forked from gitea/gitea
1
0
Fork 0
gitea/models
zeripath 44371b96f5 Ensure valid git author names passed in signatures (#5774)
* Ensure valid git author names passed in signatures

Fix #5772 - Git author names are not allowed to include `\n` `<` or `>` and
must not be empty. Ensure that the name passed in a signature is valid.

* Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are.
Therefore just ensure that user names are also git safe and if totally pathological -
Set them to "user-$UID"

* Add Tests and adjust test users

Make our testcases a little more pathological so that we be sure that integration
tests have a chance to spot these cases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2019-01-24 16:12:17 +02:00
..
fixtures Ensure valid git author names passed in signatures (#5774) 2019-01-24 16:12:17 +02:00
migrations fix migration 78 error mssql (#5791) 2019-01-21 12:12:45 +02:00
access.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
access_test.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
action.go Refactor repo.isBare to repo.isEmpty #5629 (#5714) 2019-01-17 19:01:04 -05:00
action_list.go refactor: reduce sql query in retrieveFeeds (#3547) 2018-02-21 18:55:34 +08:00
action_test.go Don't close issues via commits on non-default branch. (#5622) 2019-01-04 11:22:58 +02:00
admin.go Refactor struct's time to remove unnecessary memory usage (#3142) 2017-12-11 06:37:04 +02:00
admin_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
attachment.go Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
attachment_test.go Add Attachment API (#3478) 2018-03-06 09:22:16 +08:00
branches.go fix approvals limitation (#5521) 2018-12-11 18:49:33 -05:00
branches_test.go Add deleted_branch table fixture (#2832) 2017-11-04 15:31:59 +02:00
consistency.go Fix activity feed (#1779) 2017-05-26 09:38:18 +08:00
error.go Pull request review/approval and comment on code (#3748) 2018-08-06 06:43:21 +02:00
error_oauth2.go gofmt (#1662) 2017-05-04 13:54:56 +08:00
external_login_user.go Add primary key and index to external login user table (#1656) 2017-05-02 16:41:44 +08:00
git_diff.go Fix regex to support optional end line of old section in diff hunk (#5096) 2018-10-17 22:03:49 -04:00
git_diff_test.go Pull request review/approval and comment on code (#3748) 2018-08-06 06:43:21 +02:00
gpg_key.go Fix null pointer dereference in ParseCommitWithSignature (#4962) 2018-09-20 13:49:07 +08:00
gpg_key_test.go Refactor struct's time to remove unnecessary memory usage (#3142) 2017-12-11 06:37:04 +02:00
graph.go Make max commits in graph configurable (#4498) 2018-07-23 17:12:06 +03:00
graph_test.go Accept 'Data:' in commit graph (#4487) 2018-07-21 14:17:09 -04:00
helper.go Add reactions to issues/PR and comments (#2856) 2017-12-04 01:14:26 +02:00
issue.go Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
issue_assignees.go Fix sqlite deadlock when assigning to a PR (#5640) 2019-01-04 16:51:27 -05:00
issue_assignees_test.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
issue_comment.go Refactor notification for indexer (#5111) 2019-01-17 22:23:22 +08:00
issue_comment_list.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
issue_comment_test.go Pull request review/approval and comment on code (#3748) 2018-08-06 06:43:21 +02:00
issue_dependency.go fix sqlite lock (#5184) 2018-10-27 22:45:24 +08:00
issue_dependency_test.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
issue_indexer.go Refactor notification for indexer (#5111) 2019-01-17 22:23:22 +08:00
issue_label.go Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
issue_label_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
issue_list.go fix bugs when too many IN variables (#4594) 2018-08-02 21:49:05 +08:00
issue_list_test.go Shows total tracked time in issue and milestone list (#3341) 2018-04-29 13:58:47 +08:00
