this time *really* fix the /../ check ...

this time really fix the /../ check ...
b10ae320 · Bodo Möller · 5d3ab9b0 · b10ae320
隐藏空白更改
内联并排

Showing with 2 addition and 3 deletion

apps/s_server.c apps/s_server.c +2 -3

未找到文件。
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1436,9 +1436,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
 				switch (dot)
 					{
-				case 0:
-					dot = (e[0] == '/') ? 1 : 0;
-					break;
 				case 1:
 					dot = (e[0] == '.') ? 2 : 0;
 					break;
@@ -1449,6 +1446,8 @@ static int www_body(char *hostname, int s, unsigned char *context)
 					dot = (e[0] == '/') ? -1 : 0;
 					break;
 					}
+				if (dot == 0)
+					dot = (e[0] == '/') ? 1 : 0;
 				}
 			dot = (dot == 3) || (dot == -1); /* filename contains ".." component */