diff options
| -rw-r--r-- | source3/cgi.c | 5 | ||||
| -rw-r--r-- | source3/swat.c | 2 | ||||
| -rw-r--r-- | source3/web/cgi.c | 5 | ||||
| -rw-r--r-- | source3/web/swat.c | 2 |
4 files changed, 2 insertions, 12 deletions
diff --git a/source3/cgi.c b/source3/cgi.c index 83158fc1a5..9ce8c4d91e 100644 --- a/source3/cgi.c +++ b/source3/cgi.c @@ -513,11 +513,6 @@ static void cgi_download(char *file) } } - if (strstr(file,"..")) { - cgi_setup_error("404 File Not Found","", - "Relative paths not allowed"); - } - if (!file_exist(file, &st)) { cgi_setup_error("404 File Not Found","", "The requested file was not found"); diff --git a/source3/swat.c b/source3/swat.c index 6a5b4f51f1..508c8944b4 100644 --- a/source3/swat.c +++ b/source3/swat.c @@ -308,7 +308,7 @@ static void shares_page(void) printf("<option value=\" \"> \n"); for (i=0;i<lp_numservices();i++) { s = lp_servicename(i); - if (s && (*s) && strcmp(s,"IPC$")) { + if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) { printf("<option %s value=\"%s\">%s\n", (share && strcmp(share,s)==0)?"SELECTED":"", s, s); diff --git a/source3/web/cgi.c b/source3/web/cgi.c index 83158fc1a5..9ce8c4d91e 100644 --- a/source3/web/cgi.c +++ b/source3/web/cgi.c @@ -513,11 +513,6 @@ static void cgi_download(char *file) } } - if (strstr(file,"..")) { - cgi_setup_error("404 File Not Found","", - "Relative paths not allowed"); - } - if (!file_exist(file, &st)) { cgi_setup_error("404 File Not Found","", "The requested file was not found"); diff --git a/source3/web/swat.c b/source3/web/swat.c index 6a5b4f51f1..508c8944b4 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -308,7 +308,7 @@ static void shares_page(void) printf("<option value=\" \"> \n"); for (i=0;i<lp_numservices();i++) { s = lp_servicename(i); - if (s && (*s) && strcmp(s,"IPC$")) { + if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) { printf("<option %s value=\"%s\">%s\n", (share && strcmp(share,s)==0)?"SELECTED":"", s, s); |