Fix arbitrary read from file system

If you pass path like `example.com//etc/passwd`, server will respond with contents of `/etc/passwd` file Signed-off-by: Alexey Yerin <yerinalexey98fd@gmail.com>
4 years ago · 14763d6391
1 changed files with 9 additions and 1 deletions
--- a/src/gemini.rs
+++ b/src/gemini.rs
@ -14,13 +14,21 @@ impl GeminiRequest {
        Ok(gemini_request)
    }

-    pub fn file_path(&self) -> Option<&str> {
+    fn unsafe_file_path(&self) -> Option<&str> {
        self.path
            .path()
            .chars()
            .next()
            .map(|c| &self.path.path()[c.len_utf8()..])
    }
+
+    pub fn file_path(&self) -> Option<&str> {
+        match self.unsafe_file_path() {
+            Some(path) if path.contains("..") || path.starts_with("/") => None,
+            Some(path) => Some(path),
+            None => None,
+        }
+    }
 }

 fn parse_path(req: &str) -> Option<&str> {