Browse Source

r2098@chromobil: stefan | 2008-02-26 17:12:51 +0100

Fix #1574: Check for symlinks after successful pathinfo matching.


git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2093 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.19
Stefan Bühler 15 years ago
parent
commit
db1b286ecd
  1. 21
      src/response.c

21
src/response.c

@ -553,17 +553,14 @@ handler_t http_response_prepare(server *srv, connection *con) {
buffer_copy_string_buffer(srv->tmp_buf, con->physical.path);
do {
struct stat st;
if (slash) {
buffer_copy_string_len(con->physical.path, srv->tmp_buf->ptr, slash - srv->tmp_buf->ptr);
} else {
buffer_copy_string_buffer(con->physical.path, srv->tmp_buf);
}
if (0 == stat(con->physical.path->ptr, &(st)) &&
S_ISREG(st.st_mode)) {
found = 1;
if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
found = S_ISREG(sce->st.st_mode);
break;
}
@ -595,6 +592,20 @@ handler_t http_response_prepare(server *srv, connection *con) {
return HANDLER_FINISHED;
}
#ifdef HAVE_LSTAT
if ((sce->is_symlink != 0) && !con->conf.follow_symlink) {
con->http_status = 403;
if (con->conf.log_request_handling) {
log_error_write(srv, __FILE__, __LINE__, "s", "-- access denied due symlink restriction");
log_error_write(srv, __FILE__, __LINE__, "sb", "Path :", con->physical.path);
}
buffer_reset(con->physical.path);
return HANDLER_FINISHED;
};
#endif
/* we have a PATHINFO */
if (pathinfo) {
buffer_copy_string(con->request.pathinfo, pathinfo);

Loading…
Cancel
Save