lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

buffer_append_path_len() to join paths 

use buffer_append_path_len() to join path segments
master
Glenn Strauss 2 years ago
parent
a0b615acd9
commit
1212f60991
14 changed files with 43 additions and 48 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      src/configfile.c
  2. 3
      src/gw_backend.c
  3. 6
      src/http-header-glue.c
  4. 9
      src/mod_cml_lua.c
  5. 5
      src/mod_gnutls.c
  6. 2
      src/mod_indexfile.c
  7. 5
      src/mod_mbedtls.c
  8. 5
      src/mod_nss.c
  9. 5
      src/mod_openssl.c
  10. 3
      src/mod_secdownload.c
  11. 21
      src/mod_ssi.c
  12. 8
      src/mod_webdav.c
  13. 5
      src/mod_wolfssl.c
  14. 3
      src/stat_cache.c

11
src/configfile.c
Unescape View File

@ -2005,7 +2005,7 @@ int config_parse_file(server *srv, config_t *context, const char *fn) {
filename = buffer_init_string(fn);
} else {
filename = buffer_init_buffer(context->basedir);
buffer_append_string(filename, fn);
buffer_append_path_len(filename, fn, strlen(fn));
}
switch (glob(filename->ptr, flags, NULL, &gl)) {
@ -2257,14 +2257,17 @@ int config_set_defaults(server *srv) {
buffer_clear(b);
if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
buffer_copy_buffer(b, srv->srvconf.changeroot);
buffer_append_slash(b);
}
len = buffer_string_length(b);
for (i = 0; i < srv->srvconf.upload_tempdirs->used; ++i) {
const data_string * const ds = (data_string *)srv->srvconf.upload_tempdirs->data[i];
buffer_string_set_length(b, len); /*(truncate)*/
buffer_append_string_buffer(b, &ds->value);
if (len) {
buffer_string_set_length(b, len); /*(truncate)*/
buffer_append_path_len(b, CONST_BUF_LEN(&ds->value));
} else {
buffer_copy_buffer(b, &ds->value);
}
if (-1 == stat(b->ptr, &st1)) {
log_error(srv->errh, __FILE__, __LINE__,
"server.upload-dirs doesn't exist: %s", b->ptr);

3
src/gw_backend.c
Unescape View File

@ -2183,7 +2183,8 @@ static handler_t gw_recv_response(gw_handler_ctx * const hctx, request_st * cons
buffer_copy_buffer(&r->physical.basedir, host->docroot);
buffer_copy_buffer(&r->physical.path, host->docroot);
buffer_append_string_buffer(&r->physical.path, &r->uri.path);
buffer_append_path_len(&r->physical.path,
CONST_BUF_LEN(&r->uri.path));
physpath = r->physical.path.ptr;
}

6
src/http-header-glue.c
Unescape View File

@ -1654,7 +1654,7 @@ int http_cgi_headers (request_st * const r, http_cgi_opts * const opts, http_cgi
} else {
buffer_copy_buffer(tb, &r->physical.basedir);
}
buffer_append_string_buffer(tb, &r->pathinfo);
buffer_append_path_len(tb, CONST_BUF_LEN(&r->pathinfo));
rc |= cb(vdata, CONST_STR_LEN("PATH_TRANSLATED"),
CONST_BUF_LEN(tb));
}
@ -1670,7 +1670,7 @@ int http_cgi_headers (request_st * const r, http_cgi_opts * const opts, http_cgi
if (!buffer_string_is_empty(opts->docroot)) {
/* alternate docroot, e.g. for remote FastCGI or SCGI server */
buffer_copy_buffer(tb, opts->docroot);
buffer_append_string_buffer(tb, &r->uri.path);
buffer_append_path_len(tb, CONST_BUF_LEN(&r->uri.path));
rc |= cb(vdata, CONST_STR_LEN("SCRIPT_FILENAME"),
CONST_BUF_LEN(tb));
rc |= cb(vdata, CONST_STR_LEN("DOCUMENT_ROOT"),
@ -1683,7 +1683,7 @@ int http_cgi_headers (request_st * const r, http_cgi_opts * const opts, http_cgi
* see src/sapi/cgi_main.c, init_request_info()
*/
buffer_copy_buffer(tb, &r->physical.path);
buffer_append_string_buffer(tb, &r->pathinfo);
buffer_append_path_len(tb, CONST_BUF_LEN(&r->pathinfo));
rc |= cb(vdata, CONST_STR_LEN("SCRIPT_FILENAME"),
CONST_BUF_LEN(tb));
} else {

