From mboxrd@z Thu Jan 1 00:00:00 1970 From: john at keeping.me.uk (John Keeping) Date: Fri, 10 Jan 2014 14:50:14 +0000 Subject: [PATCH] Disallow downloading disabled snapshot formats In-Reply-To: <1389364686-14089-1-git-send-email-cgit@cryptocrack.de> References: <1389364686-14089-1-git-send-email-cgit@cryptocrack.de> Message-ID: <20140110145014.GO7608@serenity.lan> On Fri, Jan 10, 2014 at 03:38:06PM +0100, Lukas Fleischer wrote: > We did only display enabled snapshot formats but we did not prevent from > downloading disabled formats when requested. Fix this by adding an > appropriate check. > > Also, add a test case that checks whether downloading disabled snapshot > formats is denied, as expected. > > Signed-off-by: Lukas Fleischer > --- > tests/t0107-snapshot.sh | 5 +++++ > ui-snapshot.c | 2 +- > 2 files changed, 6 insertions(+), 1 deletion(-) > > diff --git a/tests/t0107-snapshot.sh b/tests/t0107-snapshot.sh > index 6cf7aaa..01e8d22 100755 > --- a/tests/t0107-snapshot.sh > +++ b/tests/t0107-snapshot.sh > @@ -79,4 +79,9 @@ test_expect_success UNZIP 'verify unzipped file-5' ' > test_line_count = 1 master/file-5 > ' > > +test_expect_success 'try to download a disabled snapshot format' ' > + cgit_url "foo/snapshot/master.tar.xz" | > + grep "Unsupported snapshot format" I really dislike seeing pipes in the test suite. Can we redirect to file instead and then grep the file? This helps ensure that the exit code from CGit is correct (I don't know if we expect it to be zero or non-zero here, but if the latter then at least test_must_fail checks that the process didn't segfault - I suspect it should be zero though). > +' > + > test_done > diff --git a/ui-snapshot.c b/ui-snapshot.c > index 8f82119..ab20a4a 100644 > --- a/ui-snapshot.c > +++ b/ui-snapshot.c > @@ -205,7 +205,7 @@ void cgit_print_snapshot(const char *head, const char *hex, > } > > f = get_format(filename); > - if (!f) { > + if (!f || (snapshots & f->bit) == 0) { > show_error("Unsupported snapshot format: %s", filename); > return; > }