projects
/
platform
/
upstream
/
llvm.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
77c6c85
)
Have scan-view guard against serving up pages outside the root directory.
author
Ted Kremenek
<kremenek@apple.com>
Fri, 12 Oct 2012 19:16:31 +0000
(19:16 +0000)
committer
Ted Kremenek
<kremenek@apple.com>
Fri, 12 Oct 2012 19:16:31 +0000
(19:16 +0000)
llvm-svn: 165815
clang/tools/scan-view/ScanView.py
patch
|
blob
|
history
diff --git
a/clang/tools/scan-view/ScanView.py
b/clang/tools/scan-view/ScanView.py
index
c6dddba
..
3e03f1a
100644
(file)
--- a/
clang/tools/scan-view/ScanView.py
+++ b/
clang/tools/scan-view/ScanView.py
@@
-707,6
+707,11
@@
File Bug</h3>
return None
def send_path(self, path):
+ # If the requested path is outside the root directory, do not open it
+ rel = os.path.relpath(path, self.server.root)
+ if rel.startswith(os.pardir + os.sep):
+ return self.send_404()
+
ctype = self.guess_type(path)
if ctype.startswith('text/'):
# Patch file instead