X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FViewDiff.pm;h=e9a7bf69969e2c993bba545bcfc7ed5e974249ea;hb=2ad73a71e64085e7814df8880f90120c87d515cb;hp=d22c80b97b4871a00dba47f3e8b055bd1659ab06;hpb=7ff686e90a4f26fb7c0ab29fa461329086dd28e5;p=public-inbox.git
diff --git a/lib/PublicInbox/ViewDiff.pm b/lib/PublicInbox/ViewDiff.pm
index d22c80b9..e9a7bf69 100644
--- a/lib/PublicInbox/ViewDiff.pm
+++ b/lib/PublicInbox/ViewDiff.pm
@@ -1,4 +1,4 @@
-# Copyright (C) 2019-2020 all contributors
+# Copyright (C) 2019-2021 all contributors
# License: AGPL-3.0+
#
# used by PublicInbox::View
@@ -18,8 +18,8 @@ use PublicInbox::Git qw(git_unquote);
sub UNSAFE () { "^A-Za-z0-9\-\._~/" }
-my $OID_NULL = '0{7,40}';
-my $OID_BLOB = '[a-f0-9]{7,40}';
+my $OID_NULL = '0{7,}';
+my $OID_BLOB = '[a-f0-9]{7,}';
my $LF = qr!\n!;
my $ANY = qr![^\n]!;
my $FN = qr!(?:"?[^/\n]+/[^\n]+|/dev/null)!;
@@ -30,7 +30,7 @@ my $DIFFSTAT_COMMENT =
my $NULL_TO_BLOB = qr/^(index $OID_NULL\.\.)($OID_BLOB)\b/ms;
my $BLOB_TO_NULL = qr/^index ($OID_BLOB)(\.\.$OID_NULL)\b/ms;
my $BLOB_TO_BLOB = qr/^index ($OID_BLOB)\.\.($OID_BLOB)/ms;
-my $EXTRACT_DIFFS = qr/(
+our $EXTRACT_DIFFS = qr/(
(?: # begin header stuff, don't capture filenames, here,
# but instead wait for the --- and +++ lines.
(?:^diff\x20--git\x20$FN\x20$FN$LF)
@@ -41,7 +41,7 @@ my $EXTRACT_DIFFS = qr/(
^index\x20($OID_BLOB)\.\.($OID_BLOB)$ANY*$LF
^---\x20($FN)$LF
^\+{3}\x20($FN)$LF)/msx;
-my $IS_OID = qr/\A$OID_BLOB\z/s;
+our $IS_OID = qr/\A$OID_BLOB\z/s;
# link to line numbers in blobs
sub diff_hunk ($$$$) {
@@ -50,12 +50,12 @@ sub diff_hunk ($$$$) {
if (defined($spfx) && defined($oid_a) && defined($oid_b)) {
my ($n) = ($ca =~ /^-([0-9]+)/);
- $n = defined($n) ? do { ++$n; "#n$n" } : '';
+ $n = defined($n) ? "#n$n" : '';
$$dst .= qq(@@ {Q}$n">$ca);
($n) = ($cb =~ /^\+([0-9]+)/);
- $n = defined($n) ? do { ++$n; "#n$n" } : '';
+ $n = defined($n) ? "#n$n" : '';
$$dst .= qq( {Q}$n">$cb @@);
} else {
$$dst .= "@@ $ca $cb @@";
@@ -82,10 +82,8 @@ sub anchor0 ($$$$) {
$fn =~ s/{(?:.+) => (.+)}/$1/ or $fn =~ s/.* => (.+)/$1/;
$fn = git_unquote($fn);
- # long filenames will require us to walk backwards in anchor1
- if ($fn =~ s!\A\.\.\./?!!) {
- $ctx->{-long_path}->{$fn} = qr/\Q$fn\E\z/s;
- }
+ # long filenames will require us to check in anchor1()
+ push(@{$ctx->{-long_path}}, $fn) if $fn =~ s!\A\.\.\./?!!;
if (my $attr = to_attr($ctx->{-apfx}.$fn)) {
$ctx->{-anchors}->{$attr} = 1;
@@ -105,23 +103,20 @@ sub anchor1 ($$) {
my $ok = delete $ctx->{-anchors}->{$attr};
- # unlikely, check the end of all long path names we captured:
+ # unlikely, check the end of long path names we captured,
+ # assume diffstat and diff output follow the same order,
+ # and ignore different ordering (could be malicious input)
unless ($ok) {
- my $lp = $ctx->{-long_path} or return;
- foreach my $fn (keys %$lp) {
