 |
fix off-by-one in handlerequest() for index files and check truncation - geomyi… |
 |
git clone git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfri… |
 |
Log |
|
Files |
|
Refs |
|
Tags |
|
README |
|
LICENSE |
|
--- |
|
commit b4c65d77c916d3b13ab4a1239cfb8b60d042ce6d |
|
parent 4c38a3cd677ac4ba3b61cac341ef1608508fc8d9 |
|
Author: Hiltjo Posthuma <[email protected]> |
|
Date: Sun, 9 Jul 2017 20:09:33 +0200 |
|
|
|
fix off-by-one in handlerequest() for index files and check truncation |
|
|
|
fix truncation so it prevents listing files even if it has an index |
|
file. |
|
|
|
Signed-off-by: Christoph Lohmann <[email protected]> |
|
|
|
Diffstat: |
|
M main.c | 8 +++++++- |
|
|
|
1 file changed, 7 insertions(+), 1 deletion(-) |
|
--- |
|
diff --git a/main.c b/main.c |
|
@@ -161,7 +161,13 @@ handlerequest(int sock, char *base, char *ohost, char *por… |
|
fd = -1; |
|
if(stat(path, &dir) != -1 && S_ISDIR(dir.st_mode)) { |
|
for(i = 0; i < sizeof(indexf)/sizeof(indexf)[0]; i++) { |
|
- strncat(path, indexf[i], sizeof(path) - strlen(path)); |
|
+ if (strlen(path) + strlen(indexf[i]) >= sizeof(path)) { |
|
+ if(loglvl & ERRORS) |
|
+ logentry(clienth, clientp, recvc, |
|
+ "path truncation occurred"); |
|
+ return; |
|
+ } |
|
+ strncat(path, indexf[i], sizeof(path) - strlen(path) -… |
|
fd = open(path, O_RDONLY); |
|
if(fd >= 0) |
|
break; |
