Re: Confirm my false error suspicions of Gitweb query injection
and you earned bonus points for the details - thank you very much! On Mon, Sep 10, 2012 at 10:37 AM, Junio C Hamano wrote: > Joseph Leong writes: > >> Hi Everyone, >> >> I'm using Gitweb (Based on Git 1.7.9 on RHEL 5.8). >> >> I was poking around and tried a GET Request (REQ) with some SQL >> statements as a search query and noticed a 500. Can i just confirm >> with anyone here that the error message I'm seeing in the Response >> (RESP) is basically saying that the search parameters are invalid >> because of it's funny chars are breaking the regex search and that >> it's not anything database related. > > Yes, I think this was fixed in v1.7.9.4 if not earlier, with e65ceb6 > (gitweb: Fix fixed string (non-regexp) project search, 2012-03-02). > -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Confirm my false error suspicions of Gitweb query injection
Joseph Leong writes: > Hi Everyone, > > I'm using Gitweb (Based on Git 1.7.9 on RHEL 5.8). > > I was poking around and tried a GET Request (REQ) with some SQL > statements as a search query and noticed a 500. Can i just confirm > with anyone here that the error message I'm seeing in the Response > (RESP) is basically saying that the search parameters are invalid > because of it's funny chars are breaking the regex search and that > it's not anything database related. Yes, I think this was fixed in v1.7.9.4 if not earlier, with e65ceb6 (gitweb: Fix fixed string (non-regexp) project search, 2012-03-02). -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Confirm my false error suspicions of Gitweb query injection
Joseph Leong writes: > [RESP] > 500 - Internal Server Error > Unmatched ( in regex; marked by <-- HERE in m/( <-- HERE select > 1234,/ at /var/www/git/gitweb.cgi line 4845. Gitweb is feeding your input as a perl regex, which is not really clean but shouldn't really harm either. I could reproduce with an old gitweb version, but newer gitwebs seem to be more clever about regular expression (there's an explicit tickbox to search for re, and the error message is clean when what you provide isn't a valid regexp). -- Matthieu Moy http://www-verimag.imag.fr/~moy/ -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html