diff options
| author | Unknwon <u@gogs.io> | 2016-08-15 02:35:54 -0700 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2016-08-15 02:35:54 -0700 |
| commit | cc647ba9d5854319df259377f0c89027bb9f9813 (patch) | |
| tree | c029326b08dbe0341a905353fa121d5fc3f86d60 | |
| parent | 5e89485cec5b8094cef0e1da3f918b5ec6de6d04 (diff) | |
| download | gitea-cc647ba9d5854319df259377f0c89027bb9f9813.tar.gz gitea-cc647ba9d5854319df259377f0c89027bb9f9813.zip | |
#3461 fix security issue of REAMDE path in create repository
| -rw-r--r-- | models/repo.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/models/repo.go b/models/repo.go index 3c2c2650cb..a858338b18 100644 --- a/models/repo.go +++ b/models/repo.go @@ -870,7 +870,7 @@ type CreateRepoOptions struct { } func getRepoInitFile(tp, name string) ([]byte, error) { - relPath := path.Join("conf", tp, name) + relPath := path.Join("conf", tp, strings.TrimLeft(name, "./")) // Use custom file when available. customPath := path.Join(setting.CustomPath, relPath) |