I noticed that over the last few days I had a lot of failures like this:

Jan 29 12:47:26 gotweb_render_blame: got_output_file_blame: /(null): no
such entry found in tree

diff belows adds the guarding needed to return an error when qs->file or
qs->directory was not specified in the BLOB/BLOBRAW and BLAME code
paths.

Now, I'm not sure if it's our fault for also generating /(null) links,
since all the uses of qs->file to generate URLS are guarded
(gotweb_render_url() and the breadcumbs code in pages.tmpl), and the
only two places in pages.tmpl where we actually emit BLAME URLs are in
places where qs->file can't be NULL (because we would have failed
earlier.)

diff /home/op/w/got
commit - d4fbd6eb2ce77846055692cfe05c18e8fabe2dca
path + /home/op/w/got
blob - 62d7787e1646b5e3c0bf02940f4da590182f7c29
file + gotwebd/gotweb.c
--- gotwebd/gotweb.c
+++ gotwebd/gotweb.c
@@ -206,6 +206,11 @@
 	}
 
 	if (qs->action == BLOBRAW || qs->action == BLOB) {
+		if (qs->folder == NULL || qs->file == NULL) {
+			error = got_error(GOT_ERR_BAD_QUERYSTRING);
+			goto err;
+		}
+
 		error = got_get_repo_commits(c, 1);
 		if (error)
 			goto err;
@@ -218,6 +223,10 @@ gotweb_process_request(struct request *c)
 
 	switch (qs->action) {
 	case BLAME:
+		if (qs->folder == NULL || qs->file == NULL) {
+			error = got_error(GOT_ERR_BAD_QUERYSTRING);
+			goto err;
+		}
 		error = got_get_repo_commits(c, 1);
 		if (error) {
 			log_warnx("%s: %s", __func__, error->msg);