undef $project; to prevent a file named description to be read.
Signed-off-by: Junio C Hamano <junkio@cox.net>
our $project = $cgi->param('p');
if (defined $project) {
- if (!validate_input($project)) {
- die_error(undef, "Invalid project parameter");
- }
- if (!(-d "$projectroot/$project")) {
- die_error(undef, "No such directory");
- }
- if (!(-e "$projectroot/$project/HEAD")) {
+ if (!validate_input($project) ||
+ !(-d "$projectroot/$project") ||
+ !(-e "$projectroot/$project/HEAD")) {
+ undef $project;
die_error(undef, "No such project");
}
}