[GNUnet-SVN] r36833 - libmicrohttpd/src/examples

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r36833 - libmicrohttpd/src/examples

From:	gnunet
Subject:	[GNUnet-SVN] r36833 - libmicrohttpd/src/examples
Date:	Mon, 18 Jan 2016 21:48:52 +0100

Author: grothoff
Date: 2016-01-18 21:48:52 +0100 (Mon, 18 Jan 2016)
New Revision: 36833

Modified:
   libmicrohttpd/src/examples/demo_https.c
Log:
avoid stat/open race, and actually check for regular file (in demo)

Modified: libmicrohttpd/src/examples/demo_https.c
===================================================================
--- libmicrohttpd/src/examples/demo_https.c     2016-01-18 20:45:12 UTC (rev 
36832)
+++ libmicrohttpd/src/examples/demo_https.c     2016-01-18 20:48:52 UTC (rev 
36833)
@@ -693,12 +693,19 @@
 
       if (0 != strcmp (method, MHD_HTTP_METHOD_GET))
        return MHD_NO;  /* unexpected method (we're not polite...) */
-      if ( (0 == stat (&url[1], &buf)) &&
-          (NULL == strstr (&url[1], "..")) &&
-          ('/' != url[1]))
-       fd = open (&url[1], O_RDONLY);
-      else
-       fd = -1;
+      fd = -1;
+
+      if ( (NULL == strstr (&url[1], "..")) &&
+          ('/' != url[1]) )
+        {
+          fd = open (&url[1], O_RDONLY);
+          if ( (0 != fstat (fd, &buf)) ||
+               (! S_ISREG (buf.st_mode)) )
+            {
+              (void) close (fd);
+              fd = -1;
+            }
+        }
       if (-1 == fd)
        return MHD_queue_response (connection,
                                   MHD_HTTP_NOT_FOUND,

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] r36833 - libmicrohttpd/src/examples, gnunet <=

Prev by Date: [GNUnet-SVN] r36832 - libmicrohttpd/src/examples
Next by Date: [GNUnet-SVN] r36834 - libmicrohttpd/src/microhttpd
Previous by thread: [GNUnet-SVN] r36832 - libmicrohttpd/src/examples
Next by thread: [GNUnet-SVN] r36834 - libmicrohttpd/src/microhttpd
Index(es):
- Date
- Thread