mirror of https://github.com/moparisthebest/curl
header_callback: strip off file path separated with backslashes
If the filename contains a backslash, only use filename portion. The idea is that even systems that don't handle backslashes as path separators probably want that path removed for convenience. This flaw is considered a security problem, see the curl security vulnerability http://curl.haxx.se/docs/adv_20101013.html
This commit is contained in:
parent
b804906414
commit
81f151c912
12
src/main.c
12
src/main.c
|
@ -4368,6 +4368,18 @@ parse_filename(char *ptr, size_t len)
|
|||
}
|
||||
}
|
||||
|
||||
/* If the filename contains a backslash, only use filename portion. The idea
|
||||
is that even systems that don't handle backslashes as path separators
|
||||
probably want the path removed for convenience. */
|
||||
q = strrchr(p, '\\');
|
||||
if (q) {
|
||||
p = q+1;
|
||||
if (!*p) {
|
||||
free(copy);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
if(quote) {
|
||||
/* if the file name started with a quote, then scan for the end quote and
|
||||
stop there */
|
||||
|
|
Loading…
Reference in New Issue