commit eba63b9e6f6eaf2ed765bbff0934879fff363edd parent 56148bb5e20a6355c6c53351be783b5e040bfccb Author: Evgeny Grin <k2k@drgrin.dev> Date: Fri, 2 May 2025 19:43:53 +0300 demo.c: improved security Diffstat:
| M | src/examples2/demo.c | | | 7 | +++++-- |
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/examples2/demo.c b/src/examples2/demo.c @@ -922,8 +922,11 @@ generate_page (void *cls, fd = -1; buf.st_size = 0; /* Mute compiler warning */ - if ( (NULL == strstr (&url[1], - "..")) && + if ((0 != path->len) && + (NULL == strstr (&url[1], + "..")) && + (0 != url[0]) && + (0 != url[1]) && ('/' != url[1]) ) { fd = open (&url[1],