Browse Source

[mod_magnet] reject stat() of empty string (fixes #3064)

(thx axe34)

Anyone running lua code inside the lighttpd server has control over
the lighttpd server, so this commit does not protect against
malicious behavior, but instead this commit more gracefully handles
a lua programmer mistake of attempting to stat() an empty string.

x-ref:
  "Server Aborted due to Malicious Data sent to lighty.stat"
  https://redmine.lighttpd.net/issues/3064
master
Glenn Strauss 2 months ago
parent
commit
e56e387196
  1. 4
      src/mod_magnet.c

4
src/mod_magnet.c

@ -290,7 +290,9 @@ static int magnet_print(lua_State *L) {
static int magnet_stat(lua_State *L) {
buffer * const sb = magnet_checkbuffer(L, 1);
stat_cache_entry * const sce = stat_cache_get_entry(sb);
stat_cache_entry * const sce = (!buffer_string_is_empty(sb))
? stat_cache_get_entry(sb)
: NULL;
buffer_free(sb);
if (NULL == sce) {
lua_pushnil(L);

Loading…
Cancel
Save