Skip to content

Commit

Permalink
Prevent symlink path traversals
Browse files Browse the repository at this point in the history 
 * Closes CVE-2013-0262
  • Loading branch information
@raggi
raggi committed Feb 8, 2013
1 parent 0cd7e9a commit 6f237e4
Showing 1 changed file with 6 additions and 11 deletions.
17 changes: 6 additions & 11 deletions lib/rack/file.rb
View file
Expand Up @@ -41,19 +41,14 @@ def _call(env)
path_info = Utils.unescape(env["PATH_INFO"])
parts = path_info.split SEPS

parts.inject(0) do |depth, part|
case part
when '', '.'
depth
when '..'
return fail(404, "Not Found") if depth - 1 < 0
depth - 1
else
depth + 1
end
clean = []

parts.each do |part|
next if part.empty? || part == '.'
part == '..' ? clean.pop : clean << part
end

@path = F.join(@root, *parts)
@path = F.join(@root, *clean)

available = begin
F.file?(@path) && F.readable?(@path)
Expand Down

0 comments on commit 6f237e4

Please sign in to comment.