-# Copyright (C) 2019-2020 all contributors <meta@public-inbox.org>
+# Copyright (C) 2019-2021 all contributors <meta@public-inbox.org>
# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
#
# used by PublicInbox::View
# (or reconstruct) blobs.
package PublicInbox::ViewDiff;
-use 5.010_001;
use strict;
-use warnings;
-use base qw(Exporter);
+use v5.10.1;
+use parent qw(Exporter);
our @EXPORT_OK = qw(flush_diff);
use URI::Escape qw(uri_escape_utf8);
use PublicInbox::Hval qw(ascii_html to_attr);
use PublicInbox::Git qw(git_unquote);
-sub UNSAFE () { "^A-Za-z0-9\-\._~/" }
-
-my $OID_NULL = '0{7,40}';
-my $OID_BLOB = '[a-f0-9]{7,40}';
+my $UNSAFE = "^A-Za-z0-9\-\._~/"; # '/' + $URI::Escape::Unsafe{RFC3986}
+my $OID_NULL = '0{7,}';
+my $OID_BLOB = '[a-f0-9]{7,}';
my $LF = qr!\n!;
my $ANY = qr![^\n]!;
my $FN = qr!(?:"?[^/\n]+/[^\n]+|/dev/null)!;
my $NULL_TO_BLOB = qr/^(index $OID_NULL\.\.)($OID_BLOB)\b/ms;
my $BLOB_TO_NULL = qr/^index ($OID_BLOB)(\.\.$OID_NULL)\b/ms;
my $BLOB_TO_BLOB = qr/^index ($OID_BLOB)\.\.($OID_BLOB)/ms;
-my $EXTRACT_DIFFS = qr/(
+our $EXTRACT_DIFFS = qr/(
(?: # begin header stuff, don't capture filenames, here,
# but instead wait for the --- and +++ lines.
(?:^diff\x20--git\x20$FN\x20$FN$LF)
^index\x20($OID_BLOB)\.\.($OID_BLOB)$ANY*$LF
^---\x20($FN)$LF
^\+{3}\x20($FN)$LF)/msx;
-my $IS_OID = qr/\A$OID_BLOB\z/s;
+our $IS_OID = qr/\A$OID_BLOB\z/s;
# link to line numbers in blobs
sub diff_hunk ($$$$) {
if (defined($spfx) && defined($oid_a) && defined($oid_b)) {
my ($n) = ($ca =~ /^-([0-9]+)/);
- $n = defined($n) ? do { ++$n; "#n$n" } : '';
+ $n = defined($n) ? "#n$n" : '';
$$dst .= qq(@@ <a\nhref="$spfx$oid_a/s/$dctx->{Q}$n">$ca</a>);
($n) = ($cb =~ /^\+([0-9]+)/);
- $n = defined($n) ? do { ++$n; "#n$n" } : '';
+ $n = defined($n) ? "#n$n" : '';
$$dst .= qq( <a\nhref="$spfx$oid_b/s/$dctx->{Q}$n">$cb</a> @@);
} else {
$$dst .= "@@ $ca $cb @@";
# which works well in practice. If projects put "=>", or trailing
# spaces in filenames, oh well :P
$fn =~ s/$DIFFSTAT_COMMENT//;
- $fn =~ s/{(?:.+) => (.+)}/$1/ or $fn =~ s/.* => (.+)/$1/;
+ $fn =~ s/\{(?:.+) => (.+)\}/$1/ or $fn =~ s/.* => (.+)/$1/;
$fn = git_unquote($fn);
- # long filenames will require us to walk backwards in anchor1
- if ($fn =~ s!\A\.\.\./?!!) {
- $ctx->{-long_path}->{$fn} = qr/\Q$fn\E\z/s;
- }
+ # long filenames will require us to check in anchor1()
+ push(@{$ctx->{-long_path}}, $fn) if $fn =~ s!\A\.\.\./?!!;
- if (my $attr = to_attr($ctx->{-apfx}.$fn)) {
+ if (defined(my $attr = to_attr($ctx->{-apfx}.$fn))) {
$ctx->{-anchors}->{$attr} = 1;
my $spaces = ($orig =~ s/( +)\z//) ? $1 : '';
$$dst .= " <a\nid=i$attr\nhref=#$attr>" .
