diff options
| author | lukasepple <git@lukasepple.de> | 2016-01-03 21:33:45 +0100 |
|---|---|---|
| committer | lukasepple <git@lukasepple.de> | 2016-01-03 21:33:45 +0100 |
| commit | f24cf489b9d03955710ba61615bd447e3e6a1f12 (patch) | |
| tree | 764069780ed129fc9992b736b59fe7af12520498 | |
| parent | cf715d911d8ce17969a7926dea651e930c27e71a (diff) | |
Fix misdetection of lfi attacks
| -rw-r--r-- | main.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/main.c b/main.c index eab22ce..ca3ec9e 100644 --- a/main.c +++ b/main.c @@ -188,8 +188,8 @@ void blog_index(void) { } void blog_post(char post_path[]) { - if(strlen(post_path) != 0 || post_path[0] == '.' - || strchr(post_path, '/') == NULL) { + if(strlen(post_path) != 0 && (post_path[0] == '.' + || strchr(post_path, '/') == NULL)) { send_header("Content-type", "text/plain"); terminate_headers(); printf("No, my dear h4xxx0r :)\nYou won\'t do that :p\n"); |