Skip to content
Browse files

Added string replacement support via sed to git-weblog

  • Loading branch information...
1 parent f027b2b commit 88683e40db811320730e051af23226203dc56349 @mikegerwitz committed Jan 7, 2012
Showing with 47 additions and 3 deletions.
  1. +47 −3 bin/git-weblog
View
50 bin/git-weblog
@@ -29,7 +29,10 @@ get-part()
{
local fmt=$( tr -d '\n' <<< "$1" )
- git log -n1 --date=$datefmt --pretty="format:$fmt" --show-notes=weblog "$2"
+ git log -n1 --date=$datefmt \
+ --pretty="format:$fmt" \
+ --show-notes=weblog --no-standard-notes \
+ "$2"
}
get-part-tag()
@@ -62,6 +65,7 @@ get-part-tag()
format-body()
{
local commit="$1"
+ local meta="$2"
local body=$( get-part '%b' "$commit" )
# default body text to let user know there was no body to the commit
@@ -72,7 +76,7 @@ format-body()
# after it (this is, of course, assuming that there is only one such
# placeholder)
echo -n "$format_body" | sed 's/^\(.*\)%b.*$/\1/'
- echo -n "$body" | $parser_body
+ echo -n "$body" | parse-meta "$commit" "$meta" | $parser_body
echo "$format_body" | sed 's/^.*%b\(.*\)$/\1/'
}
@@ -107,6 +111,46 @@ parser-default()
s/\(http:\/\/[a-zA-Z0-9\/\.\?&%#-]\+\)/<a href="\1">\1<\/a>/g'
}
+# intentionally simple; we don't want people to inject full shell scripts, for
+# example, in notes that are hidden from plain sight and could be unknowingly
+# executed
+parse-meta()
+{
+ local IFS=$'\n'
+ local commit="$1"
+ local meta="$2"
+
+ for line in $meta; do
+ case "$line" in
+ # :ignore is handled elsewhere
+ :ignore) continue;;
+
+ :s/*)
+ # disallow read/write commands that may be used as attack vectors (since
+ # the beginning of the command must always be a replacement (due to the
+ # match), we can conclude that any non-escaped semicolons, followed by
+ # optional whitespace, followed by the operation, should be restricted)
+ grep -q '[^\][ \t]*;[rRwW]' <<< "${line:1}" && {
+ echo "FATAL: [$commit] Restricted expression: $line" >&2
+ exit 1
+ }
+
+ sed "${line:1}"
+ ;;
+
+ *)
+ echo "![$commit] Unknown command: $line" >&2
+ continue
+ ;;
+ esac
+
+ echo "[$commit] $line" >&2
+ done
+
+ # all remaining text from stdin should just be output
+ cat -
+}
+
# generate XHTML for each provided commit/treeish/etc
for commit in "$@"; do
@@ -126,7 +170,7 @@ for commit in "$@"; do
}
subject=$( $cmd "$format_subject" "$commit" )
- body=$( $cmd "$( $cmdfmt "$commit" )" "$commit" )
+ body=$( $cmd "$( $cmdfmt "$commit" "$meta" )" "$commit" )
echo "$subject"
echo "$body"

0 comments on commit 88683e4

Please sign in to comment.
Something went wrong with that request. Please try again.