fix: path traversal and cookie buffer issuesHEAD master

author: frosty <gabriel@bwaaa.monster> 2026-03-10 01:30:21 -0400
committer: frosty <gabriel@bwaaa.monster> 2026-03-10 01:30:21 -0400
commit: 71e17cb15bdddf1a2c8e209446b4e353be246ddd (patch)
tree: 08042be13e3b50130a152a5a11c783c111a71a19 /src/routing.c
parent: 2f305c8f9c5c9ae28e839500ffa1854948c56928 (diff)
download: beaker-71e17cb15bdddf1a2c8e209446b4e353be246ddd.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/src/routing.c b/src/routing.c
index 98bb531..d5d3969 100644
--- a/src/routing.c
+++ b/src/routing.c
@@ -256,7 +256,14 @@ char *parse_request_url(const char *request_line, UrlParams *params) {
 bool serve_static_file_with_mime(const char *request_path_relative_to_static, const char *mime_type) {
   char full_static_path[MAX_PATH_LEN];
 
-  if (strstr(request_path_relative_to_static, "..") != NULL) {
+  if (request_path_relative_to_static == NULL || strlen(request_path_relative_to_static) == 0) {
+    fprintf(stderr, "[ERROR] serve_static_file_with_mime: Empty path provided\n");
+    return false;
+  }
+
+  if (strstr(request_path_relative_to_static, "..") != NULL ||
+      strstr(request_path_relative_to_static, "//") != NULL ||
+      request_path_relative_to_static[0] == '/') {
     fprintf(stderr, "[SECURITY] Attempted directory traversal: %s\n",
             request_path_relative_to_static);
     const char *forbidden_response =
author	frosty <gabriel@bwaaa.monster>	2026-03-10 01:30:21 -0400
committer	frosty <gabriel@bwaaa.monster>	2026-03-10 01:30:21 -0400
commit	71e17cb15bdddf1a2c8e209446b4e353be246ddd (patch)
tree	08042be13e3b50130a152a5a11c783c111a71a19 /src/routing.c
parent	2f305c8f9c5c9ae28e839500ffa1854948c56928 (diff)
download	beaker-71e17cb15bdddf1a2c8e209446b4e353be246ddd.tar.gz