summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--browse.c11
-rw-r--r--download.c7
-rw-r--r--url.c4
-rw-r--r--url.h2
4 files changed, 12 insertions, 12 deletions
diff --git a/browse.c b/browse.c
index a129eb6..5093242 100644
--- a/browse.c
+++ b/browse.c
@@ -31,6 +31,7 @@
#include <dirent.h>
#include <kcgi.h>
#include <kcgihtml.h>
+#include <limits.h>
#include <stdbool.h>
#include <string.h>
@@ -60,7 +61,7 @@ browse(struct kreq * r)
DIR *data_dir;
char *file_name;
size_t url_size;
- char url[URL_LENGTH_MAX], current_dir[URL_LENGTH_MAX];
+ char url[PATH_MAX], current_dir[PATH_MAX];
struct khtmlreq html;
/* check that the requested URL can be safely processed */
@@ -68,11 +69,11 @@ browse(struct kreq * r)
http_exit(r, KHTTP_400, "browse: Invalid request path");
/* list requested directory content */
- url_size = url_build(current_dir, URL_LENGTH_MAX, DATA_DIR, r->path,
+ url_size = url_build(current_dir, PATH_MAX, DATA_DIR, r->path,
NULL);
if (url_size == 0)
http_exit(r, KHTTP_404, "browse: Unable to build data path");
- if (url_size >= URL_LENGTH_MAX)
+ if (url_size >= PATH_MAX)
http_exit(r, KHTTP_414, NULL);
data_dir = opendir(current_dir);
if (NULL == data_dir)
@@ -99,8 +100,8 @@ browse(struct kreq * r)
file_name = dir->d_name;
if (strcmp(".", file_name) == 0 || strcmp("..", file_name) == 0)
continue;
- url_size = build_browse_url(r, url, URL_LENGTH_MAX, file_name);
- if (url_size == 0 || url_size >= URL_LENGTH_MAX) {
+ url_size = build_browse_url(r, url, PATH_MAX, file_name);
+ if (url_size == 0 || url_size >= PATH_MAX) {
kutil_warn(r, NULL, "browse: Detected URL overflow: %s", url);
continue;
}
diff --git a/download.c b/download.c
index ce22ea7..8512405 100644
--- a/download.c
+++ b/download.c
@@ -32,6 +32,7 @@
#include <sys/stat.h>
#include <fcntl.h>
+#include <limits.h>
#include <unistd.h>
#include "cgi.h"
@@ -46,7 +47,7 @@ download(struct kreq * r)
void *buffer;
struct stat st;
int st_ret, fd;
- char file_path[URL_LENGTH_MAX];
+ char file_path[PATH_MAX];
size_t path_size;
/* check that the requested URL can be safely processed */
@@ -54,11 +55,11 @@ download(struct kreq * r)
http_exit(r, KHTTP_400, "download: Invalid request path");
/* build requested file path */
- path_size = url_build(file_path, URL_LENGTH_MAX, DATA_DIR, "File.txt",
+ path_size = url_build(file_path, PATH_MAX, DATA_DIR, "File.txt",
NULL);
if (path_size == 0)
http_exit(r, KHTTP_404, "download: Unable to build file path");
- if (path_size >= URL_LENGTH_MAX)
+ if (path_size >= PATH_MAX)
http_exit(r, KHTTP_414, NULL);
/* memory map the file */
diff --git a/url.c b/url.c
index 6ed2c19..53a26dc 100644
--- a/url.c
+++ b/url.c
@@ -29,6 +29,7 @@
*/
#include <assert.h>
+#include <limits.h>
#include <stdarg.h>
#include <string.h>
@@ -39,7 +40,7 @@ check_request_path(char *path)
{
char *p_found;
- if (strlen(path) >= URL_LENGTH_MAX)
+ if (strlen(path) >= PATH_MAX)
return false;
p_found = strstr(path, "/..");
@@ -55,7 +56,6 @@ url_build(char *dst, size_t dst_size,...)
{
va_list path_list;
const char *path;
- int path_index;
size_t w_size;
dst[0] = '\0';
diff --git a/url.h b/url.h
index f4c5e2d..63e487e 100644
--- a/url.h
+++ b/url.h
@@ -34,8 +34,6 @@
#include <stdbool.h>
#include <stdio.h>
-#define URL_LENGTH_MAX 8192
-
/*
* Checks that the path can be safely processed. Namely, it should not contain
* "..", which denotes an attempt to get out of the DATA_DIR root folder.