#3076 detect invalid tag name git error

pull/197/head
Unknwon 8 years ago
parent 69dae1ec1c
commit c912494609
  1. 2
      README.md
  2. 1
      conf/locale/locale_en-US.ini
  3. 2
      gogs.go
  4. 19
      models/error.go
  5. 5
      models/release.go
  6. 4
      modules/bindata/bindata.go
  7. 3
      public/css/gogs.css
  8. 4
      public/less/_repository.less
  9. 9
      routers/repo/release.go
  10. 2
      templates/.VERSION
  11. 2
      templates/repo/release/new.tmpl

@ -3,7 +3,7 @@ Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?bra
![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true) ![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
##### Current tip version: 0.9.48 (see [Releases](https://github.com/gogits/gogs/releases) for binary versions) ##### Current tip version: 0.9.49 (see [Releases](https://github.com/gogits/gogs/releases) for binary versions)
| Web | UI | Preview | | Web | UI | Preview |
|:-------------:|:-------:|:-------:| |:-------------:|:-------:|:-------:|

@ -725,6 +725,7 @@ release.deletion = Release Deletion
release.deletion_desc = Deleting this release will delete the corresponding Git tag. Do you want to continue? release.deletion_desc = Deleting this release will delete the corresponding Git tag. Do you want to continue?
release.deletion_success = Release has been deleted successfully! release.deletion_success = Release has been deleted successfully!
release.tag_name_already_exist = Release with this tag name already exists. release.tag_name_already_exist = Release with this tag name already exists.
release.tag_name_invalid = Tag name is not valid.
release.downloads = Downloads release.downloads = Downloads
[org] [org]

@ -17,7 +17,7 @@ import (
"github.com/gogits/gogs/modules/setting" "github.com/gogits/gogs/modules/setting"
) )
const APP_VER = "0.9.48.0722" const APP_VER = "0.9.49.0723"
func init() { func init() {
runtime.GOMAXPROCS(runtime.NumCPU()) runtime.GOMAXPROCS(runtime.NumCPU())

@ -387,7 +387,7 @@ func IsErrReleaseAlreadyExist(err error) bool {
} }
func (err ErrReleaseAlreadyExist) Error() string { func (err ErrReleaseAlreadyExist) Error() string {
return fmt.Sprintf("Release tag already exist [tag_name: %s]", err.TagName) return fmt.Sprintf("release tag already exist [tag_name: %s]", err.TagName)
} }
type ErrReleaseNotExist struct { type ErrReleaseNotExist struct {
@ -401,7 +401,20 @@ func IsErrReleaseNotExist(err error) bool {
} }
func (err ErrReleaseNotExist) Error() string { func (err ErrReleaseNotExist) Error() string {
return fmt.Sprintf("Release tag does not exist [id: %d, tag_name: %s]", err.ID, err.TagName) return fmt.Sprintf("release tag does not exist [id: %d, tag_name: %s]", err.ID, err.TagName)
}
type ErrInvalidTagName struct {
TagName string
}
func IsErrInvalidTagName(err error) bool {
_, ok := err.(ErrInvalidTagName)
return ok
}
func (err ErrInvalidTagName) Error() string {
return fmt.Sprintf("release tag name is not valid [tag_name: %s]", err.TagName)
} }
// __________ .__ // __________ .__
@ -421,7 +434,7 @@ func IsErrBranchNotExist(err error) bool {
} }
func (err ErrBranchNotExist) Error() string { func (err ErrBranchNotExist) Error() string {
return fmt.Sprintf("Branch does not exist [name: %s]", err.Name) return fmt.Sprintf("branch does not exist [name: %s]", err.Name)
} }
// __ __ ___. .__ __ // __ __ ___. .__ __

@ -67,9 +67,12 @@ func createTag(gitRepo *git.Repository, rel *Release) error {
return fmt.Errorf("GetBranchCommit: %v", err) return fmt.Errorf("GetBranchCommit: %v", err)
} }
// Trim '--' prefix to prevent command line argument vulnerability // Trim '--' prefix to prevent command line argument vulnerability.
rel.TagName = strings.TrimPrefix(rel.TagName, "--") rel.TagName = strings.TrimPrefix(rel.TagName, "--")
if err = gitRepo.CreateTag(rel.TagName, commit.ID.String()); err != nil { if err = gitRepo.CreateTag(rel.TagName, commit.ID.String()); err != nil {
if strings.Contains(err.Error(), "is not a valid tag name") {
return ErrInvalidTagName{rel.TagName}
}
return err return err
} }
} else { } else {

File diff suppressed because one or more lines are too long

@ -1968,6 +1968,9 @@ footer .ui.language .menu {
.repository.new.release .target { .repository.new.release .target {
min-width: 500px; min-width: 500px;
} }
.repository.new.release .target #tag-name {
margin-top: -4px;
}
.repository.new.release .target .at { .repository.new.release .target .at {
margin-left: -5px; margin-left: -5px;
margin-right: 5px; margin-right: 5px;

@ -954,6 +954,10 @@
.target { .target {
min-width: 500px; min-width: 500px;
#tag-name {
margin-top: -4px;
}
.at { .at {
margin-left: -5px; margin-left: -5px;
margin-right: 5px; margin-right: 5px;

@ -188,10 +188,13 @@ func NewReleasePost(ctx *context.Context, form auth.NewReleaseForm) {
} }
if err = models.CreateRelease(ctx.Repo.GitRepo, rel); err != nil { if err = models.CreateRelease(ctx.Repo.GitRepo, rel); err != nil {
if models.IsErrReleaseAlreadyExist(err) { ctx.Data["Err_TagName"] = true
ctx.Data["Err_TagName"] = true switch {
case models.IsErrReleaseAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &form) ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &form)
} else { case models.IsErrInvalidTagName(err):
ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_invalid"), RELEASE_NEW, &form)
default:
ctx.Handle(500, "CreateRelease", err) ctx.Handle(500, "CreateRelease", err)
} }
return return

@ -1 +1 @@
0.9.48.0722 0.9.49.0723

@ -19,7 +19,7 @@
{{if .PageIsEditRelease}} {{if .PageIsEditRelease}}
<b>{{.tag_name}}</b><span class="at">@</span><strong>{{.tag_target}}</strong> <b>{{.tag_name}}</b><span class="at">@</span><strong>{{.tag_target}}</strong>
{{else}} {{else}}
<input name="tag_name" value="{{.tag_name}}" placeholder="{{.i18n.Tr "repo.release.tag_name"}}" autofocus required> <input id="tag-name" name="tag_name" value="{{.tag_name}}" placeholder="{{.i18n.Tr "repo.release.tag_name"}}" autofocus required>
<span class="at">@</span> <span class="at">@</span>
<div class="ui selection dropdown"> <div class="ui selection dropdown">
<input type="hidden" name="tag_target" value="{{.tag_target}}"/> <input type="hidden" name="tag_target" value="{{.tag_target}}"/>

Loading…
Cancel
Save