summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFloris Bos <bos@je-eigen-domein.nl>2015-03-29 21:02:25 +0200
committerFloris Bos <bos@je-eigen-domein.nl>2015-03-29 21:02:25 +0200
commitf5ae94639bad542e6ae2b57495cb975bd8feb45e (patch)
tree001180010e942a2bef2308f458c20ac2ea8823d9
parent6836ccb208f8c16824b8c1e330acb077c70c98c6 (diff)
downloadlibtdevnc-f5ae9463.tar.gz
libtdevnc-f5ae9463.zip
httpd: disallow directory traversal
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
-rw-r--r--libvncserver/httpd.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/libvncserver/httpd.c b/libvncserver/httpd.c
index 12d71a8..2a778e7 100644
--- a/libvncserver/httpd.c
+++ b/libvncserver/httpd.c
@@ -423,6 +423,14 @@ httpProcessInput(rfbScreenInfoPtr rfbScreen)
}
}
+ /* Basic protection against directory traversal outside webroot */
+
+ if (strstr(fname, "..")) {
+ rfbErr("httpd: URL should not contain '..'\n");
+ rfbWriteExact(&cl, NOT_FOUND_STR, strlen(NOT_FOUND_STR));
+ httpCloseSock(rfbScreen);
+ return;
+ }
/* If we were asked for '/', actually read the file index.vnc */