Revision 77947bbe24e0306d1ce5605c962c4a25f5aca22f authored by Andreas Brauchli on 29 July 2016, 14:49:37 UTC, committed by Junio C Hamano on 01 August 2016, 19:55:40 UTC
Fix a case where an html link can be generated from unescaped input resulting in invalid strict xhtml or potentially injected code. An overview of a repo with a tag "1.0.0&0.0.1" would previously result in an unescaped ampersand in the link body. Signed-off-by: Andreas Brauchli <a.brauchli@elementarea.net> Acked-by: Jakub Narębski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent 0b65a8d
xdiff-interface.h
#ifndef XDIFF_INTERFACE_H
#define XDIFF_INTERFACE_H
#include "xdiff/xdiff.h"
/*
* xdiff isn't equipped to handle content over a gigabyte;
* we make the cutoff 1GB - 1MB to give some breathing
* room for constant-sized additions (e.g., merge markers)
*/
#define MAX_XDIFF_SIZE (1024UL * 1024 * 1023)
typedef void (*xdiff_emit_consume_fn)(void *, char *, unsigned long);
int xdi_diff(mmfile_t *mf1, mmfile_t *mf2, xpparam_t const *xpp, xdemitconf_t const *xecfg, xdemitcb_t *ecb);
int xdi_diff_outf(mmfile_t *mf1, mmfile_t *mf2,
xdiff_emit_consume_fn fn, void *consume_callback_data,
xpparam_t const *xpp, xdemitconf_t const *xecfg);
int parse_hunk_header(char *line, int len,
int *ob, int *on,
int *nb, int *nn);
int read_mmfile(mmfile_t *ptr, const char *filename);
void read_mmblob(mmfile_t *ptr, const unsigned char *sha1);
int buffer_is_binary(const char *ptr, unsigned long size);
extern void xdiff_set_find_func(xdemitconf_t *xecfg, const char *line, int cflags);
extern void xdiff_clear_find_func(xdemitconf_t *xecfg);
extern int git_xmerge_config(const char *var, const char *value, void *cb);
extern int git_xmerge_style;
#endif
Computing file changes ...