diff options
| author | Christian Grothoff <christian@grothoff.org> | 2016-01-18 20:43:27 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2016-01-18 20:43:27 +0000 |
| commit | 1421e4394f01e8167b5b7be67b6f98159895ae4b (patch) | |
| tree | 8e40ec801eb699b1edc6c8bb051e2fd14b9c64df | |
| parent | 9be469e2eeade6ccdbbd24f99cd37aa424e9afb9 (diff) | |
| download | libmicrohttpd-1421e4394f01e8167b5b7be67b6f98159895ae4b.tar.gz libmicrohttpd-1421e4394f01e8167b5b7be67b6f98159895ae4b.zip | |
eliminate stat/fopen race in example
| -rw-r--r-- | src/examples/https_fileserver_example.c | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/src/examples/https_fileserver_example.c b/src/examples/https_fileserver_example.c index fe0c2de7..99ec50b3 100644 --- a/src/examples/https_fileserver_example.c +++ b/src/examples/https_fileserver_example.c | |||
| @@ -125,6 +125,7 @@ http_ahc (void *cls, | |||
| 125 | struct MHD_Response *response; | 125 | struct MHD_Response *response; |
| 126 | int ret; | 126 | int ret; |
| 127 | FILE *file; | 127 | FILE *file; |
| 128 | int fd; | ||
| 128 | struct stat buf; | 129 | struct stat buf; |
| 129 | 130 | ||
| 130 | if (0 != strcmp (method, MHD_HTTP_METHOD_GET)) | 131 | if (0 != strcmp (method, MHD_HTTP_METHOD_GET)) |
| @@ -137,12 +138,22 @@ http_ahc (void *cls, | |||
| 137 | } | 138 | } |
| 138 | *ptr = NULL; /* reset when done */ | 139 | *ptr = NULL; /* reset when done */ |
| 139 | 140 | ||
| 140 | if ( (0 == stat (&url[1], &buf)) && | 141 | file = fopen (&url[1], "rb"); |
| 141 | (S_ISREG (buf.st_mode)) ) | 142 | if (NULL != file) |
| 142 | file = fopen (&url[1], "rb"); | 143 | { |
| 143 | else | 144 | fd = fileno (file); |
| 144 | file = NULL; | 145 | if (-1 == fd) |
| 145 | if (file == NULL) | 146 | return MHD_NO; /* internal error */ |
| 147 | if ( (0 != fstat (fd, &buf)) || | ||
| 148 | (! S_ISREG (buf.st_mode)) ) | ||
| 149 | { | ||
| 150 | /* not a regular file, refuse to serve */ | ||
| 151 | fclose (file); | ||
| 152 | file = NULL; | ||
| 153 | } | ||
| 154 | } | ||
| 155 | |||
| 156 | if (NULL == file) | ||
| 146 | { | 157 | { |
| 147 | response = MHD_create_response_from_buffer (strlen (EMPTY_PAGE), | 158 | response = MHD_create_response_from_buffer (strlen (EMPTY_PAGE), |
| 148 | (void *) EMPTY_PAGE, | 159 | (void *) EMPTY_PAGE, |
| @@ -155,7 +166,7 @@ http_ahc (void *cls, | |||
| 155 | response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */ | 166 | response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */ |
| 156 | &file_reader, file, | 167 | &file_reader, file, |
| 157 | &file_free_callback); | 168 | &file_free_callback); |
| 158 | if (response == NULL) | 169 | if (NULL == response) |
| 159 | { | 170 | { |
| 160 | fclose (file); | 171 | fclose (file); |
| 161 | return MHD_NO; | 172 | return MHD_NO; |
| @@ -166,6 +177,7 @@ http_ahc (void *cls, | |||
| 166 | return ret; | 177 | return ret; |
| 167 | } | 178 | } |
| 168 | 179 | ||
| 180 | |||
| 169 | int | 181 | int |
| 170 | main (int argc, char *const *argv) | 182 | main (int argc, char *const *argv) |
| 171 | { | 183 | { |