From 1662ed79d9304100f76a8c863424c1d0abbca6d1 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Mon, 14 Dec 2020 11:47:25 +0100
Subject: 1.2.3 for EL-8

---
 0001-clone-fix-directory-traversal.patch | 62 --------------------------------
 1 file changed, 62 deletions(-)
 delete mode 100644 0001-clone-fix-directory-traversal.patch

(limited to '0001-clone-fix-directory-traversal.patch')

diff --git a/0001-clone-fix-directory-traversal.patch b/0001-clone-fix-directory-traversal.patch
deleted file mode 100644
index 9f647f2..0000000
--- a/0001-clone-fix-directory-traversal.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 53efaf30b50f095cad8c160488c74bba3e3b2680 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Fri, 3 Aug 2018 15:46:11 +0200
-Subject: [PATCH] clone: fix directory traversal
-
-This was introduced in the initial version of this code, way back when
-in 2008.
-
-$ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd
-root:x:0:0:root:/root:/bin/sh
-...
-
-Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-Reported-by: Jann Horn <jannh@google.com>
----
- ui-clone.c | 23 +++++++++++++++++++----
- 1 file changed, 19 insertions(+), 4 deletions(-)
-
-diff --git a/ui-clone.c b/ui-clone.c
-index 2c1ac3d..6ba8f36 100644
---- a/ui-clone.c
-+++ b/ui-clone.c
-@@ -92,17 +92,32 @@ void cgit_clone_info(void)
- 
- void cgit_clone_objects(void)
- {
--	if (!ctx.qry.path) {
--		cgit_print_error_page(400, "Bad request", "Bad request");
--		return;
--	}
-+	char *p;
-+
-+	if (!ctx.qry.path)
-+		goto err;
- 
- 	if (!strcmp(ctx.qry.path, "info/packs")) {
- 		print_pack_info();
- 		return;
- 	}
- 
-+	/* Avoid directory traversal by forbidding "..", but also work around
-+	 * other funny business by just specifying a fairly strict format. For
-+	 * example, now we don't have to stress out about the Cygwin port.
-+	 */
-+	for (p = ctx.qry.path; *p; ++p) {
-+		if (*p == '.' && *(p + 1) == '.')
-+			goto err;
-+		if (!isalnum(*p) && *p != '/' && *p != '.' && *p != '-')
-+			goto err;
-+	}
-+
- 	send_file(git_path("objects/%s", ctx.qry.path));
-+	return;
-+
-+err:
-+	cgit_print_error_page(400, "Bad request", "Bad request");
- }
- 
- void cgit_clone_head(void)
--- 
-2.18.0
-
-- 
cgit