9
src/mod_cml_lua.c
Unescape View File

@ -220,16 +220,17 @@ int cache_parse_lua(request_st * const r, plugin_data * const p, const buffer *
/* key' is at index -2 and value' at index -1 */
if (lua_isstring(L, -1)) {
const char *s = lua_tostring(L, -1);
size_t slen;
const char * const s = lua_tolstring(L, -1, &slen);
struct stat st;
int fd;
/* the file is relative, make it absolute */
if (s[0] != '/') {
buffer_copy_buffer(b, &p->basedir);
buffer_append_string(b, lua_tostring(L, -1));
buffer_append_path_len(b, s, (uint32_t)slen);
} else {
buffer_copy_string(b, lua_tostring(L, -1));
buffer_copy_string_len(b, s, (uint32_t)slen);
}
fd = stat_cache_open_rdonly_fstat(b, &st, r->conf.follow_symlink);
@ -302,7 +303,7 @@ int cache_parse_lua(request_st * const r, plugin_data * const p, const buffer *
buffer_append_string_buffer(&r->uri.path, &p->trigger_handler);
buffer_copy_buffer(&r->physical.path, &p->basedir);
buffer_append_string_buffer(&r->physical.path, &p->trigger_handler);
buffer_append_path_len(&r->physical.path, CONST_BUF_LEN(&p->trigger_handler));
chunkqueue_reset(&r->write_queue);
}

5
src/mod_gnutls.c
Unescape View File

@ -1198,8 +1198,6 @@ mod_gnutls_acme_tls_1 (handler_ctx *hctx)
/* check if acme-tls/1 protocol is enabled (path to dir of cert(s) is set)*/
if (buffer_string_is_empty(hctx->conf.ssl_acme_tls_1))
return 0; /*(should not happen)*/
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_slash(b);
/* check if SNI set server name (required for acme-tls/1 protocol)
* and perform simple path checks for no '/'
@ -1211,7 +1209,8 @@ mod_gnutls_acme_tls_1 (handler_ctx *hctx)
if (0 != http_request_host_policy(name, hctx->r->conf.http_parseopts, 443))
return rc;
#endif
buffer_append_string_buffer(b, name);
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_path_len(b, CONST_BUF_LEN(name));
#if 0

2
src/mod_indexfile.c
Unescape View File

@ -111,7 +111,7 @@ URIHANDLER_FUNC(mod_indexfile_subrequest) {
} else {
buffer_copy_buffer(b, &r->physical.path);
}
buffer_append_string_buffer(b, &ds->value);
buffer_append_path_len(b, CONST_BUF_LEN(&ds->value));
if (NULL == stat_cache_path_stat(b)) {
if (errno == EACCES) {

5
src/mod_mbedtls.c
Unescape View File

@ -882,8 +882,6 @@ mod_mbedtls_acme_tls_1 (handler_ctx *hctx)
/* check if acme-tls/1 protocol is enabled (path to dir of cert(s) is set)*/
if (buffer_string_is_empty(hctx->conf.ssl_acme_tls_1))
return 0; /*(should not happen)*/
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_slash(b);
/* check if SNI set server name (required for acme-tls/1 protocol)
* and perform simple path checks for no '/'
@ -895,7 +893,8 @@ mod_mbedtls_acme_tls_1 (handler_ctx *hctx)
if (0 != http_request_host_policy(name,hctx->r->conf.http_parseopts,443))
return rc;
#endif
buffer_append_string_buffer(b, name);
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_path_len(b, CONST_BUF_LEN(name));
len = buffer_string_length(b);
do {

