From 51a0b68908c1f9ca9cb49f957fb6aae5307674f6 Mon Sep 17 00:00:00 2001 From: Stefano Zacchiroli Date: Wed, 16 Mar 2005 16:33:10 +0000 Subject: [PATCH] - bugfix: do not fail when query_kind is missing (e.g. on /getpage) - bugfix: security, no longer subject to directory traversal (!) --- helm/searchEngine/searchEngine.ml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/helm/searchEngine/searchEngine.ml b/helm/searchEngine/searchEngine.ml index d994ac11a..d262029ed 100644 --- a/helm/searchEngine/searchEngine.ml +++ b/helm/searchEngine/searchEngine.ml @@ -122,7 +122,7 @@ let query_kind_of_req (req: Http_types.request) = | "/hint" -> "Hint" | "/locate" -> "Locate" | "/elim" -> "Elim" - | _ -> assert false + | _ -> "" (* given a uri with a query part in input try to find in it a string * "¶m_name=..." (where param_name is given). If found its value will be @@ -348,16 +348,16 @@ let callback dbd (req: Http_types.request) outchan = (match req#path with | "/getpage" -> (* TODO implement "is_permitted" *) - (let is_permitted _ = true in + (let is_permitted page = not (Pcre.pmatch ~pat:"/" page) in let page = req#param "url" in + let fname = sprintf "%s/%s" pages_dir page in let preprocess = (try bool_of_string (req#param "preprocess") with Invalid_argument _ | Http_types.Param_not_found _ -> false) in (match page with - | page when is_permitted page -> - (let fname = sprintf "%s/%s" pages_dir page in + | page when is_permitted page && Sys.file_exists fname -> Http_daemon.send_basic_headers ~code:(`Code 200) outchan; Http_daemon.send_header "Content-Type" "text/html" outchan; Http_daemon.send_CRLF outchan; @@ -374,7 +374,7 @@ let callback dbd (req: Http_types.request) outchan = "\n")) fname end else - Http_daemon.send_file ~src:(Http_types.FileSrc fname) outchan) + Http_daemon.send_file ~src:(Http_types.FileSrc fname) outchan | page -> Http_daemon.respond_forbidden ~url:page outchan)) | "/help" -> Http_daemon.respond ~body:daemon_name outchan | "/locate" -> -- 2.39.2