Fossil SCM
Call `cgi_is_loopback()' before `db_open_local()' when checking for a local `fossil ui' session. The former performs simple string comparison, while the latter crawls the file system for multiple (3) check-out database file names at multiple directory hierarchy levels. The main motivation for this change is to reduce "attack surface" of the /jchunk interface, but also to align `cgi_is_loopback()' vs. `db_open_local()' precedence with usage elsewhere in the code base.
Commit
2dda151c400925b32896652c7e9dc322ed1b503a7e1d8d8d5938e2e19c307e7d
Parent
593ceca27dbe17d…
2 files changed
+2
-2
+1
-1
+2
-2
| --- src/info.c | ||
| +++ src/info.c | ||
| @@ -829,11 +829,11 @@ | ||
| 829 | 829 | int nHome; |
| 830 | 830 | const char *zExBase; |
| 831 | 831 | char *zHostname; |
| 832 | 832 | char *zCwd; |
| 833 | 833 | |
| 834 | - if( !db_open_local(0) || !cgi_is_loopback(g.zIpAddr) ){ | |
| 834 | + if( !cgi_is_loopback(g.zIpAddr) || !db_open_local(0) ){ | |
| 835 | 835 | cgi_redirectf("%R/home"); |
| 836 | 836 | return; |
| 837 | 837 | } |
| 838 | 838 | file_chdir(g.zLocalRoot, 0); |
| 839 | 839 | vid = db_lget_int("checkout", 0); |
| @@ -2248,12 +2248,12 @@ | ||
| 2248 | 2248 | } |
| 2249 | 2249 | if( zName[0]=='x' |
| 2250 | 2250 | && ((nName-1)&1)==0 |
| 2251 | 2251 | && validate16(&zName[1],nName-1) |
| 2252 | 2252 | && g.perm.Admin |
| 2253 | - && db_open_local(0) | |
| 2254 | 2253 | && cgi_is_loopback(g.zIpAddr) |
| 2254 | + && db_open_local(0) | |
| 2255 | 2255 | ){ |
| 2256 | 2256 | /* Treat the HASH as a hex-encoded filename */ |
| 2257 | 2257 | int n = (nName-1)/2; |
| 2258 | 2258 | char *zFN = fossil_malloc(n+1); |
| 2259 | 2259 | decode16((const u8*)&zName[1], (u8*)zFN, nName-1); |
| 2260 | 2260 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -829,11 +829,11 @@ | |
| 829 | int nHome; |
| 830 | const char *zExBase; |
| 831 | char *zHostname; |
| 832 | char *zCwd; |
| 833 | |
| 834 | if( !db_open_local(0) || !cgi_is_loopback(g.zIpAddr) ){ |
| 835 | cgi_redirectf("%R/home"); |
| 836 | return; |
| 837 | } |
| 838 | file_chdir(g.zLocalRoot, 0); |
| 839 | vid = db_lget_int("checkout", 0); |
| @@ -2248,12 +2248,12 @@ | |
| 2248 | } |
| 2249 | if( zName[0]=='x' |
| 2250 | && ((nName-1)&1)==0 |
| 2251 | && validate16(&zName[1],nName-1) |
| 2252 | && g.perm.Admin |
| 2253 | && db_open_local(0) |
| 2254 | && cgi_is_loopback(g.zIpAddr) |
| 2255 | ){ |
| 2256 | /* Treat the HASH as a hex-encoded filename */ |
| 2257 | int n = (nName-1)/2; |
| 2258 | char *zFN = fossil_malloc(n+1); |
| 2259 | decode16((const u8*)&zName[1], (u8*)zFN, nName-1); |
| 2260 |
| --- src/info.c | |
| +++ src/info.c | |
| @@ -829,11 +829,11 @@ | |
| 829 | int nHome; |
| 830 | const char *zExBase; |
| 831 | char *zHostname; |
| 832 | char *zCwd; |
| 833 | |
| 834 | if( !cgi_is_loopback(g.zIpAddr) || !db_open_local(0) ){ |
| 835 | cgi_redirectf("%R/home"); |
| 836 | return; |
| 837 | } |
| 838 | file_chdir(g.zLocalRoot, 0); |
| 839 | vid = db_lget_int("checkout", 0); |
| @@ -2248,12 +2248,12 @@ | |
| 2248 | } |
| 2249 | if( zName[0]=='x' |
| 2250 | && ((nName-1)&1)==0 |
| 2251 | && validate16(&zName[1],nName-1) |
| 2252 | && g.perm.Admin |
| 2253 | && cgi_is_loopback(g.zIpAddr) |
| 2254 | && db_open_local(0) |
| 2255 | ){ |
| 2256 | /* Treat the HASH as a hex-encoded filename */ |
| 2257 | int n = (nName-1)/2; |
| 2258 | char *zFN = fossil_malloc(n+1); |
| 2259 | decode16((const u8*)&zName[1], (u8*)zFN, nName-1); |
| 2260 |
+1
-1
| --- src/sitemap.c | ||
| +++ src/sitemap.c | ||
| @@ -116,11 +116,11 @@ | ||
| 116 | 116 | if( inSublist ){ |
| 117 | 117 | @ </ul> |
| 118 | 118 | inSublist = 0; |
| 119 | 119 | } |
| 120 | 120 | @ </li> |
| 121 | - if( db_open_local(0) && cgi_is_loopback(g.zIpAddr) ){ | |
| 121 | + if( cgi_is_loopback(g.zIpAddr) && db_open_local(0) ){ | |
| 122 | 122 | @ <li>%z(href("%R/ckout"))Checkout Status</a></li> |
| 123 | 123 | } |
| 124 | 124 | if( g.perm.Read ){ |
| 125 | 125 | const char *zEditGlob = db_get("fileedit-glob",""); |
| 126 | 126 | @ <li>%z(href("%R/tree"))File Browser</a> |
| 127 | 127 |
| --- src/sitemap.c | |
| +++ src/sitemap.c | |
| @@ -116,11 +116,11 @@ | |
| 116 | if( inSublist ){ |
| 117 | @ </ul> |
| 118 | inSublist = 0; |
| 119 | } |
| 120 | @ </li> |
| 121 | if( db_open_local(0) && cgi_is_loopback(g.zIpAddr) ){ |
| 122 | @ <li>%z(href("%R/ckout"))Checkout Status</a></li> |
| 123 | } |
| 124 | if( g.perm.Read ){ |
| 125 | const char *zEditGlob = db_get("fileedit-glob",""); |
| 126 | @ <li>%z(href("%R/tree"))File Browser</a> |
| 127 |
| --- src/sitemap.c | |
| +++ src/sitemap.c | |
| @@ -116,11 +116,11 @@ | |
| 116 | if( inSublist ){ |
| 117 | @ </ul> |
| 118 | inSublist = 0; |
| 119 | } |
| 120 | @ </li> |
| 121 | if( cgi_is_loopback(g.zIpAddr) && db_open_local(0) ){ |
| 122 | @ <li>%z(href("%R/ckout"))Checkout Status</a></li> |
| 123 | } |
| 124 | if( g.perm.Read ){ |
| 125 | const char *zEditGlob = db_get("fileedit-glob",""); |
| 126 | @ <li>%z(href("%R/tree"))File Browser</a> |
| 127 |