Klaus Demo nginx / bf14b00
ngx_path_separator() Igor Sysoev 13 years ago
4 changed file(s) with 15 addition(s) and 30 deletion(s). Raw diff Collapse all Expand all
13361336 goto unsafe;
13371337 }
13381338
1339 if (p[0] == '.' && len == 3 && p[1] == '.' && (p[2] == '/'
1340 #if (NGX_WIN32)
1341 || p[2] == '\\'
1342 #endif
1343 ))
1344 {
1339 if (p[0] == '.' && len == 3 && p[1] == '.' && (ngx_path_separator(p[2]))) {
13451340 goto unsafe;
13461341 }
13471342
13661361 continue;
13671362 }
13681363
1369 if ((ch == '/'
1364 if (ngx_path_separator(ch) && len > 2) {
1365
1366 /* detect "/../" */
1367
1368 if (p[0] == '.' && p[1] == '.' && ngx_path_separator(p[2])) {
1369 goto unsafe;
1370 }
1371
13701372 #if (NGX_WIN32)
1371 || ch == '\\'
1372 #endif
1373 ) && len > 2)
1374 {
1375 /* detect "/../" */
1376
1377 if (p[0] == '.' && p[1] == '.' && p[2] == '/') {
1378 goto unsafe;
1379 }
1380
1381 #if (NGX_WIN32)
1382
1383 if (p[2] == '\\') {
1384 goto unsafe;
1385 }
13861373
13871374 if (len > 3) {
13881375
13891376 /* detect "/.../" */
13901377
13911378 if (p[0] == '.' && p[1] == '.' && p[2] == '.'
1392 && (p[3] == '/' || p[3] == '\\'))
1379 && ngx_path_separator(p[3]))
13931380 {
13941381 goto unsafe;
13951382 }
15861586 continue;
15871587 }
15881588
1589 if (ch == '/' || ch == '\0') {
1589 if (ngx_path_separator(ch) || ch == '\0') {
15901590 return -1;
15911591 }
1592
1593 #if (NGX_WIN32)
1594 if (ch == '\\') {
1595 return -1;
1596 }
1597 #endif
15981592 }
15991593
16001594 if (dot) {
159159 #define ngx_realpath_n "realpath()"
160160 #define ngx_getcwd(buf, size) (getcwd(buf, size) != NULL)
161161 #define ngx_getcwd_n "getcwd()"
162 #define ngx_path_separator(c) ((c) == '/')
163
162164 #define NGX_MAX_PATH PATH_MAX
163165
164166 #define NGX_DIR_MASK_LEN 0
153153 #define ngx_realpath_n ""
154154 #define ngx_getcwd(buf, size) GetCurrentDirectory(size, buf)
155155 #define ngx_getcwd_n "GetCurrentDirectory()"
156 #define ngx_path_separator(c) ((c) == '/' || (c) == '\\')
157
156158 #define NGX_MAX_PATH MAX_PATH
157159
158160