diff options
| -rw-r--r-- | app/controllers/repositories_controller.rb | 11 | ||||
| -rw-r--r-- | lib/redmine/scm/adapters/subversion_adapter.rb | 14 |
2 files changed, 14 insertions, 11 deletions
diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb index 10c235d65..9b59b51ec 100644 --- a/app/controllers/repositories_controller.rb +++ b/app/controllers/repositories_controller.rb @@ -19,8 +19,8 @@ require 'SVG/Graph/Bar' require 'SVG/Graph/BarHorizontal' require 'digest/sha1' -class ChangesetNotFound < Exception -end +class ChangesetNotFound < Exception; end +class InvalidRevisionParam < Exception; end class RepositoriesController < ApplicationController layout 'base' @@ -135,7 +135,6 @@ class RepositoriesController < ApplicationController end def diff - @rev_to = params[:rev_to] @diff_type = params[:type] || User.current.pref[:diff_type] || 'inline' @diff_type = 'inline' unless %w(inline sbs).include?(@diff_type) @@ -180,6 +179,8 @@ private render_404 end + REV_PARAM_RE = %r{^[a-f0-9]*$} + def find_repository @project = Project.find(params[:id]) @repository = @project.repository @@ -187,8 +188,12 @@ private @path = params[:path].join('/') unless params[:path].nil? @path ||= '' @rev = params[:rev] + @rev_to = params[:rev_to] + raise InvalidRevisionParam unless @rev.to_s.match(REV_PARAM_RE) && @rev.to_s.match(REV_PARAM_RE) rescue ActiveRecord::RecordNotFound render_404 + rescue InvalidRevisionParam + show_error_not_found end def show_error_not_found diff --git a/lib/redmine/scm/adapters/subversion_adapter.rb b/lib/redmine/scm/adapters/subversion_adapter.rb index 1e0320e2c..efbd3ba8e 100644 --- a/lib/redmine/scm/adapters/subversion_adapter.rb +++ b/lib/redmine/scm/adapters/subversion_adapter.rb @@ -62,7 +62,7 @@ module Redmine # or nil if the given path doesn't exist in the repository
def entries(path=nil, identifier=nil)
path ||= ''
- identifier = 'HEAD' unless identifier and identifier > 0
+ identifier = (identifier and identifier.to_i > 0) ? identifier.to_i : "HEAD"
entries = Entries.new
cmd = "#{SVN_BIN} list --xml #{target(path)}@#{identifier}"
cmd << credentials_string
@@ -94,8 +94,8 @@ module Redmine def revisions(path=nil, identifier_from=nil, identifier_to=nil, options={})
path ||= ''
- identifier_from = 'HEAD' unless identifier_from and identifier_from.to_i > 0
- identifier_to = 1 unless identifier_to and identifier_to.to_i > 0
+ identifier_from = (identifier_from and identifier_from.to_i > 0) ? identifier_from.to_i : "HEAD"
+ identifier_to = (identifier_to and identifier_to.to_i > 0) ? identifier_to.to_i : 1
revisions = Revisions.new
cmd = "#{SVN_BIN} log --xml -r #{identifier_from}:#{identifier_to}"
cmd << credentials_string
@@ -131,11 +131,9 @@ module Redmine def diff(path, identifier_from, identifier_to=nil, type="inline")
path ||= ''
- if identifier_to and identifier_to.to_i > 0
- identifier_to = identifier_to.to_i
- else
- identifier_to = identifier_from.to_i - 1
- end
+ identifier_from = (identifier_from and identifier_from.to_i > 0) ? identifier_from.to_i : ''
+ identifier_to = (identifier_to and identifier_to.to_i > 0) ? identifier_to.to_i : (identifier_from.to_i - 1)
+
cmd = "#{SVN_BIN} diff -r "
cmd << "#{identifier_to}:"
cmd << "#{identifier_from}"
|