client: fix invalid data access through invalid content-length values

[project/uhttpd.git] / cgi.c

diff --git a/cgi.c b/cgi.c
index dc302a9acf32c28d3869ca63176ff418dcd7880c..13a0bc480b633cbfdd2f10565595a2a33dd2367c 100644 (file)
--- a/cgi.c
+++ b/cgi.c
@@ -67,11 +67,18 @@ static void cgi_main(struct client *cl, struct path_info *pi, char *url)
 static void cgi_handle_request(struct client *cl, char *url, struct path_info *pi)
 {
        unsigned int mode = S_IFREG | S_IXOTH;
+       char *escaped_url;
 
        if (!pi->ip && !((pi->stat.st_mode & mode) == mode)) {
+               escaped_url = uh_htmlescape(url);
+
                uh_client_error(cl, 403, "Forbidden",
                                "You don't have permission to access %s on this server.",
-                               url);
+                               escaped_url ? escaped_url : "the url");
+
+               if (escaped_url)
+                       free(escaped_url);
+
                return;
        }
 
@@ -104,7 +111,11 @@ static bool check_cgi_path(struct path_info *pi, const char *url)
        }
 
        pi->ip = NULL;
-       return uh_path_match(conf.cgi_docroot_path, pi->phys);
+
+       if (conf.cgi_docroot_path)
+               return uh_path_match(conf.cgi_docroot_path, pi->phys);
+
+       return false;
 }
 
 struct dispatch_handler cgi_dispatch = {