diff options
author | Eduardo Chappa <chappa@washington.edu> | 2013-05-31 17:08:22 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2013-05-31 17:08:22 -0600 |
commit | 81e994d7907f850506ddc248f84761a54995e58c (patch) | |
tree | 3bc4993b48ddeec45dee51323437200ab975887c /pith/url.c | |
parent | 077522d7e058133f9de99d0d74481566b21c5a98 (diff) | |
download | alpine-81e994d7907f850506ddc248f84761a54995e58c.tar.xz |
* Fix not allow remote execution by adding PIPE_NOSHELL to the opening of a url by
a browser.
Diffstat (limited to 'pith/url.c')
-rw-r--r-- | pith/url.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -53,7 +53,7 @@ char * rfc1738_scan(char *line, int *len) { char *colon, *start, *end; - int n; + int n, delim; /* process each : in the line */ for(; (colon = strindex(line, ':')) != NULL; line = end){ @@ -137,6 +137,7 @@ rfc1738_scan(char *line, int *len) if(i != j){ *len = end - start; + delim = start > line && *(start - 1) == '<'; /* * Special case handling for comma. @@ -146,8 +147,8 @@ rfc1738_scan(char *line, int *len) * In most cases any way, that's why we have the * exception. */ - if(*(end - 1) == ',' - || (*(end - 1) == '.' && (!*end || *end == ' '))) + if(delim == 0 && (*(end - 1) == ',' + || (*(end - 1) == '.' && (!*end || *end == ' ')))) (*len)--; if(*len - (colon - start) > 0) |