @@ void cgit_print_repo_readme(char *path) * to the directory containing the configured readme. */ if (path) { + char *resolved_base, *resolved_full; slash = strrchr(ctx.repo->readme, '/'); if (!slash) { if (!colon) @@ -104,7 +105,19 @@ void cgit_print_repo_readme(char *path) } tmp = xmalloc(slash - ctx.repo->readme + 1 + strlen(path) + 1); strncpy(tmp, ctx.repo->readme, slash - ctx.repo->readme + 1); + if (!ref) + resolved_base = realpath(tmp, NULL); strcpy(tmp + (slash - ctx.repo->readme + 1), path); + if (!ref) { + resolved_full = realpath(tmp, NULL); + if (!resolved_base || !resolved_full || + strstr(resolved_full, resolved_base) != resolved_full) { + free(tmp); + return; + } + free(resolved_base); + free(resolved_full); + } } else tmp = ctx.repo->readme; ++++++ cgit-fix-more-read_tree_recursive-invocations.diff ++++++ --- ui-blob.c +++ ui-blob.c @@ -37,11 +37,14 @@ int cgit_print_file(char *path, const char *head) return -1; type = sha1_object_info(sha1, &size); if(type == OBJ_COMMIT && path) { + struct pathspec pathspec; commit = lookup_commit_reference(sha1); match_path = path; matched_sha1 = sha1; found_path = 0; - read_tree_recursive(commit->tree, "", 0, 0, paths, walk_tree, NULL); + init_pathspec(&pathspec, paths); + read_tree_recursive(commit->tree, "", 0, 0, &pathspec, walk_tree, NULL); + free_pathspec(&pathspec); if (!found_path) return -1; type = sha1_object_info(sha1, &size); @@ -80,10 +83,13 @@ void cgit_print_blob(const char *hex, char *path, const char *head) type = sha1_object_info(sha1, &size); if((!hex) && type == OBJ_COMMIT && path) { + struct pathspec pathspec; commit = lookup_commit_reference(sha1); match_path = path; matched_sha1 = sha1; - read_tree_recursive(commit->tree, "", 0, 0, paths, walk_tree, NULL); + init_pathspec(&pathspec, paths); + read_tree_recursive(commit->tree, "", 0, 0, &pathspec, walk_tree, NULL); + free_pathspec(&pathspec); type = sha1_object_info(sha1,&size); } --- ui-plain.c +++ ui-plain.c @@ -145,6 +145,7 @@ void cgit_print_plain(struct cgit_context *ctx) unsigned char sha1[20]; struct commit *commit; const char *paths[] = {ctx->qry.path, NULL}; + struct pathspec pathspec; if (!rev) rev = ctx->qry.head; @@ -165,7 +166,9 @@ void cgit_print_plain(struct cgit_context *ctx) } else match_baselen = basedir_len(paths[0]); - read_tree_recursive(commit->tree, "", 0, 0, paths, walk_tree, NULL); + init_pathspec(&pathspec, paths); + read_tree_recursive(commit->tree, "", 0, 0, &pathspec, walk_tree, NULL); + free_pathspec(&pathspec); if (!match) html_status(404, "Not found", 0); else if (match == 2) ++++++ cgit-fix-print-tree.diff ++++++ --- ui-tree.c 2011-11-17 18:00:20.036822908 +0100 +++ ui-tree.c 2011-11-17 18:01:22.396236999 +0100 @@ -262,6 +262,7 @@ unsigned char sha1[20]; struct commit *commit; const char *paths[] = {path, NULL}; + struct pathspec pathspec; if (!rev) rev = ctx.qry.head; @@ -283,6 +284,8 @@ } match_path = path; - read_tree_recursive(commit->tree, "", 0, 0, paths, walk_tree, NULL); + init_pathspec(&pathspec, paths); + read_tree_recursive(commit->tree, "", 0, 0, &pathspec, walk_tree, NULL); + free_pathspec(&pathspec); ls_tail(); } ++++++ cgit-git-1.7.6_build_fix.patch ++++++ --- shared.c | 11 ++++++----- ui-stats.c | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) Index: cgit-0.9.0.2/shared.c =================================================================== --- cgit-0.9.0.2.orig/shared.c 2011-07-21 16:24:10.000000000 +0200 +++ cgit-0.9.0.2/shared.c 2011-08-04 01:20:42.695017536 +0200 @@ -303,7 +303,7 @@ void cgit_diff_tree(const unsigned char filepair_fn