Project

General

Profile

Actions
Copy link

Bug #526

closed

SSI includes with sub-directory (take2) - patch included

Added by Anonymous about 18 years ago. Updated over 17 years ago.

Status:
Fixed
Priority:
High
Category:
mod_ssi
Target version:
-
ASK QUESTIONS IN Forums:

Description

The following patch solves the sub-directory problem in #include file="argument" and makes sure no forbidden strings are part of the argument:


--- mod_ssi.c.dist      2006-02-10 13:33:00.000000000 -0500
+++ mod_ssi.c  2006-02-15 12:38:00.000000000 -0500
@@ -513,18 +513,17 @@

                if (file_path) {
                        /* current doc-root */
+
+                       // skip if file_path contains forbidden strings
+                       if (file_path[0] == '/' || strstr(file_path, "../")) break;
+
                        if (NULL == (sl = strrchr(con->physical.path->ptr, '/'))) {
                                buffer_copy_string(p->stat_fn, "/");
                        } else {
                                buffer_copy_string_len(p->stat_fn, con->physical.path->ptr, sl - con->physical.path->ptr + 1);
                        }

-                       /* fn */
-                       if (NULL == (sl = strrchr(file_path, '/'))) {
-                               buffer_append_string(p->stat_fn, file_path);
-                       } else {
-                               buffer_append_string(p->stat_fn, sl + 1);
-                       }
+                       buffer_append_string(p->stat_fn, file_path);
                } else {
                        /* virtual */

-- marc

Actions
Copy link
 #1

Updated by conny about 18 years ago

  • Status changed from New to Fixed
  • Resolution set to duplicate

Merging with the ticket #462.

Actions
Copy link

Also available in: Atom