Fossil SCM
Fixes to the previous check-in.
Commit
535e39bede2c07fba94e418229707443484bd9ca91b0775999dc25744a133a59
Parent
67a2350fcb688b7…
1 file changed
+5
-2
+5
-2
| --- src/cgi.c | ||
| +++ src/cgi.c | ||
| @@ -2290,11 +2290,12 @@ | ||
| 2290 | 2290 | */ |
| 2291 | 2291 | void cgi_handle_ssh_http_request(const char *zIpAddr){ |
| 2292 | 2292 | static int nCycles = 0; |
| 2293 | 2293 | static char *zCmd = 0; |
| 2294 | 2294 | char *z, *zToken; |
| 2295 | - int i, n; | |
| 2295 | + int i; | |
| 2296 | + size_t n; | |
| 2296 | 2297 | char zLine[2000]; /* A single line of input. */ |
| 2297 | 2298 | |
| 2298 | 2299 | assert( !g.httpUseSSL ); |
| 2299 | 2300 | #ifdef FOSSIL_ENABLE_JSON |
| 2300 | 2301 | if( nCycles==0 ){ json_bootstrap_early(); } |
| @@ -2354,11 +2355,13 @@ | ||
| 2354 | 2355 | zToken = extract_token(z, &z); |
| 2355 | 2356 | if( zToken==0 ){ |
| 2356 | 2357 | malformed_request("malformed URL in HTTP header"); |
| 2357 | 2358 | } |
| 2358 | 2359 | n = strlen(g.zRepositoryName); |
| 2359 | - if( fossil_strncmp(g.zRepositoryName, zToken, n)==0 ){ | |
| 2360 | + if( fossil_strncmp(g.zRepositoryName, zToken, n)==0 | |
| 2361 | + && (zToken[n]=='/' || zToken[n]==0) | |
| 2362 | + ){ | |
| 2360 | 2363 | zToken += n; |
| 2361 | 2364 | } |
| 2362 | 2365 | if( zToken && strlen(zToken)==0 ){ |
| 2363 | 2366 | malformed_request("malformed URL in HTTP header"); |
| 2364 | 2367 | } |
| 2365 | 2368 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -2290,11 +2290,12 @@ | |
| 2290 | */ |
| 2291 | void cgi_handle_ssh_http_request(const char *zIpAddr){ |
| 2292 | static int nCycles = 0; |
| 2293 | static char *zCmd = 0; |
| 2294 | char *z, *zToken; |
| 2295 | int i, n; |
| 2296 | char zLine[2000]; /* A single line of input. */ |
| 2297 | |
| 2298 | assert( !g.httpUseSSL ); |
| 2299 | #ifdef FOSSIL_ENABLE_JSON |
| 2300 | if( nCycles==0 ){ json_bootstrap_early(); } |
| @@ -2354,11 +2355,13 @@ | |
| 2354 | zToken = extract_token(z, &z); |
| 2355 | if( zToken==0 ){ |
| 2356 | malformed_request("malformed URL in HTTP header"); |
| 2357 | } |
| 2358 | n = strlen(g.zRepositoryName); |
| 2359 | if( fossil_strncmp(g.zRepositoryName, zToken, n)==0 ){ |
| 2360 | zToken += n; |
| 2361 | } |
| 2362 | if( zToken && strlen(zToken)==0 ){ |
| 2363 | malformed_request("malformed URL in HTTP header"); |
| 2364 | } |
| 2365 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -2290,11 +2290,12 @@ | |
| 2290 | */ |
| 2291 | void cgi_handle_ssh_http_request(const char *zIpAddr){ |
| 2292 | static int nCycles = 0; |
| 2293 | static char *zCmd = 0; |
| 2294 | char *z, *zToken; |
| 2295 | int i; |
| 2296 | size_t n; |
| 2297 | char zLine[2000]; /* A single line of input. */ |
| 2298 | |
| 2299 | assert( !g.httpUseSSL ); |
| 2300 | #ifdef FOSSIL_ENABLE_JSON |
| 2301 | if( nCycles==0 ){ json_bootstrap_early(); } |
| @@ -2354,11 +2355,13 @@ | |
| 2355 | zToken = extract_token(z, &z); |
| 2356 | if( zToken==0 ){ |
| 2357 | malformed_request("malformed URL in HTTP header"); |
| 2358 | } |
| 2359 | n = strlen(g.zRepositoryName); |
| 2360 | if( fossil_strncmp(g.zRepositoryName, zToken, n)==0 |
| 2361 | && (zToken[n]=='/' || zToken[n]==0) |
| 2362 | ){ |
| 2363 | zToken += n; |
| 2364 | } |
| 2365 | if( zToken && strlen(zToken)==0 ){ |
| 2366 | malformed_request("malformed URL in HTTP header"); |
| 2367 | } |
| 2368 |