From 30515f2df3d75dc81a606725509cda70d8acef98 Mon Sep 17 00:00:00 2001
From: Gusted <williamzijl7@hotmail.com>
Date: Sun, 7 Nov 2021 18:52:50 +0100
Subject: [PATCH 1/4] Make ParsePatch more robust (#17573)

---
 services/gitdiff/gitdiff.go      | 12 +++++++++++-
 services/gitdiff/gitdiff_test.go | 19 +++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/services/gitdiff/gitdiff.go b/services/gitdiff/gitdiff.go
index f843bc4dcf9dc..614f8104ecaf2 100644
--- a/services/gitdiff/gitdiff.go
+++ b/services/gitdiff/gitdiff.go
@@ -839,7 +839,12 @@ parsingLoop:
 			case strings.HasPrefix(line, "--- "):
 				// Handle ambiguous filenames
 				if curFile.IsAmbiguous {
-					if len(line) > 6 && line[4] == 'a' {
+					// The shortest string that can end up here is:
+					// "--- a\t\n" without the qoutes.
+					// This line has a len() of 7 but doesn't contain a oldName.
+					// So the amount that the line need is at least 8 or more.
+					// The code will otherwise panic for a out-of-bounds.
+					if len(line) > 7 && line[4] == 'a' {
 						curFile.OldName = line[6 : len(line)-1]
 						if line[len(line)-2] == '\t' {
 							curFile.OldName = curFile.OldName[:len(curFile.OldName)-1]
@@ -1194,6 +1199,11 @@ func readFileName(rd *strings.Reader) (string, bool) {
 	_ = rd.UnreadByte()
 	if char == '"' {
 		fmt.Fscanf(rd, "%q ", &name)
+		if len(name) == 0 {
+			log.Error("Reader has no file name: %v", rd)
+			return "", true
+		}
+
 		if name[0] == '\\' {
 			name = name[1:]
 		}
diff --git a/services/gitdiff/gitdiff_test.go b/services/gitdiff/gitdiff_test.go
index d69d0c01d8df8..6decb59b64b5a 100644
--- a/services/gitdiff/gitdiff_test.go
+++ b/services/gitdiff/gitdiff_test.go
@@ -541,3 +541,22 @@ func TestDiffToHTML_14231(t *testing.T) {
 
 	assertEqual(t, expected, output)
 }
+
+func TestNoCrashes(t *testing.T) {
+	type testcase struct {
+		gitdiff string
+	}
+
+	tests := []testcase{
+		{
+			gitdiff: "diff --git \n--- a\t\n",
+		},
+		{
+			gitdiff: "diff --git \"0\n",
+		},
+	}
+	for _, testcase := range tests {
+		// It shouldn't crash, so don't care about the output.
+		ParsePatch(setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, strings.NewReader(testcase.gitdiff))
+	}
+}

From 9d97cf3a7150d3b5eca3f4214a8435fad7fef99c Mon Sep 17 00:00:00 2001
From: Gusted <williamzijl7@hotmail.com>
Date: Sun, 7 Nov 2021 20:23:39 +0100
Subject: [PATCH 2/4] Add @Gusted to maintainers filer (#17581)

---
 MAINTAINERS | 1 +
 1 file changed, 1 insertion(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 926a308d1eb6c..e3357f7b8fe44 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -45,3 +45,4 @@ Janis Estelmann <admin@oldschoolhack.me> (@KN4CK3R)
 Steven Kriegler <sk.bunsenbrenner@gmail.com> (@justusbunsi)
 Jimmy Praet <jimmy.praet@telenet.be> (@jpraet)
 Leon Hofmeister <dev.lh@web.de> (@delvh) 
+Gusted <williamzijl7@hotmail.com) (@Gusted)

From d168f0498bfff3b251924804b6deafc267c5df65 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 8 Nov 2021 11:25:41 +0800
Subject: [PATCH 3/4] Fix documents for ALLOWED_HOST_LIST, its default value
 differs between 1.15 and 1.16 (#17530)

* fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16
---
 custom/conf/app.example.ini                           | 1 +
 docs/content/doc/advanced/config-cheat-sheet.en-us.md | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index eadc1c0d96256..9643e396b6984 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -1400,6 +1400,7 @@ PATH =
 ;; Built-in: loopback (for localhost), private (for LAN/intranet), external (for public hosts on internet), * (for all hosts)
 ;; CIDR list: 1.2.3.0/8, 2001:db8::/32
 ;; Wildcard hosts: *.mydomain.com, 192.168.100.*
+;; Since 1.15.7. Default to * for 1.15.x, external for 1.16 and later
 ;ALLOWED_HOST_LIST = external
 ;;
 ;; Allow insecure certification
diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
index 6cc6043cae7d0..3b5d9213df625 100644
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -581,7 +581,7 @@ Define allowed algorithms and their minimum key length (use -1 to disable a type
 
 - `QUEUE_LENGTH`: **1000**: Hook task queue length. Use caution when editing this value.
 - `DELIVER_TIMEOUT`: **5**: Delivery timeout (sec) for shooting webhooks.
-- `ALLOWED_HOST_LIST`: **external**: Webhook can only call allowed hosts for security reasons. Comma separated list.
+- `ALLOWED_HOST_LIST`: **external**: Since 1.15.7. Default to `*` for 1.15.x, `external` for 1.16 and later. Webhook can only call allowed hosts for security reasons. Comma separated list.
   - Built-in networks:
     - `loopback`: 127.0.0.0/8 for IPv4 and ::1/128 for IPv6, localhost is included.
     - `private`: RFC 1918 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and RFC 4193 (FC00::/7). Also called LAN/Intranet.

From 513951bc16f31c4a2821319baea846735f341a0e Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Mon, 8 Nov 2021 06:27:40 +0000
Subject: [PATCH 4/4] Remove appSubUrl from pasted images (#17572)

* Remove appSubUrl from pasted images

Since we fixed the url base for the links in repositories we no longer need to add
the appsuburl to pasted image links.

Fix #17057

Signed-off-by: Andrew Thornton <art27@cantab.net>
---
 web_src/js/features/comp/ImagePaste.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web_src/js/features/comp/ImagePaste.js b/web_src/js/features/comp/ImagePaste.js
index 30c5820f62f99..f7f076bf80546 100644
--- a/web_src/js/features/comp/ImagePaste.js
+++ b/web_src/js/features/comp/ImagePaste.js
@@ -1,4 +1,4 @@
-const {appSubUrl, csrfToken} = window.config;
+const {csrfToken} = window.config;
 
 async function uploadFile(file, uploadUrl) {
   const formData = new FormData();
@@ -67,7 +67,7 @@ export function initCompImagePaste($target) {
           const name = img.name.substr(0, img.name.lastIndexOf('.'));
           insertAtCursor(textarea, `![${name}]()`);
           const data = await uploadFile(img, uploadUrl);
-          replaceAndKeepCursor(textarea, `![${name}]()`, `![${name}](${appSubUrl}/attachments/${data.uuid})`);
+          replaceAndKeepCursor(textarea, `![${name}]()`, `![${name}](/attachments/${data.uuid})`);
           const input = $(`<input id="${data.uuid}" name="files" type="hidden">`).val(data.uuid);
           dropzoneFiles.appendChild(input[0]);
         }
@@ -83,7 +83,7 @@ export function initSimpleMDEImagePaste(simplemde, dropzone, files) {
       const name = img.name.substr(0, img.name.lastIndexOf('.'));
       const data = await uploadFile(img, uploadUrl);
       const pos = simplemde.codemirror.getCursor();
-      simplemde.codemirror.replaceRange(`![${name}](${appSubUrl}/attachments/${data.uuid})`, pos);
+      simplemde.codemirror.replaceRange(`![${name}](/attachments/${data.uuid})`, pos);
       const input = $(`<input id="${data.uuid}" name="files" type="hidden">`).val(data.uuid);
       files.append(input);
     }