Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #93 from melkote/master

Pull request for issue 92: Do not allow backslashes in path (windows security).
  • Loading branch information...
commit 5ee1eeb45fc1cd9e33f6f02f277373df6395270e 2 parents 20f2f00 + 3259a93
@etrepum etrepum authored
Showing with 9 additions and 2 deletions.
  1. +9 −2 src/mochiweb_util.erl
View
11 src/mochiweb_util.erl
@@ -68,11 +68,17 @@ partition2(_S, _Sep) ->
%% @spec safe_relative_path(string()) -> string() | undefined
%% @doc Return the reduced version of a relative path or undefined if it
%% is not safe. safe relative paths can be joined with an absolute path
-%% and will result in a subdirectory of the absolute path.
+%% and will result in a subdirectory of the absolute path. Safe paths
+%% never contain a backslash character.
safe_relative_path("/" ++ _) ->
undefined;
safe_relative_path(P) ->
- safe_relative_path(P, []).
+ case string:chr(P, $\\) of
+ 0 ->
+ safe_relative_path(P, []);
+ _ ->
+ undefined
+ end.
safe_relative_path("", Acc) ->
case Acc of
@@ -815,6 +821,7 @@ safe_relative_path_test() ->
undefined = safe_relative_path("../foo"),
undefined = safe_relative_path("foo/../.."),
undefined = safe_relative_path("foo//"),
+ undefined = safe_relative_path("foo\\bar"),
ok.
parse_qvalues_test() ->
Please sign in to comment.
Something went wrong with that request. Please try again.