5
src/mod_nss.c
Unescape View File

@ -1190,8 +1190,6 @@ mod_nss_acme_tls_1 (handler_ctx *hctx)
/* check if acme-tls/1 protocol is enabled (path to dir of cert(s) is set)*/
if (buffer_string_is_empty(hctx->conf.ssl_acme_tls_1))
return SECFailure; /*(should not happen)*/
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_slash(b);
/* check if SNI set server name (required for acme-tls/1 protocol)
* and perform simple path checks for no '/'
@ -1203,7 +1201,8 @@ mod_nss_acme_tls_1 (handler_ctx *hctx)
if (0 != http_request_host_policy(name, hctx->r->conf.http_parseopts, 443))
return SECFailure;
#endif
buffer_append_string_buffer(b, name);
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_path_len(b, CONST_BUF_LEN(name));
/* cert and key load is similar to network_nss_load_pemfile() */

5
src/mod_openssl.c
Unescape View File

@ -1687,8 +1687,6 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
/* check if acme-tls/1 protocol is enabled (path to dir of cert(s) is set)*/
if (buffer_string_is_empty(hctx->conf.ssl_acme_tls_1))
return SSL_TLSEXT_ERR_NOACK; /*(reuse value here for not-configured)*/
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_slash(b);
/* check if SNI set server name (required for acme-tls/1 protocol)
* and perform simple path checks for no '/'
@ -1700,7 +1698,8 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
if (0 != http_request_host_policy(name,hctx->r->conf.http_parseopts,443))
return rc;
#endif
buffer_append_string_buffer(b, name);
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_path_len(b, CONST_BUF_LEN(name));
len = buffer_string_length(b);
do {

3
src/mod_secdownload.c
Unescape View File

@ -702,7 +702,8 @@ URIHANDLER_FUNC(mod_secdownload_uri_handler) {
buffer_copy_buffer(&r->physical.basedir, p->conf.doc_root);
buffer_copy_string(&r->physical.rel_path, rel_uri);
buffer_copy_buffer(&r->physical.path, &r->physical.doc_root);
buffer_append_string_buffer(&r->physical.path, &r->physical.rel_path);
buffer_append_path_len(&r->physical.path,
CONST_BUF_LEN(&r->physical.rel_path));
return HANDLER_GO_ON;
}

21
src/mod_ssi.c
Unescape View File

@ -459,7 +459,6 @@ static int process_ssi_stmt(request_st * const r, handler_ctx * const p, const c
case SSI_FSIZE: {
const char * file_path = NULL, *virt_path = NULL;
struct stat stb;
char *sl;
for (i = 2; i < n; i += 2) {
if (0 == strcmp(l[i], "file")) {
@ -491,11 +490,9 @@ static int process_ssi_stmt(request_st * const r, handler_ctx * const p, const c
if (file_path) {
/* current doc-root */
if (NULL == (sl = strrchr(r->physical.path.ptr, '/'))) {
buffer_copy_string_len(p->stat_fn, CONST_STR_LEN("/"));
} else {
buffer_copy_string_len(p->stat_fn, r->physical.path.ptr, sl - r->physical.path.ptr + 1);
}
char *sl = strrchr(r->physical.path.ptr, '/');
if (NULL == sl) break; /*(not expected)*/
buffer_copy_string_len(p->stat_fn, r->physical.path.ptr, sl - r->physical.path.ptr + 1);
buffer_copy_string(tb, file_path);
buffer_urldecode_path(tb);
@ -505,17 +502,15 @@ static int process_ssi_stmt(request_st * const r, handler_ctx * const p, const c
break;
}
buffer_path_simplify(tb, tb);
buffer_append_string_buffer(p->stat_fn, tb);
buffer_append_path_len(p->stat_fn, CONST_BUF_LEN(tb));
} else {
/* virtual */
size_t remain;
if (virt_path[0] == '/') {
buffer_copy_string(tb, virt_path);
} else {
/* there is always a / */
sl = strrchr(r->uri.path.ptr, '/');
const char * const sl = strrchr(r->uri.path.ptr, '/');
buffer_copy_string_len(tb, r->uri.path.ptr, sl - r->uri.path.ptr + 1);
buffer_append_string(tb, virt_path);
}
@ -557,18 +552,18 @@ static int process_ssi_stmt(request_st * const r, handler_ctx * const p, const c
if (r->conf.force_lowercase_filenames) {
buffer_to_lower(tb);
}
remain = buffer_string_length(&r->uri.path) - i;
uint32_t remain = buffer_string_length(&r->uri.path) - i;
if (!r->conf.force_lowercase_filenames
? buffer_is_equal_right_len(&r->physical.path, &r->physical.rel_path, remain)
:(buffer_string_length(&r->physical.path) >= remain
&& buffer_eq_icase_ssn(r->physical.path.ptr+buffer_string_length(&r->physical.path)-remain, r->physical.rel_path.ptr+i, remain))) {
buffer_copy_string_len(p->stat_fn, r->physical.path.ptr, buffer_string_length(&r->physical.path)-remain);
buffer_append_string_len(p->stat_fn, tb->ptr+i, buffer_string_length(tb)-i);
buffer_append_path_len(p->stat_fn, tb->ptr+i, buffer_string_length(tb)-i);
} else {
/* unable to perform physical path remap here;
* assume doc_root/rel_path and no remapping */
buffer_copy_buffer(p->stat_fn, &r->physical.doc_root);
buffer_append_string_buffer(p->stat_fn, tb);
buffer_append_path_len(p->stat_fn, CONST_BUF_LEN(tb));
}
}

