From: Simon McVittie <smcv@debian.org>
Date: Sat, 24 Dec 2016 14:34:30 +0000 (+0000)
Subject: git: don't issue a warning if rcsinfo is undefined
X-Git-Tag: debian/3.20161229~13
X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/a67f4d39448e12369426c3509967dc0d4b7afaeb

git: don't issue a warning if rcsinfo is undefined

The intention here seems to be that $prev may be undefined, and the
only way that can legitimately happen is for $params{token} to be
undefined too.
---

diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm
index 7511f09cb..331b48fda 100644
--- a/IkiWiki/Plugin/git.pm
+++ b/IkiWiki/Plugin/git.pm
@@ -567,7 +567,10 @@ sub rcs_commit (@) {
 	# Check to see if the page has been changed by someone else since
 	# rcs_prepedit was called.
 	my $cur    = git_sha1_file($params{file});
-	my ($prev) = $params{token} =~ /^($sha1_pattern)$/; # untaint
+	my $prev;
+	if (defined $params{token}) {
+		($prev) = $params{token} =~ /^($sha1_pattern)$/; # untaint
+	}
 
 	if (defined $cur && defined $prev && $cur ne $prev) {
 		my $conflict = merge_past($prev, $params{file}, $dummy_commit_msg);
diff --git a/debian/changelog b/debian/changelog
index 4a84b28a6..422876e3c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ ikiwiki (3.20161220) UNRELEASED; urgency=medium
 
   * Add CVE references for CVE-2016-10026
   * Add missing ikiwiki.setup for the manual test for CVE-2016-10026
+  * git: don't issue a warning if the rcsinfo CGI parameter is undefined
 
  -- Simon McVittie <smcv@debian.org>  Wed, 21 Dec 2016 13:03:07 +0000