From 0ce67150e04a1df32b06495fa04328302b3a2fef Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Tue, 25 Mar 2025 13:25:54 +0800
Subject: Fix out of bounds in commit path handling

---
 http_server.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/http_server.go b/http_server.go
index c8528fe..de78650 100644
--- a/http_server.go
+++ b/http_server.go
@@ -220,6 +220,10 @@ func (router *forgeHTTPRouter) ServeHTTP(writer http.ResponseWriter, request *ht
 				}
 				httpHandleRepoLog(writer, request, params)
 			case "commit":
+				if len(segments) != sepIndex+5 {
+					errorPage400(writer, params, "Incorrect number of parameters")
+					return
+				}
 				if redirectNoDir(writer, request) {
 					return
 				}
-- 
cgit v1.2.3