diff options
author | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-25 19:37:34 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@openbsd.org> | 2014-07-25 19:37:34 +0000 |
commit | 0640e1fe50bd5000c3c9c58b0db1009689f751f7 (patch) | |
tree | ff73aa6a3f80faafaf6e56d58b8b9dc6b3987864 /cgi.c | |
parent | 3d219b4ac39673cfcc7a5030ee9968d293785b92 (diff) | |
download | mandoc-0640e1fe50bd5000c3c9c58b0db1009689f751f7.tar.gz mandoc-0640e1fe50bd5000c3c9c58b0db1009689f751f7.tar.zst mandoc-0640e1fe50bd5000c3c9c58b0db1009689f751f7.zip |
oops, we must not try to validate a manpath we don't have;
fixing an oversight introduced in rev. 1.77
Diffstat (limited to 'cgi.c')
-rw-r--r-- | cgi.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $Id: cgi.c,v 1.88 2014/07/25 18:20:39 schwarze Exp $ */ +/* $Id: cgi.c,v 1.89 2014/07/25 19:37:34 schwarze Exp $ */ /* * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2014 Ingo Schwarze <schwarze@usta.de> @@ -1086,7 +1086,8 @@ main(void) if (NULL != (querystring = getenv("QUERY_STRING"))) http_parse(&req, querystring); - if ( ! validate_manpath(&req, req.q.manpath)) { + if ( ! (NULL == req.q.manpath || + validate_manpath(&req, req.q.manpath))) { pg_error_badrequest( "You specified an invalid manpath."); return(EXIT_FAILURE); |