# returns "diff --git" anchor destination, undef otherwise
sub anchor1 ($$) {
my ($ctx, $pb) = @_;
- my $attr = to_attr($ctx->{-apfx}.$pb) or return;
+ my $attr = to_attr($ctx->{-apfx}.$pb) // return;
my $ok = delete $ctx->{-anchors}->{$attr};
- # unlikely, check the end of all long path names we captured:
+ # unlikely, check the end of long path names we captured,
+ # assume diffstat and diff output follow the same order,
+ # and ignore different ordering (could be malicious input)
unless ($ok) {
- my $lp = $ctx->{-long_path} or return;
- foreach my $fn (keys %$lp) {
- $pb =~ $lp->{$fn} or next;
-
- delete $lp->{$fn};
- $attr = to_attr($ctx->{-apfx}.$fn) or return;
- $ok = delete $ctx->{-anchors}->{$attr} or return;
- last;
- }
+ my $fn = shift(@{$ctx->{-long_path}}) // return;
+ $pb =~ /\Q$fn\E\z/s or return;
+ $attr = to_attr($ctx->{-apfx}.$fn) // return;
+ $ok = delete $ctx->{-anchors}->{$attr} // return;
}
$ok ? "<a\nhref=#i$attr\nid=$attr>diff</a> --git" : undef
}
-sub diff_header ($$$$) {
- my ($dst, $x, $ctx, $top) = @_;
+sub diff_header ($$$) {
+ my ($x, $ctx, $top) = @_;
my (undef, undef, $pa, $pb) = splice(@$top, 0, 4); # ignore oid_{a,b}
my $spfx = $ctx->{-spfx};
my $dctx = { spfx => $spfx };
# get rid of leading "a/" or "b/" (or whatever --{src,dst}-prefix are)
- $pa = (split('/', git_unquote($pa), 2))[1] if $pa ne '/dev/null';
- $pb = (split('/', git_unquote($pb), 2))[1] if $pb ne '/dev/null';
+ $pa = (split(m'/', git_unquote($pa), 2))[1] if $pa ne '/dev/null';
+ $pb = (split(m'/', git_unquote($pb), 2))[1] if $pb ne '/dev/null';
if ($pa eq $pb && $pb ne '/dev/null') {
- $dctx->{Q} = "?b=".uri_escape_utf8($pb, UNSAFE);
+ $dctx->{Q} = "?b=".uri_escape_utf8($pb, $UNSAFE);
} else {
my @q;
if ($pb ne '/dev/null') {
- push @q, 'b='.uri_escape_utf8($pb, UNSAFE);
+ push @q, 'b='.uri_escape_utf8($pb, $UNSAFE);
}
if ($pa ne '/dev/null') {
- push @q, 'a='.uri_escape_utf8($pa, UNSAFE);
+ push @q, 'a='.uri_escape_utf8($pa, $UNSAFE);
}
$dctx->{Q} = '?'.join('&', @q);
}
warn "BUG? <$$x> had no ^index line";
}
$$x =~ s!^diff --git!anchor1($ctx, $pb) // 'diff --git'!ems;
+ my $dst = $ctx->{obuf};
$$dst .= qq(<span\nclass="head">);
$$dst .= $$x;
$$dst .= '</span>';
$dctx;
}
-sub diff_before_or_after ($$$) {
- my ($dst, $ctx, $x) = @_;
+sub diff_before_or_after ($$) {
+ my ($ctx, $x) = @_;
my $linkify = $ctx->{-linkify};
+ my $dst = $ctx->{obuf};
+ my $anchors = exists($ctx->{-anchors}) ? 1 : 0;
for my $y (split(/(^---\n)/sm, $$x)) {
if ($y =~ /\A---\n\z/s) {
$$dst .= "---\n"; # all HTML is "\r\n" => "\n"
- } elsif ($y =~ /^ [0-9]+ files? changed, /sm) {
+ $anchors |= 2;
+ } elsif ($anchors == 3 && $y =~ /^ [0-9]+ files? changed, /sm) {
# ok, looks like a diffstat, go line-by-line:
for my $l (split(/^/m, $y)) {
if ($l =~ /^ (.+)( +\| .*\z)/s) {
}
# callers must do CRLF => LF conversion before calling this
-sub flush_diff ($$$) {
- my ($dst, $ctx, $cur) = @_;
+sub flush_diff ($$) {
+ my ($ctx, $cur) = @_;
my @top = split($EXTRACT_DIFFS, $$cur);
- $$cur = undef;
+ undef $$cur; # free memory
my $linkify = $ctx->{-linkify};
+ my $dst = $ctx->{obuf};
my $dctx; # {}, keys: Q, oid_a, oid_b
while (defined(my $x = shift @top)) {
if (scalar(@top) >= 4 &&
$top[1] =~ $IS_OID &&
$top[0] =~ $IS_OID) {
- $dctx = diff_header($dst, \$x, $ctx, \@top);
+ $dctx = diff_header(\$x, $ctx, \@top);
} elsif ($dctx) {
my $after = '';
+
+ # Quiet "Complex regular subexpression recursion limit"
+ # warning. Perl will truncate matches upon hitting
+ # that limit, giving us more (and shorter) scalars than
+ # would be ideal, but otherwise it's harmless.
+ #
+ # We could replace the `+' metacharacter with `{1,100}'
+ # to limit the matches ourselves to 100, but we can
+ # let Perl do it for us, quietly.
+ no warnings 'regexp';
+
for my $s (split(/((?:(?:^\+[^\n]*\n)+)|
(?:(?:^-[^\n]*\n)+)|
(?:^@@ [^\n]+\n))/xsm, $x)) {
$$dst .= $linkify->to_html($s);
}
}
- diff_before_or_after($dst, $ctx, \$after) unless $dctx;
+ diff_before_or_after($ctx, \$after) unless $dctx;
} else {
- diff_before_or_after($dst, $ctx, \$x);
+ diff_before_or_after($ctx, \$x);
}
}
}