summaryrefslogtreecommitdiffstats
path: root/cmd/serv.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/serv.go')
-rw-r--r--cmd/serv.go6
1 files changed, 6 insertions, 0 deletions
diff --git a/cmd/serv.go b/cmd/serv.go
index 8ffe9b3a4f..fa1e033391 100644
--- a/cmd/serv.go
+++ b/cmd/serv.go
@@ -12,6 +12,7 @@ import (
"net/url"
"os"
"os/exec"
+ "regexp"
"strconv"
"strings"
"time"
@@ -72,6 +73,7 @@ var (
"git-receive-pack": models.AccessModeWrite,
lfsAuthenticateVerb: models.AccessModeNone,
}
+ alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`)
)
func fail(userMessage, logMessage string, args ...interface{}) {
@@ -147,6 +149,10 @@ func runServ(c *cli.Context) error {
username := strings.ToLower(rr[0])
reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git"))
+ if alphaDashDotPattern.MatchString(reponame) {
+ fail("Invalid repo name", "Invalid repo name: %s", reponame)
+ }
+
if setting.EnablePprof || c.Bool("enable-pprof") {
if err := os.MkdirAll(setting.PprofDataPath, os.ModePerm); err != nil {
fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-21 17:46:15 +0000