gitweb: Handle invalid regexp in regexp search

author Jakub Narebski <redacted>

Tue, 28 Feb 2012 18:41:47 +0000 (19:41 +0100)

committer Lady <redacted>

Mon, 6 Apr 2026 04:51:32 +0000 (00:51 -0400)
author Jakub Narebski <redacted>
Tue, 28 Feb 2012 18:41:47 +0000 (19:41 +0100)
committer Lady <redacted>
Mon, 6 Apr 2026 04:51:32 +0000 (00:51 -0400)
diff --git a/gitweb.perl b/gitweb.perl

index eac264c266909b25af34b696623410bb4d623aea484edb554d895a5509c1a4fb..16b02480c39de707da3bbbef170df8dea8ed04335b2b3f69afcb770068099c8d 100755 (executable)
--- a/gitweb.perl
+++ b/gitweb.perl
@@ -1082,7 +1082,16 @@ sub evaluate_and_validate_params {
                 if (length($searchtext) < 2) {
                         die_error(403, "At least two characters are required for search parameter");
                 }
                 if (length($searchtext) < 2) {
                         die_error(403, "At least two characters are required for search parameter");
                 }
-               $search_regexp = $search_use_regexp ? $searchtext : quotemeta $searchtext;
+               if ($search_use_regexp) {
+                       $search_regexp = $searchtext;
+                       if (!eval { qr/$search_regexp/; 1; }) {
+                               (my $error = $@) =~ s/ at \S+ line \d+.*\n?//;
+                               die_error(400, "Invalid search regexp '$search_regexp'",
+                                         esc_html($error));
+                       }
+               } else {
+                       $search_regexp = quotemeta $searchtext;
+               }
         }
  }
  
         }
  }
author	Jakub Narebski <redacted>
	Tue, 28 Feb 2012 18:41:47 +0000 (19:41 +0100)
committer	Lady <redacted>
	Mon, 6 Apr 2026 04:51:32 +0000 (00:51 -0400)