X-Git-Url: https://git.ladys.computer/Gitweb/blobdiff_plain/c77ad442fb79805bda442e469e4b03ab7272d4ca201b2ccd025be3f57a20d2e5..7f7b9389478c8990ccd0a52bfe74e5dca2d2137c378c4f27ec43aaed3a06e98a:/gitweb.perl

diff --git a/gitweb.perl b/gitweb.perl
index eac264c..16b0248 100755
--- a/gitweb.perl
+++ b/gitweb.perl
@@ -1082,7 +1082,16 @@ sub evaluate_and_validate_params {
 		if (length($searchtext) < 2) {
 			die_error(403, "At least two characters are required for search parameter");
 		}
-		$search_regexp = $search_use_regexp ? $searchtext : quotemeta $searchtext;
+		if ($search_use_regexp) {
+			$search_regexp = $searchtext;
+			if (!eval { qr/$search_regexp/; 1; }) {
+				(my $error = $@) =~ s/ at \S+ line \d+.*\n?//;
+				die_error(400, "Invalid search regexp '$search_regexp'",
+				          esc_html($error));
+			}
+		} else {
+			$search_regexp = quotemeta $searchtext;
+		}
 	}
 }