diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2017-04-19 01:00:03 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2017-04-19 01:00:03 +0000 |
commit | b6c38ba54b141f508c5d22eb714a3e7c79a6c33c (patch) | |
tree | c5b7095435cb2725c14cc07b85b4e87d13fa6737 | |
parent | 0a01aecfc2a95af2e7c4a4cba60c688fed82d9d4 (diff) | |
download | mandoc-b6c38ba54b141f508c5d22eb714a3e7c79a6c33c.tar.gz |
More thoroughly reject direct access to unintended files, such that
URIs like http://man.openbsd.org/OpenBSD-current/mandoc.db and
http://man.openbsd.org/OpenBSD-current/man1/ do not cause display
of garbage.
-rw-r--r-- | cgi.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1073,7 +1073,8 @@ main(void) if (*path != '\0') { parse_path_info(&req, path); - if (req.q.manpath == NULL || access(path, F_OK) == -1) + if (req.q.manpath == NULL || req.q.sec == NULL || + *req.q.query == '\0' || access(path, F_OK) == -1) path = ""; } else if ((querystring = getenv("QUERY_STRING")) != NULL) parse_query_string(&req, querystring); |