summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--cache.c16
-rw-r--r--cgit.c2
-rw-r--r--cgit.h1
3 files changed, 18 insertions, 1 deletions
diff --git a/cache.c b/cache.c
index 1ff1251..8df7c26 100644
--- a/cache.c
+++ b/cache.c
@@ -10,6 +10,22 @@
 
 const int NOLOCK = -1;
 
+char *cache_safe_filename(const char *unsafe)
+{
+	static char buf[PATH_MAX];
+	char *s = buf;
+	char c;
+
+	while(unsafe && (c = *unsafe++) != 0) {
+		if (c == '/' || c == ' ' || c == '&' || c == '|' || 
+		    c == '>' || c == '<' || c == '.')
+			c = '_';
+		*s++ = c;
+	}
+	*s = '\0';
+	return buf;
+}
+
 int cache_exist(struct cacheitem *item)
 {
 	if (stat(item->name, &item->st)) {
diff --git a/cgit.c b/cgit.c
index d975570..a3a04d9 100644
--- a/cgit.c
+++ b/cgit.c
@@ -22,7 +22,7 @@ static void cgit_prepare_cache(struct cacheitem *item)
 	} else {
 		item->name = xstrdup(fmt("%s/%s/%s/%s.html", cgit_cache_root, 
 			   cgit_query_repo, cgit_query_page, 
-			   cgit_querystring));
+			   cache_safe_filename(cgit_querystring)));
 		if (cgit_query_has_symref)
 			item->ttl = cgit_cache_dynamic_ttl;
 		else if (cgit_query_has_sha1)
diff --git a/cgit.h b/cgit.h
index f915c86..3601e49 100644
--- a/cgit.h
+++ b/cgit.h
@@ -87,6 +87,7 @@ extern int cgit_read_config(const char *filename, configfn fn);
 extern int cgit_parse_query(char *txt, configfn fn);
 extern struct commitinfo *cgit_parse_commit(struct commit *commit);
 
+extern char *cache_safe_filename(const char *unsafe);
 extern int cache_lock(struct cacheitem *item);
 extern int cache_unlock(struct cacheitem *item);
 extern int cache_cancel_lock(struct cacheitem *item);