1 diff -urN wget-1.8.2/src/fnmatch.c wget-1.8.2_save/src/fnmatch.c
2 --- wget-1.8.2/src/fnmatch.c Sat May 18 05:05:15 2002
3 +++ wget-1.8.2_save/src/fnmatch.c Fri Oct 4 14:53:40 2002
8 +/* Return non-zero if S has a leading '/' or contains '../' */
10 +has_invalid_name (const char *s)
14 + if (strstr(s, "../") != 0)
19 /* Return non-zero if S contains globbing wildcards (`*', `?', `[' or
22 diff -urN wget-1.8.2/src/ftp.c wget-1.8.2_save/src/ftp.c
23 --- wget-1.8.2/src/ftp.c Sat May 18 05:05:16 2002
24 +++ wget-1.8.2_save/src/ftp.c Fri Oct 4 15:07:22 2002
27 struct fileinfo *orig, *start;
32 con->cmd |= LEAVE_PENDING;
35 opt.accepts and opt.rejects. */
36 if (opt.accepts || opt.rejects)
38 - struct fileinfo *f = orig;
43 if (f->type != FT_DIRECTORY && !acceptable (f->name))
44 @@ -1575,6 +1576,18 @@
48 + /* Remove all files with possible harmful names */
52 + if (has_invalid_name(f->name))
54 + logprintf (LOG_VERBOSE, _("Rejecting `%s'.\n"), f->name);
55 + f = delelement (f, &start);
60 /* Now weed out the files that do not match our globbing pattern.
61 If we are dealing with a globbing pattern, that is. */
62 if (*u->file && (action == GLOBALL || action == GETONE))