[FFmpeg-cvslog] [ffmpeg-fateserver] branch master updated. fd02ae5 Move validation of parsed slot/date into split_header from load_report
ffmpeg-git at ffmpeg.org
ffmpeg-git at ffmpeg.org
Tue Sep 7 18:27:21 EEST 2021
The branch, master has been updated
via fd02ae530d5fa5b71987a47125ff308633e98b76 (commit)
from 0618f7564ab01bddde942477d2a9da83e0f987a3 (commit)
- Log -----------------------------------------------------------------
commit fd02ae530d5fa5b71987a47125ff308633e98b76
Author: Martin Storsjö <martin at martin.st>
AuthorDate: Tue Sep 7 18:01:05 2021 +0300
Commit: Nicolas George <george at nsup.org>
CommitDate: Tue Sep 7 17:26:42 2021 +0200
Move validation of parsed slot/date into split_header from load_report
This avoids using tainted data in the call to zcat in the main loop
in index.cgi.
This fixes the report listing for cases with a compile error.
diff --git a/FATE.pm b/FATE.pm
index ccb8958..0d4603f 100644
--- a/FATE.pm
+++ b/FATE.pm
@@ -52,6 +52,8 @@ our $gitweb = "http://git.videolan.org/?p=ffmpeg.git";
sub split_header {
my @hdr = split /:/, $_[0];
$hdr[0] eq 'fate' or return undef;
+ ($hdr[2]) = $hdr[2] =~ /^([0-9]{1,80})\z/ or return undef;
+ ($hdr[3]) = $hdr[3] =~ /^([A-Za-z0-9_\-.]{1,80})\z/ or return undef;
my $parsed = {
version => $hdr[1],
date => $hdr[2],
@@ -147,8 +149,6 @@ sub load_summary {
sub load_report {
my ($slot, $date) = @_;
- ($slot) = $slot =~ /^([A-Za-z0-9_\-.]{1,80})\z/ or exit 1;
- ($date) = $date =~ /^([0-9]{1,80})\z/ or exit 1;
my $report = "$fatedir/$slot/$date/report.xz";
my @recs;
-----------------------------------------------------------------------
Summary of changes:
FATE.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
More information about the ffmpeg-cvslog
mailing list