diff options
| author | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-25 19:37:34 +0000 |
|---|---|---|
| committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-25 19:37:34 +0000 |
| commit | 41d963282eebdbc3224f4cacea8af0675fe603d9 (patch) | |
| tree | 3fd7414257387588d6b6dfcb7dbc3d3c3773d539 /cgi.c | |
| parent | 14507509c84c8e127a65e94522ce74cffda72306 (diff) | |
| download | mandoc-41d963282eebdbc3224f4cacea8af0675fe603d9.tar.gz | |
oops, we must not try to validate a manpath we don't have;
fixing an oversight introduced in rev. 1.77
Diffstat (limited to 'cgi.c')
| -rw-r--r-- | cgi.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1086,7 +1086,8 @@ main(void) if (NULL != (querystring = getenv("QUERY_STRING"))) http_parse(&req, querystring); - if ( ! validate_manpath(&req, req.q.manpath)) { + if ( ! (NULL == req.q.manpath || + validate_manpath(&req, req.q.manpath))) { pg_error_badrequest( "You specified an invalid manpath."); return(EXIT_FAILURE); |