mirrors/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-14 04:36:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Address some CodeQL security concerns (#35572)

Browse Source 
Although there is no real security problem
This commit is contained in:
wxiaoguang
2025-10-04 01:21:26 +08:00
committed by GitHub
parent c4532101a4
commit 71360a94cb
35 changed files with 118 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
models/user/user.go
View File

@@ -980,7 +980,7 @@ func GetInactiveUsers(ctx context.Context, olderThan time.Duration) ([]*User, er
// UserPath returns the path absolute path of user repositories.
func UserPath(userName string) string { //revive:disable-line:exported
return filepath.Join(setting.RepoRootPath, strings.ToLower(userName))
return filepath.Join(setting.RepoRootPath, filepath.Clean(strings.ToLower(userName)))
}
// GetUserByID returns the user object by given ID if exists.