cgi-bin/text-to-html-filter.cgi: security check on path prefix
This commit is contained in:
parent
ba336825f1
commit
9a8139f571
@ -4,7 +4,7 @@ ext=${file/*.}
|
|||||||
range=10000
|
range=10000
|
||||||
filename="/var/www/www.openmamba.org/$file"
|
filename="/var/www/www.openmamba.org/$file"
|
||||||
filename_check=`readlink -f $filename`
|
filename_check=`readlink -f $filename`
|
||||||
[ "${filename_check:0:27}" = "/mnt/sdc1/ftp/pub/openmamba" ] || exit 0
|
[ "${filename_check:0:22}" = "/var/ftp/pub/openmamba" ] || exit 0
|
||||||
if [ "$page" ]; then
|
if [ "$page" ]; then
|
||||||
[ $page -gt 0 ] || page=1
|
[ $page -gt 0 ] || page=1
|
||||||
else
|
else
|
||||||
|
Loading…
Reference in New Issue
Block a user