gitweb: No error messages with unescaped/unprotected user input
[gitweb.git] / path.c
diff --git a/path.c b/path.c
index 194e0b553f7a5c4fd99b348228112b308c5419b6..db8905f3c352592124b2f0bda18fc0ccd048528e 100644 (file)
--- a/path.c
+++ b/path.c
@@ -77,25 +77,12 @@ int git_mkstemp(char *path, size_t len, const char *template)
                pch += n;
        }
 
-       safe_strncpy(pch, template, len);
+       strlcpy(pch, template, len);
 
        return mkstemp(path);
 }
 
 
-size_t safe_strncpy(char *dest, const char *src, size_t size)
-{
-       size_t ret = strlen(src);
-
-       if (size) {
-               size_t len = (ret >= size) ? size - 1 : ret;
-               memcpy(dest, src, len);
-               dest[len] = '\0';
-       }
-       return ret;
-}
-
-
 int validate_symref(const char *path)
 {
        struct stat st;
@@ -267,11 +254,21 @@ int adjust_shared_perm(const char *path)
                return -1;
        mode = st.st_mode;
        if (mode & S_IRUSR)
-               mode |= S_IRGRP;
+               mode |= (shared_repository == PERM_GROUP
+                        ? S_IRGRP
+                        : (shared_repository == PERM_EVERYBODY
+                           ? (S_IRGRP|S_IROTH)
+                           : 0));
+
        if (mode & S_IWUSR)
                mode |= S_IWGRP;
+
        if (mode & S_IXUSR)
-               mode |= S_IXGRP;
+               mode |= (shared_repository == PERM_GROUP
+                        ? S_IXGRP
+                        : (shared_repository == PERM_EVERYBODY
+                           ? (S_IXGRP|S_IXOTH)
+                           : 0));
        if (S_ISDIR(mode))
                mode |= S_ISGID;
        if (chmod(path, mode) < 0)