issue_mail.go Fix sqlite deadlock when assigning to a PR (#5640) 2019-01-04 16:51:27 -05:00
issue_milestone.go Milestone issues and pull requests (#5293) 2018-11-29 09:46:30 +08:00
issue_milestone_test.go Add more webhooks support and refactor webhook templates directory (#3929) 2018-05-16 22:01:55 +08:00
issue_reaction.go Refactor struct's time to remove unnecessary memory usage (#3142) 2017-12-11 06:37:04 +02:00
issue_reaction_test.go Ensure valid git author names passed in signatures (#5774) 2019-01-24 16:12:17 +02:00
issue_stopwatch.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
issue_stopwatch_test.go Refactor struct's time to remove unnecessary memory usage (#3142) 2017-12-11 06:37:04 +02:00
issue_test.go Add the ability to use multiple labels as filters(#5786) 2019-01-22 23:10:38 -05:00
issue_tracked_time.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
issue_tracked_time_test.go Feature: Timetracking (#2211) 2017-09-12 09:48:13 +03:00
issue_user.go Fix sqlite deadlock when assigning to a PR (#5640) 2019-01-04 16:51:27 -05:00
issue_user_test.go Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
issue_watch.go Update xorm to latest version and fix correct `user` table referencing in sql (#4473) 2018-07-20 10:10:17 +08:00
issue_watch_test.go Hide unactive on explore users and some refactors (#2741) 2017-10-24 20:36:19 +03:00
lfs.go Pooled and buffered gzip implementation (#5722) 2019-01-23 10:56:51 +02:00
lfs_lock.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
login_source.go Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557) 2018-12-27 12:28:48 -05:00
mail.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
main_test.go Unit tests for wiki routers (#3022) 2017-11-30 17:52:15 +02:00
models.go Added test environment for mssql (#4282) 2018-12-12 09:01:41 +08:00
models_sqlite.go go vet 2014-04-13 03:14:43 -04:00
models_test.go Change parsing of postgresql settings (#4275) 2018-06-20 08:06:01 +03:00
notification.go Fix sqlite lock (#5176) 2018-10-25 18:55:16 +08:00
notification_test.go Add 'mark all read' option to notifications (#3097) 2017-12-07 13:52:57 +08:00
oauth2.go Discord Oauth2 support (#4476) 2019-01-13 14:06:22 -05:00
org.go api: Add missing GET teams endpoints (#5382) 2019-01-16 19:39:50 -05:00
org_team.go api: Add missing GET teams endpoints (#5382) 2019-01-16 19:39:50 -05:00
org_team_test.go api: Add missing GET teams endpoints (#5382) 2019-01-16 19:39:50 -05:00
org_test.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
pull.go Make sure .git/info is created before generating .git/info/sparse-che… (#5825) 2019-01-24 09:43:37 +02:00
pull_test.go Disable merging a WIP Pull request (#4529) 2018-08-13 22:04:39 +03:00
release.go Added URL mapping for Release attachments like on github.com (#1707) 2019-01-06 17:37:30 -05:00
release_test.go mirror: Delete tags in mirror which are removed for original repo. (#5609) 2018-12-31 18:00:54 -05:00
repo.go When creating new repository fsck option should be enabled (#5817) 2019-01-23 22:26:18 -05:00
repo_activity.go Add issue closed time column to fix activity closed issues list (#3537) 2018-02-19 10:39:26 +08:00
repo_branch.go Create new branch from branch selection dropdown (#2130) 2017-10-15 22:59:24 +03:00
repo_collaboration.go Fix not removed watches on unallowed repositories (#4201) 2018-06-19 15:44:33 -04:00
repo_collaboration_test.go Unit tests for models/repo_collaboration (#1032) 2017-02-24 09:37:38 +08:00
repo_editor.go Code/repo search (#2582) 2017-10-27 09:10:54 +03:00
repo_indexer.go Update code.gitea.io/git (#3482) 2018-02-10 20:19:26 +02:00
repo_issue.go Add EnableTimetracking option to app settings (#3719) 2018-04-09 23:15:32 +08:00
repo_list.go This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136) 2018-10-30 17:48:37 -04:00
repo_list_test.go This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136) 2018-10-30 17:48:37 -04:00
