vtroshchinskiy
/
tiptorrent
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add basic uri sanitization 

disallow .. in uri.
master
tiptorrent development team 2021-09-23 23:08:20 +02:00
parent 324fdcfd58
commit 97fc159ff1
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/handler.c
View File

@ -44,9 +44,12 @@ static int tip_client_file_not_found(struct tip_client *cli)
return -1; return -1;
} }
/* TODO: sanitize uri, don't escape directory serving files. */
static bool sanitize(const char *uri) static bool sanitize(const char *uri)
{ {
/* TODO: smarter sanitization. */
if (strstr(uri, ".."))
return false;
return true; return true;
} }