diff options
| -rw-r--r-- | modules/repository/generate.go | 6 | ||||
| -rw-r--r-- | modules/util/path.go | 5 | ||||
| -rw-r--r-- | services/lfs/server.go | 5 |
3 files changed, 9 insertions, 7 deletions
diff --git a/modules/repository/generate.go b/modules/repository/generate.go index 102c5af1c9..cb25daa10b 100644 --- a/modules/repository/generate.go +++ b/modules/repository/generate.go @@ -372,12 +372,12 @@ func GenerateRepository(ctx context.Context, doer, owner *user_model.User, templ return generateRepo, nil } +var fileNameSanitizeRegexp = regexp.MustCompile(`(?i)\.\.|[<>:\"/\\|?*\x{0000}-\x{001F}]|^(con|prn|aux|nul|com\d|lpt\d)$`) + // Sanitize user input to valid OS filenames // // Based on https://github.com/sindresorhus/filename-reserved-regex // Adds ".." to prevent directory traversal func fileNameSanitize(s string) string { - re := regexp.MustCompile(`(?i)\.\.|[<>:\"/\\|?*\x{0000}-\x{001F}]|^(con|prn|aux|nul|com\d|lpt\d)$`) - - return strings.TrimSpace(re.ReplaceAllString(s, "_")) + return strings.TrimSpace(fileNameSanitizeRegexp.ReplaceAllString(s, "_")) } diff --git a/modules/util/path.go b/modules/util/path.go index 1a68bc7488..58258560dd 100644 --- a/modules/util/path.go +++ b/modules/util/path.go @@ -222,6 +222,8 @@ func isOSWindows() bool { return runtime.GOOS == "windows" } +var driveLetterRegexp = regexp.MustCompile("/[A-Za-z]:/") + // FileURLToPath extracts the path information from a file://... url. func FileURLToPath(u *url.URL) (string, error) { if u.Scheme != "file" { @@ -235,8 +237,7 @@ func FileURLToPath(u *url.URL) (string, error) { } // If it looks like there's a Windows drive letter at the beginning, strip off the leading slash. - re := regexp.MustCompile("/[A-Za-z]:/") - if re.MatchString(path) { + if driveLetterRegexp.MatchString(path) { return path[1:], nil } return path, nil diff --git a/services/lfs/server.go b/services/lfs/server.go index a18e752d47..b32f218785 100644 --- a/services/lfs/server.go +++ b/services/lfs/server.go @@ -77,6 +77,8 @@ func CheckAcceptMediaType(ctx *context.Context) { } } +var rangeHeaderRegexp = regexp.MustCompile(`bytes=(\d+)\-(\d*).*`) + // DownloadHandler gets the content from the content store func DownloadHandler(ctx *context.Context) { rc := getRequestContext(ctx) @@ -92,8 +94,7 @@ func DownloadHandler(ctx *context.Context) { toByte = meta.Size - 1 statusCode := http.StatusOK if rangeHdr := ctx.Req.Header.Get("Range"); rangeHdr != "" { - regex := regexp.MustCompile(`bytes=(\d+)\-(\d*).*`) - match := regex.FindStringSubmatch(rangeHdr) + match := rangeHeaderRegexp.FindStringSubmatch(rangeHdr) if len(match) > 1 { statusCode = http.StatusPartialContent fromByte, _ = strconv.ParseInt(match[1], 10, 32) |