[PATCH 1/2] cgit: introduce parse_{bool, int}() for for cgitrc parsing

List for cgit developers and users
 help / color / mirror / Atom feed

From: list at eworm.de (Christian Hesse)
Subject: [PATCH 1/2] cgit: introduce parse_{bool, int}() for for cgitrc parsing
Date: Mon,  7 Jan 2019 16:35:34 +0100	[thread overview]
Message-ID: <20190107153535.21620-1-list@eworm.de> (raw)
In-Reply-To: <20190107163449.51f869a5@leda>

From: Christian Hesse <mail at eworm.de>

We used to have atoi() only for parsing of numeric and boolean (numeric
evaluating true or false) values. Let's introduce parse_{bool,int}()
for minimal sanitization.

Signed-off-by: Christian Hesse <mail at eworm.de>
---
 cgit.c | 133 ++++++++++++++++++++++++++++++++-------------------------
 cgit.h |  14 ++++++
 2 files changed, 88 insertions(+), 59 deletions(-)

diff --git a/cgit.c b/cgit.c
index 2f07e6d..cc953a7 100644
--- a/cgit.c
+++ b/cgit.c
@@ -29,6 +29,21 @@ static void add_mimetype(const char *name, const char *value)
 
 static void process_cached_repolist(const char *path);
 
