diff options
author | Andrew Tridgell <tridge@samba.org> | 2005-05-26 03:05:37 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2005-05-26 03:05:37 +0000 |
commit | 21a9d405c85359f3fda0ff919e05d91af36d24d1 (patch) | |
tree | 51090c126bf7554f19fd7ae64793fb8afa087338 /source/web_server/esp | |
parent | 2d1d2fe5ca8578b07cb188384b5eae53b422f829 (diff) | |
download | samba-21a9d405c85359f3fda0ff919e05d91af36d24d1.tar.gz samba-21a9d405c85359f3fda0ff919e05d91af36d24d1.tar.xz samba-21a9d405c85359f3fda0ff919e05d91af36d24d1.zip |
r6987: - make sure esp pages cannot read data outside of the swat directory
- don't expose the real system path to esp scripts
- fixed absolute paths in include() calls
Diffstat (limited to 'source/web_server/esp')
-rw-r--r-- | source/web_server/esp/esp.h | 2 | ||||
-rw-r--r-- | source/web_server/esp/espProcs.c | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/source/web_server/esp/esp.h b/source/web_server/esp/esp.h index 33ab9d7ac94..4503cacbb72 100644 --- a/source/web_server/esp/esp.h +++ b/source/web_server/esp/esp.h @@ -99,7 +99,7 @@ typedef struct Esp { char *(*getSessionId)(EspHandle handle); int (*mapToStorage)(EspHandle handle, char *path, int len, char *uri, int flags); - int (*readFile)(EspHandle handle, char **buf, int *len, char *path); + int (*readFile)(EspHandle handle, char **buf, int *len, const char *path); void (*redirect)(EspHandle handle, int code, char *url); void (*setCookie)(EspHandle handle, char *name, char *value, int lifetime, char *path, bool secure); diff --git a/source/web_server/esp/espProcs.c b/source/web_server/esp/espProcs.c index a8da800213b..5c99e092c94 100644 --- a/source/web_server/esp/espProcs.c +++ b/source/web_server/esp/espProcs.c @@ -77,8 +77,12 @@ static int includeProc(EspRequest *ep, int argc, char **argv) esp = ep->esp; mprAssert(argv); for (i = 0; i < argc; i++) { - mprGetDirName(dir, sizeof(dir), ep->docPath); - mprSprintf(path, sizeof(path), "%s/%s", dir, argv[i]); + if (argv[i][0] != '/') { + mprGetDirName(dir, sizeof(dir), ep->docPath); + mprSprintf(path, sizeof(path), "%s/%s", dir, argv[i]); + } else { + mprSprintf(path, sizeof(path), "%s", argv[i]); + } if (esp->readFile(ep->requestHandle, &buf, &size, path) < 0) { espError(ep, "Can't read include file: %s", path); |