git - cogit:d821b0897288298

< >

2023-07-21 15:02:07 (UTC-03:00)

Marcel Rodrigues <marcelgmr@gmail.com>

return 404 for invalid URLs

diff --git a/cogit/cogit.lua b/cogit/cogit.lua
index be593e7..0f9ebae 100644
--- a/cogit/cogit.lua
+++ b/cogit/cogit.lua
@@ -158,11 +158,14 @@ function Cogit:routes()
     end},
     {"GET", "/repo/([%w_-]+)",
     function (req, rname)
+        local repo = self.repos[rname]
+        if repo == nil then
+            return "Page not found", 404, "Not found"
+        end
         local is_admin = self:is_admin(req.cookies)
         if not is_admin and is_private(self.descs[rname]) then
             return "/login", 303
         end
-        local repo = self.repos[rname]
         local bnames = repo:branches()
         local tnames = repo:tags()
         local env = {
@@ -173,12 +176,18 @@ function Cogit:routes()
     end},
     {"GET", "/repo/([%w_-]+)/history/([%w_-]+)",
     function (req, rname, first)
+        local repo = self.repos[rname]
+        if repo == nil then
+            return "Page not found", 404, "Not found"
+        end
         local is_admin = self:is_admin(req.cookies)
         if not is_admin and is_private(self.descs[rname]) then
             return "/login", 303
         end
-        local repo = self.repos[rname]
         local commit = repo:commit(first)
+        if commit == nil then
+            return "Page not found", 404, "Not found"
+        end
         local prev = repo:find_prev(commit:id(), self.limit)
         local env = {
             title=self.title, is_admin=is_admin, rname=rname,
@@ -188,12 +197,18 @@ function Cogit:routes()
     end},
     {"GET", "/repo/([%w_-]+)/commit/([%w_-]+)",
     function (req, rname, cid)
+        local repo = self.repos[rname]
+        if repo == nil then
+            return "Page not found", 404, "Not found"
+        end
         local is_admin = self:is_admin(req.cookies)
         if not is_admin and is_private(self.descs[rname]) then
             return "/login", 303
         end
-        local repo = self.repos[rname]
         local commit = repo:commit(cid)
+        if commit == nil then
+            return "Page not found", 404, "Not found"
+        end
         local prev = repo:find_prev(commit:id(), 1)
         local sig = commit:signature()
         local time_str = time_fmt(sig)
@@ -206,12 +221,18 @@ function Cogit:routes()
     end},
     {"GET", "/repo/([%w_-]+)/commit/([%w_-]+)/tree/(.*)",
     function (req, rname, cid, path)
+        local repo = self.repos[rname]
+        if repo == nil then
+            return "Page not found", 404, "Not found"
+        end
         local is_admin = self:is_admin(req.cookies)
         if not is_admin and is_private(self.descs[rname]) then
             return "/login", 303
         end
-        local repo = self.repos[rname]
         local commit = repo:commit(cid)
+        if commit == nil then
+            return "Page not found", 404, "Not found"
+        end
         local node = commit:tree_entry(path)
         if node == nil then
             return "File not found", 404, "Not found"

diff --git a/cogit/git.lua b/cogit/git.lua
index b16ff24..570a563 100644
--- a/cogit/git.lua
+++ b/cogit/git.lua
@@ -296,7 +296,9 @@ end
 
 function Repo:commit(rev)
     local pobj = ffi.new("git_object *[1]")
-    C.git_revparse_single(pobj, self.repo, rev)
+    if C.git_revparse_single(pobj, self.repo, rev) ~= 0 then
+        return nil
+    end
     local obj = pobj[0]
     local oid = C.git_object_id(obj)
     local pcommit = ffi.new("git_commit *[1]")