diff --git a/dist/ansis/bulletin1.ans b/dist/ansis/bulletin1.ans index f286cb5..84a8e84 100644 Binary files a/dist/ansis/bulletin1.ans and b/dist/ansis/bulletin1.ans differ diff --git a/src/www.c b/src/www.c index 18d65d6..db36156 100644 --- a/src/www.c +++ b/src/www.c @@ -888,63 +888,67 @@ int www_handler(void * cls, struct MHD_Connection * connection, const char * url free(url_copy); if (file_dir != -1 && file_sub != -1 && filen == NULL) { - if (conf.file_directories[file_dir]->display_on_web) { - page = www_files_display_listing(file_dir, file_sub); + if (file_dir >= 0 && file_dir < conf.file_directory_count && file_sub >= 0 && file_sub < conf.file_directories[file_dir]->file_sub_count) { + if (conf.file_directories[file_dir]->display_on_web) { + page = www_files_display_listing(file_dir, file_sub); + } } } else if (file_dir != -1 && file_sub != -1 && filen != NULL) { - if (conf.file_directories[file_dir]->display_on_web) { - // send file - filename = www_files_get_from_area(file_dir, file_sub, filen); - mime = NULL; - // get mimetype - for (i=strlen(filename);i>0;--i) { - if (filename[i] == '.') { - mime = www_get_mime_type(&filename[i+1]); - break; - } - if (filename[i] == '/') { - mime = www_get_mime_type(NULL); - break; - } - } - - if (mime = NULL) { - mime = www_get_mime_type(NULL); - } - free(filen); - if (filename != NULL) { - if (stat(filename, &s) == 0 && S_ISREG(s.st_mode)) { - fno = open(filename, O_RDONLY); - if (fno != -1) { - - - response = MHD_create_response_from_fd(s.st_size, fno); - MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mime); - sprintf(buffer, "%ld", s.st_size); - MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_LENGTH, buffer); - - snprintf(buffer, PATH_MAX, "attachment; filename=\"%s\"", basename(filename)); - MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_DISPOSITION, buffer); - ret = MHD_queue_response (connection, MHD_HTTP_OK, response); - MHD_destroy_response (response); - free(header); - free(footer); - free(filename); - return ret; + if (file_dir >= 0 && file_dir < conf.file_directory_count && file_sub >= 0 && file_sub < conf.file_directories[file_dir]->file_sub_count) { + if (conf.file_directories[file_dir]->display_on_web) { + // send file + filename = www_files_get_from_area(file_dir, file_sub, filen); + mime = NULL; + // get mimetype + for (i=strlen(filename);i>0;--i) { + if (filename[i] == '.') { + mime = www_get_mime_type(&filename[i+1]); + break; + } + if (filename[i] == '/') { + mime = www_get_mime_type(NULL); + break; } } - free(filename); - } - if (www_404(header, footer, connection) != 0) { + + if (mime = NULL) { + mime = www_get_mime_type(NULL); + } + free(filen); + if (filename != NULL) { + if (stat(filename, &s) == 0 && S_ISREG(s.st_mode)) { + fno = open(filename, O_RDONLY); + if (fno != -1) { + + + response = MHD_create_response_from_fd(s.st_size, fno); + MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_TYPE, mime); + sprintf(buffer, "%ld", s.st_size); + MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_LENGTH, buffer); + + snprintf(buffer, PATH_MAX, "attachment; filename=\"%s\"", basename(filename)); + MHD_add_response_header(response, MHD_HTTP_HEADER_CONTENT_DISPOSITION, buffer); + ret = MHD_queue_response (connection, MHD_HTTP_OK, response); + MHD_destroy_response (response); + free(header); + free(footer); + free(filename); + return ret; + } + } + free(filename); + } + if (www_404(header, footer, connection) != 0) { + free(header); + free(footer); + return MHD_NO; + } free(header); free(footer); - return MHD_NO; + return MHD_YES; } - free(header); - free(footer); - return MHD_YES; + free(filen); } - free(filen); } if (page == NULL) { if (www_403(header, footer, connection) != 0) {