]>
Commit | Line | Data |
---|---|---|
f6c793a8 | 1 | diff -Nru httpd-2.0.48.orig/server/config.c httpd-2.0.48/server/config.c |
2 | --- httpd-2.0.48.orig/server/config.c 2003-10-14 05:43:18.000000000 +0200 | |
3 | +++ httpd-2.0.48/server/config.c 2003-10-28 10:09:44.618490512 +0100 | |
9d781f9b MM |
4 | @@ -1458,6 +1458,7 @@ |
5 | apr_dir_t *dirp; | |
6 | apr_finfo_t dirent; | |
7 | int current; | |
f1800b13 | 8 | + size_t slen; |
9d781f9b MM |
9 | apr_array_header_t *candidates = NULL; |
10 | fnames *fnew; | |
11 | apr_status_t rv; | |
f6c793a8 | 12 | @@ -1478,8 +1479,14 @@ |
f1800b13 | 13 | |
9d781f9b MM |
14 | candidates = apr_array_make(p, 1, sizeof(fnames)); |
15 | while (apr_dir_read(&dirent, APR_FINFO_DIRENT, dirp) == APR_SUCCESS) { | |
f6c793a8 | 16 | + slen = strlen(dirent.name); |
9d781f9b MM |
17 | /* strip out '.' and '..' */ |
18 | if (strcmp(dirent.name, ".") | |
f6c793a8 | 19 | + && (dirent.name)[slen-1] != '~' |
20 | + && (dirent.name)[0] != '.' | |
21 | + && (slen < 8 || strcmp((dirent.name + slen - 7), ".rpmnew")) | |
22 | + && (slen < 9 || ( strcmp((dirent.name + slen - 8), ".rpmorig") | |
23 | + && strcmp((dirent.name + slen - 8), ".rpmsave"))) | |
24 | && strcmp(dirent.name, "..")) { | |
25 | fnew = (fnames *) apr_array_push(candidates); | |
26 | fnew->fname = ap_make_full_path(p, path, dirent.name); |