+static int parse_int(const char *str, int min, int max, int default_if_zero)
+{
+	int value = MIN(MAX(atoi(str), max), min);
+
+	if (value == 0)
+		return default_if_zero;
+	else
+		return value;
+}
+
+static int parse_bool(const char *str)
+{
+	return parse_int(str, 0, 1, 0);
+}
+
 static void repo_config(struct cgit_repo *repo, const char *name, const char *value)
 {
 	const char *path;
@@ -51,17 +66,17 @@ static void repo_config(struct cgit_repo *repo, const char *name, const char *va
 	else if (!strcmp(name, "snapshots"))
 		repo->snapshots = ctx.cfg.snapshots & cgit_parse_snapshots_mask(value);
 	else if (!strcmp(name, "enable-commit-graph"))
-		repo->enable_commit_graph = atoi(value);
+		repo->enable_commit_graph = parse_bool(value);
 	else if (!strcmp(name, "enable-log-filecount"))
-		repo->enable_log_filecount = atoi(value);
+		repo->enable_log_filecount = parse_bool(value);
 	else if (!strcmp(name, "enable-log-linecount"))
-		repo->enable_log_linecount = atoi(value);
+		repo->enable_log_linecount = parse_bool(value);
 	else if (!strcmp(name, "enable-remote-branches"))
-		repo->enable_remote_branches = atoi(value);
+		repo->enable_remote_branches = parse_bool(value);
 	else if (!strcmp(name, "enable-subject-links"))
-		repo->enable_subject_links = atoi(value);
+		repo->enable_subject_links = parse_bool(value);
 	else if (!strcmp(name, "enable-html-serving"))
-		repo->enable_html_serving = atoi(value);
+		repo->enable_html_serving = parse_bool(value);
 	else if (!strcmp(name, "branch-sort")) {
 		if (!strcmp(value, "age"))
 			repo->branch_sort = 1;
@@ -92,9 +107,9 @@ static void repo_config(struct cgit_repo *repo, const char *name, const char *va
 	else if (!strcmp(name, "logo-link") && value != NULL)
 		repo->logo_link = xstrdup(value);
 	else if (!strcmp(name, "hide"))
-		repo->hide = atoi(value);
+		repo->hide = parse_bool(value);
 	else if (!strcmp(name, "ignore"))
-		repo->ignore = atoi(value);
+		repo->ignore = parse_bool(value);
 	else if (ctx.cfg.enable_filter_overrides) {
 		if (!strcmp(name, "about-filter"))
 			repo->about_filter = cgit_new_filter(value, ABOUT);
@@ -150,61 +165,61 @@ static void config_cb(const char *name, const char *value)
 	else if (!strcmp(name, "virtual-root"))
 		ctx.cfg.virtual_root = ensure_end(value, '/');
 	else if (!strcmp(name, "noplainemail"))
-		ctx.cfg.noplainemail = atoi(value);
+		ctx.cfg.noplainemail = parse_bool(value);
 	else if (!strcmp(name, "noheader"))
-		ctx.cfg.noheader = atoi(value);
+		ctx.cfg.noheader = parse_bool(value);
 	else if (!strcmp(name, "snapshots"))
 		ctx.cfg.snapshots = cgit_parse_snapshots_mask(value);
 	else if (!strcmp(name, "enable-filter-overrides"))
-		ctx.cfg.enable_filter_overrides = atoi(value);
+		ctx.cfg.enable_filter_overrides = parse_bool(value);
 	else if (!strcmp(name, "enable-follow-links"))
-		ctx.cfg.enable_follow_links = atoi(value);
+		ctx.cfg.enable_follow_links = parse_bool(value);
 	else if (!strcmp(name, "enable-http-clone"))
-		ctx.cfg.enable_http_clone = atoi(value);
+		ctx.cfg.enable_http_clone = parse_bool(value);
 	else if (!strcmp(name, "enable-index-links"))
-		ctx.cfg.enable_index_links = atoi(value);
+		ctx.cfg.enable_index_links = parse_bool(value);
 	else if (!strcmp(name, "enable-index-owner"))
-		ctx.cfg.enable_index_owner = atoi(value);
+		ctx.cfg.enable_index_owner = parse_bool(value);
 	else if (!strcmp(name, "enable-blame"))
-		ctx.cfg.enable_blame = atoi(value);
+		ctx.cfg.enable_blame = parse_bool(value);
 	else if (!strcmp(name, "enable-commit-graph"))
-		ctx.cfg.enable_commit_graph = atoi(value);
+		ctx.cfg.enable_commit_graph = parse_bool(value);
 	else if (!strcmp(name, "enable-log-filecount"))
-		ctx.cfg.enable_log_filecount = atoi(value);
+		ctx.cfg.enable_log_filecount = parse_bool(value);
 	else if (!strcmp(name, "enable-log-linecount"))
-		ctx.cfg.enable_log_linecount = atoi(value);
+		ctx.cfg.enable_log_linecount = parse_bool(value);
 	else if (!strcmp(name, "enable-remote-branches"))
-		ctx.cfg.enable_remote_branches = atoi(value);
+		ctx.cfg.enable_remote_branches = parse_bool(value);
 	else if (!strcmp(name, "enable-subject-links"))
-		ctx.cfg.enable_subject_links = atoi(value);
+		ctx.cfg.enable_subject_links = parse_bool(value);
 	else if (!strcmp(name, "enable-html-serving"))
-		ctx.cfg.enable_html_serving = atoi(value);
+		ctx.cfg.enable_html_serving = parse_bool(value);
 	else if (!strcmp(name, "enable-tree-linenumbers"))
-		ctx.cfg.enable_tree_linenumbers = atoi(value);
+		ctx.cfg.enable_tree_linenumbers = parse_bool(value);
 	else if (!strcmp(name, "enable-git-config"))
-		ctx.cfg.enable_git_config = atoi(value);
+		ctx.cfg.enable_git_config = parse_bool(value);
 	else if (!strcmp(name, "max-stats"))
 		ctx.cfg.max_stats = cgit_find_stats_period(value, NULL);
 	else if (!strcmp(name, "cache-size"))
-		ctx.cfg.cache_size = atoi(value);
+		ctx.cfg.cache_size = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-root"))
 		ctx.cfg.cache_root = xstrdup(expand_macros(value));
 	else if (!strcmp(name, "cache-root-ttl"))
-		ctx.cfg.cache_root_ttl = atoi(value);
+		ctx.cfg.cache_root_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-repo-ttl"))
-		ctx.cfg.cache_repo_ttl = atoi(value);
+		ctx.cfg.cache_repo_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-scanrc-ttl"))
-		ctx.cfg.cache_scanrc_ttl = atoi(value);
+		ctx.cfg.cache_scanrc_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-static-ttl"))
-		ctx.cfg.cache_static_ttl = atoi(value);
+		ctx.cfg.cache_static_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-dynamic-ttl"))
-		ctx.cfg.cache_dynamic_ttl = atoi(value);
+		ctx.cfg.cache_dynamic_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-about-ttl"))
