Andrew's git / gitweb.git / blobdiff
?
notes-merge: Don't remove .git/NOTES_MERGE_WORKTREE; it may be the user's cwd
[gitweb.git] / gitweb / gitweb.perl
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
index d5dbd6428b599bc937c50cb87de85099fc1af04c..20ace61b6d158934068bb1e25408336f2058781f 100755 (executable)
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@@ -1073,7 +1073,16 @@ sub evaluate_and_validate_params {
                if (length($searchtext) < 2) {
                        die_error(403, "At least two characters are required for search parameter");
                }
-               $search_regexp = $search_use_regexp ? $searchtext : quotemeta $searchtext;
+               if ($search_use_regexp) {
+                       $search_regexp = $searchtext;
+                       if (!eval { qr/$search_regexp/; 1; }) {
+                               (my $error = $@) =~ s/ at \S+ line \d+.*\n?//;
+                               die_error(400, "Invalid search regexp '$search_regexp'",
+                                         esc_html($error));
+                       }
+               } else {
+                       $search_regexp = quotemeta $searchtext;
+               }
        }
 }