diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2018-07-19 23:39:19 +0800 |
|---|---|---|
| committer | techknowlogick <techknowlogick@users.noreply.github.com> | 2018-07-19 11:39:19 -0400 |
| commit | d1337299e2c719f5d7eb1e4eff227359a8c1589b (patch) | |
| tree | 1fd0eb6caea57c21e12b463602f87624bd7828f3 /modules/lfs | |
| parent | 9ca8aaecb4e23d040bee06f846799a6c74b87996 (diff) | |
| download | gitea-d1337299e2c719f5d7eb1e4eff227359a8c1589b.tar.gz gitea-d1337299e2c719f5d7eb1e4eff227359a8c1589b.zip | |
add valid for lfs oid (#4461)
Diffstat (limited to 'modules/lfs')
| -rw-r--r-- | modules/lfs/server.go | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/modules/lfs/server.go b/modules/lfs/server.go index dc12791775..d6543816b9 100644 --- a/modules/lfs/server.go +++ b/modules/lfs/server.go @@ -85,9 +85,12 @@ type link struct { var oidRegExp = regexp.MustCompile(`^[A-Fa-f0-9]+$`) +func isOidValid(oid string) bool { + return oidRegExp.MatchString(oid) +} + // ObjectOidHandler is the main request routing entry point into LFS server functions func ObjectOidHandler(ctx *context.Context) { - if !setting.LFS.StartServer { writeStatus(ctx, 404) return @@ -110,6 +113,11 @@ func ObjectOidHandler(ctx *context.Context) { } func getAuthenticatedRepoAndMeta(ctx *context.Context, rv *RequestVars, requireWrite bool) (*models.LFSMetaObject, *models.Repository) { + if !isOidValid(rv.Oid) { + writeStatus(ctx, 404) + return nil, nil + } + repository, err := models.GetRepositoryByOwnerAndName(rv.User, rv.Repo) if err != nil { log.Debug("Could not find repository: %s/%s - %s", rv.User, rv.Repo, err) @@ -222,7 +230,7 @@ func PostHandler(ctx *context.Context) { return } - if !oidRegExp.MatchString(rv.Oid) { + if !isOidValid(rv.Oid) { writeStatus(ctx, 404) return } @@ -249,7 +257,6 @@ func PostHandler(ctx *context.Context) { // BatchHandler provides the batch api func BatchHandler(ctx *context.Context) { - if !setting.LFS.StartServer { writeStatus(ctx, 404) return @@ -266,6 +273,10 @@ func BatchHandler(ctx *context.Context) { // Create a response object for _, object := range bv.Objects { + if !isOidValid(object.Oid) { + continue + } + repository, err := models.GetRepositoryByOwnerAndName(object.User, object.Repo) if err != nil { @@ -292,12 +303,10 @@ func BatchHandler(ctx *context.Context) { continue } - if oidRegExp.MatchString(object.Oid) { - // Object is not found - meta, err = models.NewLFSMetaObject(&models.LFSMetaObject{Oid: object.Oid, Size: object.Size, RepositoryID: repository.ID}) - if err == nil { - responseObjects = append(responseObjects, Represent(object, meta, meta.Existing, !contentStore.Exists(meta))) - } + // Object is not found + meta, err = models.NewLFSMetaObject(&models.LFSMetaObject{Oid: object.Oid, Size: object.Size, RepositoryID: repository.ID}) + if err == nil { + responseObjects = append(responseObjects, Represent(object, meta, meta.Existing, !contentStore.Exists(meta))) } } |