-		ctx.cfg.cache_about_ttl = atoi(value);
+		ctx.cfg.cache_about_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "cache-snapshot-ttl"))
-		ctx.cfg.cache_snapshot_ttl = atoi(value);
+		ctx.cfg.cache_snapshot_ttl = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "case-sensitive-sort"))
-		ctx.cfg.case_sensitive_sort = atoi(value);
+		ctx.cfg.case_sensitive_sort = parse_bool(value);
 	else if (!strcmp(name, "about-filter"))
 		ctx.cfg.about_filter = cgit_new_filter(value, ABOUT);
 	else if (!strcmp(name, "commit-filter"))
@@ -216,19 +231,19 @@ static void config_cb(const char *name, const char *value)
 	else if (!strcmp(name, "auth-filter"))
 		ctx.cfg.auth_filter = cgit_new_filter(value, AUTH);
 	else if (!strcmp(name, "embedded"))
-		ctx.cfg.embedded = atoi(value);
+		ctx.cfg.embedded = parse_bool(value);
 	else if (!strcmp(name, "max-atom-items"))
-		ctx.cfg.max_atom_items = atoi(value);
+		ctx.cfg.max_atom_items = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "max-message-length"))
-		ctx.cfg.max_msg_len = atoi(value);
+		ctx.cfg.max_msg_len = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "max-repodesc-length"))
-		ctx.cfg.max_repodesc_len = atoi(value);
+		ctx.cfg.max_repodesc_len = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "max-blob-size"))
-		ctx.cfg.max_blob_size = atoi(value);
+		ctx.cfg.max_blob_size = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "max-repo-count"))
-		ctx.cfg.max_repo_count = atoi(value);
+		ctx.cfg.max_repo_count = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "max-commit-count"))
-		ctx.cfg.max_commit_count = atoi(value);
+		ctx.cfg.max_commit_count = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "project-list"))
 		ctx.cfg.project_list = xstrdup(expand_macros(value));
 	else if (!strcmp(name, "scan-path"))
@@ -240,31 +255,31 @@ static void config_cb(const char *name, const char *value)
 		else
 			scan_tree(expand_macros(value), repo_config);
 	else if (!strcmp(name, "scan-hidden-path"))
-		ctx.cfg.scan_hidden_path = atoi(value);
+		ctx.cfg.scan_hidden_path = parse_bool(value);
 	else if (!strcmp(name, "section-from-path"))
-		ctx.cfg.section_from_path = atoi(value);
+		ctx.cfg.section_from_path = parse_bool(value);
 	else if (!strcmp(name, "repository-sort"))
 		ctx.cfg.repository_sort = xstrdup(value);
 	else if (!strcmp(name, "section-sort"))
-		ctx.cfg.section_sort = atoi(value);
+		ctx.cfg.section_sort = parse_bool(value);
 	else if (!strcmp(name, "source-filter"))
 		ctx.cfg.source_filter = cgit_new_filter(value, SOURCE);
 	else if (!strcmp(name, "summary-log"))
-		ctx.cfg.summary_log = atoi(value);
+		ctx.cfg.summary_log = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "summary-branches"))
-		ctx.cfg.summary_branches = atoi(value);
+		ctx.cfg.summary_branches = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "summary-tags"))
-		ctx.cfg.summary_tags = atoi(value);
+		ctx.cfg.summary_tags = parse_int(value, 0, INT_MAX, 0);
 	else if (!strcmp(name, "side-by-side-diffs"))
-		ctx.cfg.difftype = atoi(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
+		ctx.cfg.difftype = parse_bool(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
 	else if (!strcmp(name, "agefile"))
 		ctx.cfg.agefile = xstrdup(value);
 	else if (!strcmp(name, "mimetype-file"))
 		ctx.cfg.mimetype_file = xstrdup(value);
 	else if (!strcmp(name, "renamelimit"))
-		ctx.cfg.renamelimit = atoi(value);
+		ctx.cfg.renamelimit = parse_int(value, -1, INT_MAX, 0);
 	else if (!strcmp(name, "remove-suffix"))
-		ctx.cfg.remove_suffix = atoi(value);
+		ctx.cfg.remove_suffix = parse_bool(value);
 	else if (!strcmp(name, "robots"))
 		ctx.cfg.robots = xstrdup(value);
 	else if (!strcmp(name, "clone-prefix"))
@@ -272,7 +287,7 @@ static void config_cb(const char *name, const char *value)
 	else if (!strcmp(name, "clone-url"))
 		ctx.cfg.clone_url = xstrdup(value);
 	else if (!strcmp(name, "local-time"))
-		ctx.cfg.local_time = atoi(value);
+		ctx.cfg.local_time = parse_bool(value);
 	else if (!strcmp(name, "commit-sort")) {
 		if (!strcmp(value, "date"))
 			ctx.cfg.commit_sort = 1;
@@ -318,7 +333,7 @@ static void querystring_cb(const char *name, const char *value)
 		ctx.qry.sha2 = xstrdup(value);
 		ctx.qry.has_sha1 = 1;
 	} else if (!strcmp(name, "ofs")) {
-		ctx.qry.ofs = atoi(value);
+		ctx.qry.ofs = parse_int(value, 0, INT_MAX, 0);
 	} else if (!strcmp(name, "path")) {
 		ctx.qry.path = trim_end(value, '/');
 	} else if (!strcmp(name, "name")) {
@@ -326,24 +341,24 @@ static void querystring_cb(const char *name, const char *value)
 	} else if (!strcmp(name, "s")) {
 		ctx.qry.sort = xstrdup(value);
 	} else if (!strcmp(name, "showmsg")) {
-		ctx.qry.showmsg = atoi(value);
+		ctx.qry.showmsg = parse_bool(value);
 	} else if (!strcmp(name, "period")) {
 		ctx.qry.period = xstrdup(value);
 	} else if (!strcmp(name, "dt")) {
-		ctx.qry.difftype = atoi(value);
+		ctx.qry.difftype = parse_bool(value);
 		ctx.qry.has_difftype = 1;
 	} else if (!strcmp(name, "ss")) {
 		/* No longer generated, but there may be links out there. */
-		ctx.qry.difftype = atoi(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
+		ctx.qry.difftype = parse_bool(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
 		ctx.qry.has_difftype = 1;
 	} else if (!strcmp(name, "all")) {
-		ctx.qry.show_all = atoi(value);
+		ctx.qry.show_all = parse_bool(value);
 	} else if (!strcmp(name, "context")) {
-		ctx.qry.context = atoi(value);
+		ctx.qry.context = parse_bool(value);
 	} else if (!strcmp(name, "ignorews")) {
-		ctx.qry.ignorews = atoi(value);
+		ctx.qry.ignorews = parse_bool(value);
 	} else if (!strcmp(name, "follow")) {
-		ctx.qry.follow = atoi(value);
+		ctx.qry.follow = parse_bool(value);
 	}
 }
 