repo_mirror.go Add option to disable automatic mirror syncing. (#5242) 2018-11-08 18:58:02 -05:00
repo_permission.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
repo_permission_test.go Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
repo_redirect.go Redirects for renamed repos (#807) 2017-02-05 22:35:03 +08:00
repo_redirect_test.go Unit tests for repo redirects (#961) 2017-02-17 08:55:33 +08:00
repo_test.go Fix repo-transfer-and-team-repo-count bug (#3241) 2017-12-19 23:37:56 -06:00
repo_unit.go Add rebase with merge commit merge style (#3844) (#4052) 2018-12-27 12:27:08 +02:00
repo_watch.go Fix sqlite deadlock when assigning to a PR (#5640) 2019-01-04 16:51:27 -05:00
repo_watch_test.go Hide unactive on explore users and some refactors (#2741) 2017-10-24 20:36:19 +03:00
review.go Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
review_test.go Show review summary in pull requests (#5132) 2018-11-22 15:17:36 +02:00
ssh_key.go fix public will not be reused as public key after deleting as deploy key (#5671) 2019-01-09 13:10:46 -05:00
ssh_key_test.go Use assert in legacy unit tests (#867) 2017-02-08 14:29:07 +08:00
star.go Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718) 2019-01-13 21:29:58 -05:00
star_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
status.go Fix race on updatesize (#5190) 2018-10-26 12:37:57 +03:00
status_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
test_fixtures.go Increase the retry limit to 20 times and the interval to 200ms (#5134) 2018-10-21 16:09:17 +02:00
token.go Refactor struct's time to remove unnecessary memory usage (#3142) 2017-12-11 06:37:04 +02:00
token_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
topic.go fix topic name length on database (#5493) 2018-12-08 14:27:30 +02:00
topic_test.go feat(repo): support search repository by topic name (#4505) 2018-09-13 10:33:48 +08:00
twofactor.go Switch plaintext scratch tokens to use hash instead (#4331) 2018-07-27 08:54:50 -04:00
u2f.go Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
u2f_test.go Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
unit.go Fix create team, update team missing units (#5188) 2018-11-10 14:45:32 -05:00
unit_tests.go User action heatmap (#5131) 2018-10-23 10:57:42 +08:00
update.go Improve performance of dashboard (#4977) 2018-12-13 10:55:43 -05:00
update_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
user.go Ensure valid git author names passed in signatures (#5774) 2019-01-24 16:12:17 +02:00
user_follow.go Refactor session close as xorm already does everything needed internally (#2020) 2017-06-21 08:57:05 +08:00
user_follow_test.go Move user_follow to separate file (#1210) 2017-03-11 16:46:53 +08:00
user_heatmap.go Only count users own actions for heatmap contributions (#5647) 2019-01-06 21:29:05 +02:00
user_heatmap_test.go Fix JSON result of empty array (#5154) 2018-10-24 21:17:21 +08:00
user_mail.go Replace deprecated Id method with ID (#2655) 2017-10-05 07:43:04 +03:00
user_mail_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
user_openid.go Fix SQL quoting (#5117) 2018-10-20 18:19:21 -04:00
user_openid_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
user_test.go Ensure valid git author names passed in signatures (#5774) 2019-01-24 16:12:17 +02:00
webhook.go Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
webhook_dingtalk.go Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
webhook_discord.go Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
webhook_slack.go Webhook for Pull Request approval/rejection (#5027) 2018-12-27 13:04:30 -05:00
webhook_test.go Add more webhooks support and refactor webhook templates directory (#3929) 2018-05-16 22:01:55 +08:00
wiki.go Fix deadlock when sqlite (#5118) 2018-10-19 12:36:42 -04:00
wiki_test.go test: reduce testing time. (#3885) 2018-05-02 21:56:19 +08:00