diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2014-09-23 12:12:55 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2014-09-23 12:12:58 +0200 |
commit | 99f729378f69b2985c559bc8639b2edd06d75233 (patch) | |
tree | 815c655200b0e38307a580e5d03c4dc20ecd06a7 | |
parent | 68d8631ab66380a553cb14c10ee3908561b5a7db (diff) | |
download | uhttpd-99f729378f69b2985c559bc8639b2edd06d75233.tar.gz |
* In canonpath():
* Make sure the internal path_copy buffer is zero initialized, this
guarantees a trailing \0 when copying the input to the buffer
* Handle failing getcwd()
* Copy path argument to the correct offset when converting relative to
absolute paths
* In uh_realpath():
* Fix off-by-one in strncpy() - usually the callers buffer is
zero-initialized so the trailing \0 is present nonetheless but this
makes the function safer to use
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
-rw-r--r-- | uhttpd-utils.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/uhttpd-utils.c b/uhttpd-utils.c index e4ac26c..5dd368f 100644 --- a/uhttpd-utils.c +++ b/uhttpd-utils.c @@ -473,7 +473,7 @@ int uh_b64decode(char *buf, int blen, const unsigned char *src, int slen) static char * canonpath(const char *path, char *path_resolved) { - char path_copy[PATH_MAX]; + char path_copy[PATH_MAX] = { }; char *path_cpy = path_copy; char *path_res = path_resolved; @@ -483,8 +483,11 @@ static char * canonpath(const char *path, char *path_resolved) /* relative -> absolute */ if (*path != '/') { - getcwd(path_copy, sizeof(path_copy)); - snprintf(path_copy, sizeof(path_copy) - strlen(path_copy), "/%s", path); + if (!getcwd(path_copy, sizeof(path_copy))) + return NULL; + + snprintf(path_copy + strlen(path_copy), sizeof(path_copy) - strlen(path_copy), + "/%s", path); } else { @@ -557,7 +560,7 @@ char * uh_realpath(const char *path, char *resolved_path) } else if (res) { - strncpy(resolved_path, res, PATH_MAX - 1); + strncpy(resolved_path, res, PATH_MAX); free(res); return resolved_path; |