Merge pull request #2038 from s1341/fix/server_not_checking_changeset_req_bounds
Server doesn't check bounds on CHANGESET_REQ arguments
This commit is contained in:
commit
d1cad04647
|
@ -1281,6 +1281,7 @@ function getChangesetInfo(padId, startNum, endNum, granularity, callback)
|
|||
var composedChangesets = {};
|
||||
var revisionDate = [];
|
||||
var lines;
|
||||
var head_revision = 0;
|
||||
|
||||
async.series([
|
||||
//get the pad from the database
|
||||
|
@ -1290,6 +1291,7 @@ function getChangesetInfo(padId, startNum, endNum, granularity, callback)
|
|||
{
|
||||
if(ERR(err, callback)) return;
|
||||
pad = _pad;
|
||||
head_revision = pad.getHeadRevisionNumber();
|
||||
callback();
|
||||
});
|
||||
},
|
||||
|
@ -1369,13 +1371,12 @@ function getChangesetInfo(padId, startNum, endNum, granularity, callback)
|
|||
|
||||
while (compositeStart < endNum)
|
||||
{
|
||||
if (compositeStart + granularity > endNum)
|
||||
var compositeEnd = compositeStart + granularity;
|
||||
if (compositeEnd > endNum || compositeEnd > head_revision)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
var compositeEnd = compositeStart + granularity;
|
||||
|
||||
var forwards = composedChangesets[compositeStart + "/" + compositeEnd];
|
||||
var backwards = Changeset.inverse(forwards, lines.textlines, lines.alines, pad.apool());
|
||||
|
||||
|
@ -1479,7 +1480,7 @@ function getPadLines(padId, revNum, callback)
|
|||
function composePadChangesets(padId, startNum, endNum, callback)
|
||||
{
|
||||
var pad;
|
||||
var changesets = [];
|
||||
var changesets = {};
|
||||
var changeset;
|
||||
|
||||
async.series([
|
||||
|
@ -1498,6 +1499,11 @@ function composePadChangesets(padId, startNum, endNum, callback)
|
|||
{
|
||||
var changesetsNeeded=[];
|
||||
|
||||
var headNum = pad.getHeadRevisionNumber();
|
||||
if (endNum > headNum)
|
||||
endNum = headNum;
|
||||
if (startNum < 0)
|
||||
startNum = 0;
|
||||
//create a array for all changesets, we will
|
||||
//replace the values with the changeset later
|
||||
for(var r=startNum;r<endNum;r++)
|
||||
|
|
Loading…
Reference in New Issue