avoid buffer overflow
authorBodo Möller <bodo@openssl.org>
Sat, 31 Mar 2001 07:48:07 +0000 (07:48 +0000)
committerBodo Möller <bodo@openssl.org>
Sat, 31 Mar 2001 07:48:07 +0000 (07:48 +0000)
apps/s_server.c

index 4223d2d..cd1aa17 100644 (file)
@@ -1473,9 +1473,11 @@ static int www_body(char *hostname, int s, unsigned char *context)
                                break;
                                }
 
+#if 0
                        /* append if a directory lookup */
                        if (e[-1] == '/')
                                strcat(p,"index.html");
+#endif
 
                        /* if a directory, do the index thang */
                        if (stat(p,&st_buf) < 0)
@@ -1487,7 +1489,13 @@ static int www_body(char *hostname, int s, unsigned char *context)
                                }
                        if (S_ISDIR(st_buf.st_mode))
                                {
+#if 0 /* must check buffer size */
                                strcat(p,"/index.html");
+#else
+                               BIO_puts(io,text);
+                               BIO_printf(io,"'%s' is a directory\r\n",p);
+                               break;
+#endif
                                }
 
                        if ((file=BIO_new_file(p,"r")) == NULL)