about summary refs log tree commit diff
path: root/configfile.c
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2013-05-25 19:47:15 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2013-05-25 20:33:28 +0200
commitfe36f84d843cd755c6dab629a0758264de5bcc00 (patch)
treefee8af2ed0f3df2fa9015453ce3e8d721df6a0cd /configfile.c
parentcgitrc.5: information on directory traversal and multiple readme files (diff)
downloadcgit-pink-fe36f84d843cd755c6dab629a0758264de5bcc00.tar.gz
cgit-pink-fe36f84d843cd755c6dab629a0758264de5bcc00.zip
ui-summary: Disallow directory traversal
Using the url= query string, it was possible request arbitrary files
from the filesystem if the readme for a given page was set to a
filesystem file. The following request would return my /etc/passwd file:

http://git.zx2c4.com/?url=/somerepo/about/../../../../etc/passwd
http://data.zx2c4.com/cgit-directory-traversal.png

This fix uses realpath(3) to canonicalize all paths, and then compares
the base components.

This fix introduces a subtle timing attack, whereby a client can check
whether or not strstr is called using timing measurements in order
to determine if a given file exists on the filesystem.

This fix also does not account for filesystem race conditions (TOCTOU)
in resolving symlinks.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'configfile.c')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-27 07:13:54 +0000


 


onsecutive formatting codes at onceJune McEnroe

Fixes the failing splits test.



2018-09-14Add tests for formatParseJune McEnroe

With one currently failing so you know they're worth it.



2018-09-13Preview with nick in input windowJune McEnroe


2018-09-13Never send PRIVMSG to TagStatus or TagVerboseJune McEnroe


2018-09-13Move color selection to format.cJune McEnroe


2018-09-13Fix len for format->split at end of stringJune McEnroe


2018-09-13Avoid uninitialized x in uiReadJune McEnroe


2018-09-13Add IRCDefault to colors enumJune McEnroe


2018-09-13Return a format->split even at the end of the stringJune McEnroe


2018-09-13Fix weird tab-complete after commaJune McEnroe

I have no idea why I did this.



2018-09-13Rewrite UI againJune McEnroe

The persistent topic is gone and the status line is now at the top. The
status formatting still needs to be reworked. I also want to try showing
the nick in the input window so it really looks like your next message.



2018-09-12Add note about C-oJune McEnroe

Why are there so few well usable ctrl key bindings?



2018-09-12Use formatParse split to position input cursorJune McEnroe


2018-09-12Factor out IRC formatting parsingJune McEnroe


2018-09-11Add /help equivalent to /manJune McEnroe


2018-09-11Don't render every PM as a pingJune McEnroe


2018-09-11Add urlOpenMatchJune McEnroe


2018-09-10Depend on man.sh for chroot.tar targetJune McEnroe


2018-09-10Set LESSSECURE=1 in man.shJune McEnroe

Ridiculous.



2018-09-10Add /man commandJune McEnroe


2018-09-10Install man page in chrootJune McEnroe


2018-09-10Install man pageJune McEnroe


2018-09-10Split keys into subsections and document colorsJune McEnroe


2018-09-10Add "blank" lines to chatte.1June McEnroe


2018-09-10Document key bindings in chatte.1June McEnroe


2018-09-08Document slash commands in chatte.1June McEnroe