From a4c722bf77dba7e511e893f2cfae1e35a4b9e15b Mon Sep 17 00:00:00 2001
From: tdurieux <durieuxthomas@hotmail.com>
Date: Thu, 22 Apr 2021 08:35:39 +0200
Subject: [PATCH] check commit format

---
 routes/repository.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/routes/repository.js b/routes/repository.js
index 5ee2348..2d071da 100644
--- a/routes/repository.js
+++ b/routes/repository.js
@@ -52,6 +52,9 @@ router.post("/:repoId/", async (req, res) => {
   if (!Array.isArray(repoUpdate.terms)) {
     return res.status(500).send({ error: "invalid_terms_format" });
   }
+  if (!/^[a-f0-9]+$/.test(repoUpdate.commit)) {
+    return res.status(500).send({ error: "invalid_commit_format" });
+  }
 
   try {
     const details = await repoUtils.getRepoDetails({
@@ -285,6 +288,9 @@ router.post("/", async (req, res) => {
     if (!Array.isArray(repoConfig.terms)) {
       return res.status(500).send({ error: "invalid_terms_format" });
     }
+    if (!/^[a-f0-9]+$/.test(repoConfig.commit)) {
+      return res.status(500).send({ error: "invalid_commit_format" });
+    }
 
     await repoUtils.getRepoBranches({
       repoConfig,