🌐 AI搜索 & 代理 主页
Skip to content

Stability improvements for view.go and wiki.go #8064

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
0xless wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Stability improvements for view.go and wiki.go #8064

0xless wants to merge 2 commits into from
+42 −18

Conversation

@0xless
Copy link

@0xless 0xless commented Dec 1, 2025

Describe the pull request

Gracefully handles failed git log operations due to malicious input in filenames.
Link to the issue: DoS sssue

Checklist

  • I agree to follow the Code of Conduct by submitting this pull request.
  • I have read and acknowledge the Contributing guide.
  • I have added test cases to cover the new code or have provided the test plan.

Test plan

Create a new file in a repository with a filename containing payload "[], do the same for a wiki file.
More details at: DoS issue

@0xless 0xless requested a review from unknwon as a code owner December 1, 2025 18:49
@unknwon unknwon requested a review from Copilot December 1, 2025 21:24
Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a DoS vulnerability by implementing graceful error handling for git log operations that fail due to malicious input in filenames (e.g., filenames containing "[]"). The changes prevent application crashes by using fallback values when git operations fail.

Key changes:

  • Modified error handling in wiki operations to use dummy author/timestamp data instead of failing
  • Replaced batch commit info fetching with individual file processing that skips problematic files
  • Removed unused time package import from view.go

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 12 comments.

File Description
internal/route/repo/wiki.go Added fallback handling for failed git log operations in both Wiki() and WikiPages() functions, using dummy author/timestamp values instead of returning errors
internal/route/repo/view.go Replaced batch CommitsInfo() call with individual CommitByPath() calls that skip files on error, and removed unused time import

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.

internal/route/repo/wiki.go
Comment on lines 182 to 187
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent indentation. Lines 182-187 should have consistent indentation to match the coding style of the surrounding code.

Suggested change
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
c.Data["Author"] = &git.Signature{
Name: "Unknown",
Email: "",
When: time.Unix(0,0),
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing space after comma in time.Unix(0,0). Should be time.Unix(0, 0) for consistent formatting.

Copilot uses AI. Check for mistakes.
internal/route/repo/view.go
Comment on lines +13 to 14
//"time"

Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commented-out import should be removed. If the time package is no longer needed, delete this line entirely rather than commenting it out.

Suggested change
//"time"

Copilot uses AI. Check for mistakes.
internal/route/repo/view.go
Path: path.Join(c.Repo.TreePath, entry.Name()),
})
if err != nil {
// Skip problematic file to avoid failure
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Silently skipping problematic files with continue (line 59) may hide issues from users and administrators. Files with malicious names will simply not appear in the directory listing without any indication that they exist or that there's a problem. Consider logging the error or providing some indication that files were skipped due to errors.

Suggested change
// Skip problematic file to avoid failure
// Log error before skipping problematic file to avoid failure
log.Warn("Skipping file %q due to error in CommitByPath: %v", entry.Name(), err)

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
Comment on lines +171 to 187
if err != nil || len(commits) == 0{
//c.Error(err, "get commits by path")

// sets dummy commit time to prevent failure
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error handling condition if err != nil || len(commits) == 0 treats both actual errors and empty commit lists the same way. An empty commit list is not necessarily an error condition - it could be a legitimate state for a newly created file. Consider handling these cases separately to avoid masking real errors.

Suggested change
if err != nil || len(commits) == 0{
//c.Error(err, "get commits by path")
// sets dummy commit time to prevent failure
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
if err != nil {
// Handle actual error (optionally log or skip this entry)
//c.Error(err, "get commits by path")
continue
}
if len(commits) == 0 {
// sets dummy commit time to prevent failure
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
return
}

if err != nil || len(commits) == 0{
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing space after if err != nil || len(commits) == 0. Should be if err != nil || len(commits) == 0 { for consistent formatting.

Suggested change
if err != nil || len(commits) == 0{
if err != nil || len(commits) == 0 {

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
}

if err != nil || len(commits) == 0{
//c.Error(err, "get commits by path")
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commented-out code should be removed rather than left in the codebase. If this error logging is no longer needed, delete this line.

Suggested change
//c.Error(err, "get commits by path")

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
Comment on lines +177 to 187
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent indentation in the PageMeta struct initialization. The opening brace should be on line 176, and all fields should have consistent indentation.

Suggested change
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0, 0),
})
} else {
name := strings.TrimSuffix(entries[i].Name(), ".md")
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: commits[0].Author.When,
})

Copilot uses AI. Check for mistakes.
internal/route/repo/wiki.go
pages = append(pages, PageMeta{
Name: name,
URL: database.ToWikiPageURL(name),
Updated: time.Unix(0,0),
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing space after comma in time.Unix(0,0). Should be time.Unix(0, 0) for consistent formatting.

Suggested change
Updated: time.Unix(0,0),
Updated: time.Unix(0, 0),

Copilot uses AI. Check for mistakes.
internal/route/repo/view.go
Comment on lines +52 to 67
for _, entry := range entries {
var lastCommit *git.Commit
lastCommit, err := c.Repo.Commit.CommitByPath(git.CommitByRevisionOptions{
Path: path.Join(c.Repo.TreePath, entry.Name()),
})
if err != nil {
// Skip problematic file to avoid failure
continue
}

// Prepare minimal info for template rendering
safeFiles = append(safeFiles, map[string]any{
"Entry": entry,
"Commit": lastCommit,
})
}
Copy link

Copilot AI Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new implementation iterates through each entry and calls CommitByPath individually, which can be significantly slower than the original batch CommitsInfo approach, especially for directories with many files. This changes from a single batch operation to N individual git operations, potentially causing performance degradation. Consider implementing proper error handling in the batch operation rather than replacing it with individual calls.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@unknwon unknwon Awaiting requested review from unknwon unknwon is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@0xless