From 44d2a46580da126866f704e5cf9b6599635f5f01 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Thu, 26 May 2005 03:05:37 +0000
Subject: r6987: - make sure esp pages cannot read data outside of the swat
 directory

- don't expose the real system path to esp scripts

- fixed absolute paths in include() calls
(This used to be commit 6535611aa22f51b7376be3c15715e8040a059736)
---
 source4/web_server/esp/espProcs.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'source4/web_server/esp/espProcs.c')

diff --git a/source4/web_server/esp/espProcs.c b/source4/web_server/esp/espProcs.c
index a8da800213..5c99e092c9 100644
--- a/source4/web_server/esp/espProcs.c
+++ b/source4/web_server/esp/espProcs.c
@@ -77,8 +77,12 @@ static int includeProc(EspRequest *ep, int argc, char **argv)
 	esp = ep->esp;
 	mprAssert(argv);
 	for (i = 0; i < argc; i++) {
-		mprGetDirName(dir, sizeof(dir), ep->docPath);
-		mprSprintf(path, sizeof(path), "%s/%s", dir, argv[i]);
+		if (argv[i][0] != '/') {
+			mprGetDirName(dir, sizeof(dir), ep->docPath);
+			mprSprintf(path, sizeof(path), "%s/%s", dir, argv[i]);
+		} else {
+			mprSprintf(path, sizeof(path), "%s", argv[i]);
+		}
 		
 		if (esp->readFile(ep->requestHandle, &buf, &size, path) < 0) {
 			espError(ep, "Can't read include file: %s", path);
-- 
cgit