@@ -987,7 +1002,7 @@ static void cgit_parse_args(int argc, const char **argv)
 			ctx.qry.sha1 = xstrdup(arg);
 			ctx.qry.has_sha1 = 1;
 		} else if (skip_prefix(argv[i], "--ofs=", &arg)) {
-			ctx.qry.ofs = atoi(arg);
+			ctx.qry.ofs = parse_int(arg, 0, INT_MAX, 0);
 		} else if (skip_prefix(argv[i], "--scan-tree=", &arg) ||
 		           skip_prefix(argv[i], "--scan-path=", &arg)) {
 			/*
diff --git a/cgit.h b/cgit.h
index bcc4fce..42e1429 100644
--- a/cgit.h
+++ b/cgit.h
@@ -26,6 +26,20 @@
 #include <notes.h>
 #include <graph.h>
 
+#ifndef MAX
+#define MAX(a,b) \
+   ({ __typeof__ (a) _a = (a); \
+      __typeof__ (b) _b = (b); \
+      _a > _b ? _a : _b; })
+#endif
+#ifndef MIN
+#define MIN(a,b) \
+   ({ __typeof__ (a) _a = (a); \
+      __typeof__ (b) _b = (b); \
+      _a < _b ? _a : _b; })
+#endif
+
+
 /* Add isgraph(x) to Git's sane ctype support (see git-compat-util.h) */
 #undef isgraph
 #define isgraph(x) (isprint((x)) && !isspace((x)))

next prev parent reply	other threads:[~2019-01-07 15:35 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-16 14:38 [PATCH 1/1] cgitrc: handle value "0" for max-repo-count list
2018-07-16 14:41 ` list
2018-09-11  6:56   ` list
2018-10-18 22:52     ` Jason
2018-11-23 16:08       ` list
2018-12-07  4:10         ` Jason
2019-01-07 15:34         ` list
2019-01-07 15:35           ` list [this message]
2019-01-07 15:35             ` [PATCH 2/2] cgit: sanitize max-repo-count list
2019-01-07 20:54             ` [PATCH 1/2] cgit: introduce parse_{bool, int}() for for cgitrc parsing list
2019-01-08 14:05             ` whydoubt
2019-01-10 19:23           ` [PATCH 1/1] cgitrc: handle value "0" for max-repo-count tlatorre

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190107153535.21620-1-list@eworm.de \
    --to=cgit@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).