From afc5cf0dfcb8c507315e40d71ee305fa130be6db Mon Sep 17 00:00:00 2001 From: Xavier Del Campo Romero Date: Tue, 20 Feb 2024 08:18:11 +0100 Subject: main.c: Reject invalid /public/ requests Otherwise: - slcl would accept /public/ (i.e., without a file name) as a valid resource. This would incorrectly map the public/ directory on the database, making slcl to return -1 because public/ is not a regular file. - slcl would accept directory names (e.g.: /public/dir/), which is never expected since slcl stores all public files into a single directory. --- main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/main.c b/main.c index b88d77b..a5adaaa 100644 --- a/main.c +++ b/main.c @@ -429,7 +429,8 @@ static int getpublic(const struct http_payload *const p, { int ret = -1; struct auth *const a = user; - const char *const adir = auth_dir(a); + const char *const adir = auth_dir(a), + *const file = p->resource + strlen("/public/"); struct dynstr d; dynstr_init(&d); @@ -439,6 +440,13 @@ static int getpublic(const struct http_payload *const p, fprintf(stderr, "%s: auth_dir failed\n", __func__); goto end; } + else if (!*file || filename_invalid(file)) + { + fprintf(stderr, "%s: invalid filename %s\n", + __func__, p->resource); + ret = page_forbidden(r); + goto end; + } else if (path_invalid(p->resource)) { fprintf(stderr, "%s: illegal relative path %s\n", -- cgit v1.2.3