- $pb =~ $lp->{$fn} or next;
-
- delete $lp->{$fn};
- $attr = to_attr($ctx->{-apfx}.$fn) or return;
- $ok = delete $ctx->{-anchors}->{$attr} or return;
- last;
- }
+ my $fn = shift(@{$ctx->{-long_path}}) or return;
+ $pb =~ /\Q$fn\E\z/s or return;
+ $attr = to_attr($ctx->{-apfx}.$fn) or return;
+ $ok = delete $ctx->{-anchors}->{$attr} or return;
}
$ok ? "diff --git" : undef
}
-sub diff_header ($$$$) {
- my ($dst, $x, $ctx, $top) = @_;
+sub diff_header ($$$) {
+ my ($x, $ctx, $top) = @_;
my (undef, undef, $pa, $pb) = splice(@$top, 0, 4); # ignore oid_{a,b}
my $spfx = $ctx->{-spfx};
my $dctx = { spfx => $spfx };
@@ -159,19 +154,23 @@ sub diff_header ($$$$) {
warn "BUG? <$$x> had no ^index line";
}
$$x =~ s!^diff --git!anchor1($ctx, $pb) // 'diff --git'!ems;
+ my $dst = $ctx->{obuf};
$$dst .= qq();
$$dst .= $$x;
$$dst .= '';
$dctx;
}
-sub diff_before_or_after ($$$) {
- my ($dst, $ctx, $x) = @_;
+sub diff_before_or_after ($$) {
+ my ($ctx, $x) = @_;
my $linkify = $ctx->{-linkify};
+ my $dst = $ctx->{obuf};
+ my $anchors = exists($ctx->{-anchors}) ? 1 : 0;
for my $y (split(/(^---\n)/sm, $$x)) {
if ($y =~ /\A---\n\z/s) {
$$dst .= "---\n"; # all HTML is "\r\n" => "\n"
- } elsif ($y =~ /^ [0-9]+ files? changed, /sm) {
+ $anchors |= 2;
+ } elsif ($anchors == 3 && $y =~ /^ [0-9]+ files? changed, /sm) {
# ok, looks like a diffstat, go line-by-line:
for my $l (split(/^/m, $y)) {
if ($l =~ /^ (.+)( +\| .*\z)/s) {
@@ -186,22 +185,34 @@ sub diff_before_or_after ($$$) {
}
# callers must do CRLF => LF conversion before calling this
-sub flush_diff ($$$) {
- my ($dst, $ctx, $cur) = @_;
+sub flush_diff ($$) {
+ my ($ctx, $cur) = @_;
my @top = split($EXTRACT_DIFFS, $$cur);
- $$cur = undef;
+ undef $$cur; # free memory
my $linkify = $ctx->{-linkify};
+ my $dst = $ctx->{obuf};
my $dctx; # {}, keys: Q, oid_a, oid_b
while (defined(my $x = shift @top)) {
if (scalar(@top) >= 4 &&
$top[1] =~ $IS_OID &&
$top[0] =~ $IS_OID) {
- $dctx = diff_header($dst, \$x, $ctx, \@top);
+ $dctx = diff_header(\$x, $ctx, \@top);
} elsif ($dctx) {
my $after = '';
+
+ # Quiet "Complex regular subexpression recursion limit"
+ # warning. Perl will truncate matches upon hitting
+ # that limit, giving us more (and shorter) scalars than
+ # would be ideal, but otherwise it's harmless.
+ #
+ # We could replace the `+' metacharacter with `{1,100}'
+ # to limit the matches ourselves to 100, but we can
+ # let Perl do it for us, quietly.
+ no warnings 'regexp';
+
for my $s (split(/((?:(?:^\+[^\n]*\n)+)|
(?:(?:^-[^\n]*\n)+)|
(?:^@@ [^\n]+\n))/xsm, $x)) {
@@ -227,9 +238,9 @@ sub flush_diff ($$$) {
$$dst .= $linkify->to_html($s);
}
}
- diff_before_or_after($dst, $ctx, \$after) unless $dctx;
+ diff_before_or_after($ctx, \$after) unless $dctx;
} else {
- diff_before_or_after($dst, $ctx, \$x);
+ diff_before_or_after($ctx, \$x);
}
}
}