diff options
| author | zeripath <art27@cantab.net> | 2022-09-04 11:47:56 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-04 13:47:56 +0300 |
| commit | e6b3be460840f1f982d5358198466e7d6f509d21 (patch) | |
| tree | d3e4cb52c6a7df321e9b4ffdfe6f99f79d392b63 /routers/api | |
| parent | 93a610a819688b54d4565b8cbbae7cc04c552073 (diff) | |
| download | gitea-e6b3be460840f1f982d5358198466e7d6f509d21.tar.gz gitea-e6b3be460840f1f982d5358198466e7d6f509d21.zip | |
Add more checks in migration code (#21011)
When migrating add several more important sanity checks:
* SHAs must be SHAs
* Refs must be valid Refs
* URLs must be reasonable
Signed-off-by: Andrew Thornton <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
Diffstat (limited to 'routers/api')
| -rw-r--r-- | routers/api/v1/repo/commits.go | 3 | ||||
| -rw-r--r-- | routers/api/v1/repo/notes.go | 3 |
2 files changed, 2 insertions, 4 deletions
diff --git a/routers/api/v1/repo/commits.go b/routers/api/v1/repo/commits.go index b196ce9774..12c329c203 100644 --- a/routers/api/v1/repo/commits.go +++ b/routers/api/v1/repo/commits.go @@ -17,7 +17,6 @@ import ( "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" - "code.gitea.io/gitea/modules/validation" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -53,7 +52,7 @@ func GetSingleCommit(ctx *context.APIContext) { // "$ref": "#/responses/notFound" sha := ctx.Params(":sha") - if (validation.GitRefNamePatternInvalid.MatchString(sha) || !validation.CheckGitRefAdditionalRulesValid(sha)) && !git.SHAPattern.MatchString(sha) { + if !git.IsValidRefPattern(sha) { ctx.Error(http.StatusUnprocessableEntity, "no valid ref or sha", fmt.Sprintf("no valid ref or sha: %s", sha)) return } diff --git a/routers/api/v1/repo/notes.go b/routers/api/v1/repo/notes.go index bd8e27e40b..67f097a424 100644 --- a/routers/api/v1/repo/notes.go +++ b/routers/api/v1/repo/notes.go @@ -12,7 +12,6 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/git" api "code.gitea.io/gitea/modules/structs" - "code.gitea.io/gitea/modules/validation" ) // GetNote Get a note corresponding to a single commit from a repository @@ -47,7 +46,7 @@ func GetNote(ctx *context.APIContext) { // "$ref": "#/responses/notFound" sha := ctx.Params(":sha") - if (validation.GitRefNamePatternInvalid.MatchString(sha) || !validation.CheckGitRefAdditionalRulesValid(sha)) && !git.SHAPattern.MatchString(sha) { + if !git.IsValidRefPattern(sha) { ctx.Error(http.StatusUnprocessableEntity, "no valid ref or sha", fmt.Sprintf("no valid ref or sha: %s", sha)) return } |