packages/nodejs-hosted-git-info
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nodejs-hosted-git-info/CVE-2021-23362-pre2.patch
wang_yue111 68c72c9910 fix CVE-2021-23362
2021-03-29 16:26:23 +08:00

49 lines
2.0 KiB
Diff
Raw Permalink Blame History

From 8aaf60116edf5240d80b9f715c971b9982ba071f Mon Sep 17 00:00:00 2001
From: wang_yue111 <648774160@qq.com>
Date: Mon, 29 Mar 2021 15:54:11 +0800
Subject: [PATCH] Fix shortcuts ending in .git and gists w/o usernames
---
index.js | 4 ++--
test/basic.js | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/index.js b/index.js
index 6fcef6d..7f5ad1a 100644
--- a/index.js
+++ b/index.js
@@ -29,7 +29,7 @@ module.exports.fromUrl = function (giturl) {
isGitHubShorthand(giturl) ? 'github:' + giturl : giturl
)
var parsed = parseGitUrl(url)
- var shortcutMatch = url.match(new RegExp('^([^:]+):([^/]+)[/](.+)$'))
+ var shortcutMatch = url.match(new RegExp('^([^:]+):(?:(?:[^@:]+(?:[^@]+)?@)?([^/]*))[/](.+?)(?:[.]git)?($|#)'))
var matches = Object.keys(gitHosts).map(function (gitHostName) {
var gitHostInfo = gitHosts[gitHostName]
var auth = null
@@ -41,7 +41,7 @@ module.exports.fromUrl = function (giturl) {
var project = null
var defaultRepresentation = null
if (shortcutMatch && shortcutMatch[1] === gitHostName) {
- user = decodeURIComponent(shortcutMatch[2])
+ user = shortcutMatch[2] && decodeURIComponent(shortcutMatch[2])
project = decodeURIComponent(shortcutMatch[3])
defaultRepresentation = 'shortcut'
} else {
diff --git a/test/basic.js b/test/basic.js
index 3902264..f04133d 100644
--- a/test/basic.js
+++ b/test/basic.js
@@ -14,6 +14,8 @@ test('basic', function (t) {
t.is(HostedGit.fromUrl('dEf/AbC').https(), 'git+https://github.com/dEf/AbC.git', 'mixed case shortcut')
t.is(HostedGit.fromUrl('gitlab:dEf/AbC').https(), 'git+https://gitlab.com/dEf/AbC.git', 'mixed case prefixed shortcut')
+ t.is(HostedGit.fromUrl('gitlab:dEf/AbC.git').https(), 'git+https://gitlab.com/dEf/AbC.git', 'mixed case prefixed shortcut')
t.is(HostedGit.fromUrl('git://github.com/dEf/AbC.git').https(), 'git+https://github.com/dEf/AbC.git', 'mixed case url')
+ t.is(HostedGit.fromUrl('gist:123').https(), 'git+https://gist.github.com/123.git', 'non-user shortcut')
t.end()
})
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink