mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-28 10:10:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

ngx_path_separator()

Browse Source
This commit is contained in:
Igor Sysoev 2009-04-23 16:38:59 +00:00
parent c28ff717cb
commit bf14b000e6
4 changed files with 10 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/http/ngx_http_parse.c
View File

@ -1337,12 +1337,7 @@ ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
goto unsafe; goto unsafe;
} }
if (p[0] == '.' && len == 3 && p[1] == '.' && (p[2] == '/' if (p[0] == '.' && len == 3 && p[1] == '.' && (ngx_path_separator(p[2]))) {
#if (NGX_WIN32)
|| p[2] == '\\'
#endif
))
{
goto unsafe; goto unsafe;
} }
@ -1367,30 +1362,22 @@ ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
continue; continue;
} }
if ((ch == '/' if (ngx_path_separator(ch) && len > 2) {
#if (NGX_WIN32)
|| ch == '\\'
#endif
) && len > 2)
{
/* detect "/../" */ /* detect "/../" */
if (p[0] == '.' && p[1] == '.' && p[2] == '/') { if (p[0] == '.' && p[1] == '.' && ngx_path_separator(p[2])) {
goto unsafe; goto unsafe;
} }
#if (NGX_WIN32) #if (NGX_WIN32)
if (p[2] == '\\') {
goto unsafe;
}
if (len > 3) { if (len > 3) {
/* detect "/.../" */ /* detect "/.../" */
if (p[0] == '.' && p[1] == '.' && p[2] == '.' if (p[0] == '.' && p[1] == '.' && p[2] == '.'
&& (p[3] == '/' || p[3] == '\\')) && ngx_path_separator(p[3]))
{ {
goto unsafe; goto unsafe;
} }

8
src/http/ngx_http_request.c
View File

@ -1587,15 +1587,9 @@ ngx_http_validate_host(u_char *host, size_t len)
continue; continue;
} }
if (ch == '/' || ch == '\0') { if (ngx_path_separator(ch) || ch == '\0') {
return -1; return -1;
} }
#if (NGX_WIN32)
if (ch == '\\') {
return -1;
}
#endif
} }
if (dot) { if (dot) {

2
src/os/unix/ngx_files.h
View File

@ -160,6 +160,8 @@ ngx_int_t ngx_set_file_time(u_char *name, ngx_fd_t fd, time_t s);
#define ngx_realpath_n "realpath()" #define ngx_realpath_n "realpath()"
#define ngx_getcwd(buf, size) (getcwd(buf, size) != NULL) #define ngx_getcwd(buf, size) (getcwd(buf, size) != NULL)
#define ngx_getcwd_n "getcwd()" #define ngx_getcwd_n "getcwd()"
#define ngx_path_separator(c) ((c) == '/')
#define NGX_MAX_PATH PATH_MAX #define NGX_MAX_PATH PATH_MAX
#define NGX_DIR_MASK_LEN 0 #define NGX_DIR_MASK_LEN 0

2
src/os/win32/ngx_files.h
View File

@ -154,6 +154,8 @@ char *ngx_realpath(u_char *path, u_char *resolved);
#define ngx_realpath_n "" #define ngx_realpath_n ""
#define ngx_getcwd(buf, size) GetCurrentDirectory(size, buf) #define ngx_getcwd(buf, size) GetCurrentDirectory(size, buf)
#define ngx_getcwd_n "GetCurrentDirectory()" #define ngx_getcwd_n "GetCurrentDirectory()"
#define ngx_path_separator(c) ((c) == '/' || (c) == '\\')
#define NGX_MAX_PATH MAX_PATH #define NGX_MAX_PATH MAX_PATH