aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/cgi.c
diff options
context:
space:
mode:
Diffstat (limited to 'cgi.c')
-rw-r--r--cgi.c59
1 files changed, 42 insertions, 17 deletions
diff --git a/cgi.c b/cgi.c
index 720dbc7d..f8497b58 100644
--- a/cgi.c
+++ b/cgi.c
@@ -1,4 +1,4 @@
-/* $Id: cgi.c,v 1.134 2016/07/10 10:05:33 schwarze Exp $ */
+/* $Id: cgi.c,v 1.135 2016/07/11 22:48:37 schwarze Exp $ */
/*
* Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
* Copyright (c) 2014, 2015, 2016 Ingo Schwarze <schwarze@usta.de>
@@ -1064,11 +1064,13 @@ main(void)
static void
parse_path_info(struct req *req, const char *path)
{
- char *dir;
+ char *dir[4];
+ int i;
req->isquery = 0;
req->q.equal = 1;
req->q.manpath = mandoc_strdup(path);
+ req->q.arch = NULL;
/* Mandatory manual page name. */
if ((req->q.query = strrchr(req->q.manpath, '/')) == NULL) {
@@ -1087,27 +1089,50 @@ parse_path_info(struct req *req, const char *path)
}
/* Handle the case of name[.section] only. */
- if (req->q.manpath == NULL) {
- req->q.arch = NULL;
+ if (req->q.manpath == NULL)
return;
- }
req->q.query = mandoc_strdup(req->q.query);
- /* Optional architecture. */
- dir = strrchr(req->q.manpath, '/');
- if (dir != NULL && strncmp(dir + 1, "man", 3) != 0) {
- *dir++ = '\0';
- req->q.arch = mandoc_strdup(dir);
- dir = strrchr(req->q.manpath, '/');
- } else
- req->q.arch = NULL;
+ /* Split directory components. */
+ dir[i = 0] = req->q.manpath;
+ while ((dir[i + 1] = strchr(dir[i], '/')) != NULL) {
+ if (++i == 3) {
+ pg_error_badrequest(
+ "You specified too many directory components.");
+ exit(EXIT_FAILURE);
+ }
+ *dir[i]++ = '\0';
+ }
+
+ /* Optional manpath. */
+ if ((i = validate_manpath(req, req->q.manpath)) == 0)
+ req->q.manpath = NULL;
+ else if (dir[1] == NULL)
+ return;
- /* Optional directory name. */
- if (dir != NULL && strncmp(dir + 1, "man", 3) == 0) {
- *dir++ = '\0';
+ /* Optional section. */
+ if (strncmp(dir[i], "man", 3) == 0) {
free(req->q.sec);
- req->q.sec = mandoc_strdup(dir + 3);
+ req->q.sec = mandoc_strdup(dir[i++] + 3);
}
+ if (dir[i] == NULL) {
+ if (req->q.manpath == NULL)
+ free(dir[0]);
+ return;
+ }
+ if (dir[i + 1] != NULL) {
+ pg_error_badrequest(
+ "You specified an invalid directory component.");
+ exit(EXIT_FAILURE);
+ }
+
+ /* Optional architecture. */
+ if (i) {
+ req->q.arch = mandoc_strdup(dir[i]);
+ if (req->q.manpath == NULL)
+ free(dir[0]);
+ } else
+ req->q.arch = dir[0];
}
/*
generated by cgit v1.2.3-56-ge451 (git 2.39.0) at 2024-05-20 20:26:35 +0000