luci-base: don't propagate null bytes in path information

author Jo-Philipp Wich <jo@mein.io>

Tue, 10 Apr 2018 09:38:29 +0000 (11:38 +0200)

committer Jo-Philipp Wich <jo@mein.io>

Tue, 10 Apr 2018 09:41:32 +0000 (11:41 +0200)
author Jo-Philipp Wich <jo@mein.io>
Tue, 10 Apr 2018 09:38:29 +0000 (11:38 +0200)
committer Jo-Philipp Wich <jo@mein.io>
Tue, 10 Apr 2018 09:41:32 +0000 (11:41 +0200)
diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua

index 91b86679fd739bc5ba67deb47258a9c46c09d0c5..fc497ca9f34f548dfa15e5515b88674f1325ffe0 100644 (file)
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -113,7 +113,8 @@ function httpdispatch(request, prefix)
                 end
         end
  
-       for node in pathinfo:gmatch("[^/]+") do
+       local node
+       for node in pathinfo:gmatch("[^/%z]+") do
                 r[#r+1] = node
         end
author	Jo-Philipp Wich <jo@mein.io>
	Tue, 10 Apr 2018 09:38:29 +0000 (11:38 +0200)
committer	Jo-Philipp Wich <jo@mein.io>
	Tue, 10 Apr 2018 09:41:32 +0000 (11:41 +0200)