fn, const char *prefix, int ignorews) { struct diff_options opt; - int prefixlen; + struct pathspec_item pitem; diff_setup(&opt); opt.output_format = DIFF_FORMAT_CALLBACK; @@ -315,10 +315,11 @@ void cgit_diff_tree(const unsigned char opt.format_callback = cgit_diff_tree_cb; opt.format_callback_data = fn; if (prefix) { - opt.nr_paths = 1; - opt.paths = &prefix; - prefixlen = strlen(prefix); - opt.pathlens = &prefixlen; + opt.pathspec.nr = 1; + opt.pathspec.raw = &prefix; + pitem.match = prefix; + pitem.len = strlen(prefix); + opt.pathspec.items = &pitem; } diff_setup_done(&opt); Index: cgit-0.9.0.2/ui-stats.c =================================================================== --- cgit-0.9.0.2.orig/ui-stats.c 2011-07-21 16:24:10.000000000 +0200 +++ cgit-0.9.0.2/ui-stats.c 2011-08-04 01:20:42.695017536 +0200 @@ -239,7 +239,7 @@ struct string_list collect_stats(struct init_revisions(&rev, NULL); rev.abbrev = DEFAULT_ABBREV; rev.commit_format = CMIT_FMT_DEFAULT; - rev.no_merges = 1; + rev.max_parents = 1; rev.verbose_header = 1; rev.show_root_diff = 0; setup_revisions(argc, argv, &rev, NULL); Index: cgit-0.9.0.2/ui-tree.c =================================================================== --- cgit-0.9.0.2.orig/ui-tree.c 2011-07-21 16:24:10.000000000 +0200 +++ cgit-0.9.0.2/ui-tree.c 2011-08-04 01:20:58.632061214 +0200 @@ -206,6 +206,8 @@ static void ls_tail() static void ls_tree(const unsigned char *sha1, char *path) { + const char *paths[] = { path, NULL }; + struct pathspec pathspec; struct tree *tree; tree = parse_tree_indirect(sha1); @@ -216,7 +218,9 @@ static void ls_tree(const unsigned char } ls_head(); - read_tree_recursive(tree, "", 0, 1, NULL, ls_item, NULL); + init_pathspec(&pathspec, paths); + read_tree_recursive(tree, "", 0, 1, &pathspec, ls_item, NULL); + free_pathspec(&pathspec); ls_tail(); } ++++++ cgit-optflags.diff ++++++ --- Makefile | 1 + 1 file changed, 1 insertion(+) --- a/Makefile +++ b/Makefile @@ -134,6 +134,7 @@ CFLAGS += -g -Wall -Igit +CFLAGS += $(RPM_OPT_FLAGS) CFLAGS += -DSHA1_HEADER='$(SHA1_HEADER)' CFLAGS += -DCGIT_VERSION='"$(CGIT_VERSION)"' CFLAGS += -DCGIT_CONFIG='"$(CGIT_CONFIG)"' ++++++ cgitrc ++++++ # Enable caching of up to 1000 output entriess cache-size=1000 # Specify some default clone prefixes clone-prefix=ssh://domain.com/var/git # Specify the css url css=/git/cgit.css # Specify the logo url logo=/git/cgit.png # Show extra links for each repository on the index page enable-index-links=1 # Show number of affected files per commit on the log pages enable-log-filecount=1 # Show number of added/removed lines per commit on the log pages enable-log-linecount=1 # Set the title and heading of the repository index page root-title=git repositories # Allow download of tar.gz, tar.bz2 and zip-files snapshots=tar.gz tar.bz2 zip ## ## List of common mimetypes ## mimetype.git=image/git mimetype.html=text/html mimetype.jpg=image/jpeg mimetype.jpeg=image/jpeg mimetype.pdf=application/pdf mimetype.png=image/png mimetype.svg=image/svg+xml ## ## List of repositories. ## PS: Any repositories listed when section is unset will not be ## displayed under a section heading ## PPS: This list could be kept in a different file (e.g. '/etc/cgitrepos') ## and included like this: ## include=/etc/cgitrepos ## # Add your repositories here. # # Examples: # # repo.url=main # repo.path=/var/git/main.git # repo.desc=Main repository # [email protected] # # repo.url=secondary # repo.path=/var/git/ut.git # repo.desc=Secondary repository # [email protected] -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