8
src/mod_webdav.c
Unescape View File

@ -4899,9 +4899,9 @@ mod_webdav_copymove_b (request_st * const r, const plugin_config * const pconf,
#endif
buffer_copy_string_len(dst_path, r->physical.path.ptr,
r->physical.path.used - 1 - remain);
buffer_append_string_len(dst_path,
dst_rel_path->ptr+i,
dst_rel_path->used - 1 - i);
buffer_append_path_len(dst_path,
dst_rel_path->ptr+i,
dst_rel_path->used - 1 - i);
if (buffer_string_length(dst_path) >= PATH_MAX) {
http_status_set_error(r, 403); /* Forbidden */
return HANDLER_FINISHED;
@ -4917,7 +4917,7 @@ mod_webdav_copymove_b (request_st * const r, const plugin_config * const pconf,
buffer_copy_buffer(dst_path, &r->physical.doc_root);
if (dst_path->ptr[dst_path->used-2] == '/')
--dst_path->used; /* since dst_rel_path begins with '/' */
buffer_append_string_buffer(dst_path, dst_rel_path);
buffer_append_path_len(dst_path, CONST_BUF_LEN(dst_rel_path));
if (buffer_string_length(dst_rel_path) >= PATH_MAX) {
http_status_set_error(r, 403); /* Forbidden */
return HANDLER_FINISHED;

5
src/mod_wolfssl.c
Unescape View File

@ -1569,8 +1569,6 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
/* check if acme-tls/1 protocol is enabled (path to dir of cert(s) is set)*/
if (buffer_string_is_empty(hctx->conf.ssl_acme_tls_1))
return SSL_TLSEXT_ERR_NOACK; /*(reuse value here for not-configured)*/
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_slash(b);
/* check if SNI set server name (required for acme-tls/1 protocol)
* and perform simple path checks for no '/'
@ -1582,7 +1580,8 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
if (0 != http_request_host_policy(name,hctx->r->conf.http_parseopts,443))
return rc;
#endif
buffer_append_string_buffer(b, name);
buffer_copy_buffer(b, hctx->conf.ssl_acme_tls_1);
buffer_append_path_len(b, CONST_BUF_LEN(name));
len = buffer_string_length(b);
do {

3
src/stat_cache.c
Unescape View File

@ -498,8 +498,7 @@ static void stat_cache_handle_fdevent_fn(stat_cache_fam * const scf, fam_dir_ent
/* temporarily append filename to dir in fam_dir->name to
* construct path, then delete stat_cache entry (if any)*/
len = buffer_string_length(n);
buffer_append_string_len(n, CONST_STR_LEN("/"));
buffer_append_string_len(n, fn, fnlen);
buffer_append_path_len(n, fn, fnlen);
/* (alternatively, could chose to stat() and update)*/
stat_cache_invalidate_entry(CONST_BUF_LEN(n));

Write Preview
Loading…
Cancel
Save