Issue #26657: Fix Windows directory traversal vulnerability with http.server

Based on patch by Philipp Hagemeister. This fixes a regression caused by revision f4377699fd47.
author: Martin Panter <vadmium+py@gmail.com> 2016-04-18 03:45:18 (GMT)
committer: Martin Panter <vadmium+py@gmail.com> 2016-04-18 03:45:18 (GMT)
commit: d274b3f1f1e2d8811733fb952c9f18d7da3a376a (patch)
tree: 891261fc059068092ffa9e906c2a85c78f559520 /Lib/http
parent: 6aafbd433dbca6c11f41f1fc55d4304d2d98d6f5 (diff)
download: cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.zip
cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.tar.gz
cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.tar.bz2
1 files changed, 3 insertions, 3 deletions
diff --git a/Lib/http/server.py b/Lib/http/server.py
index fac4d9d..3bd1f7a 100644
--- a/Lib/http/server.py
+++ b/Lib/http/server.py
@@ -774,9 +774,9 @@ class SimpleHTTPRequestHandler(BaseHTTPRequestHandler):
         words = filter(None, words)
         path = os.getcwd()
         for word in words:
-            drive, word = os.path.splitdrive(word)
-            head, word = os.path.split(word)
-            if word in (os.curdir, os.pardir): continue
+            if os.path.dirname(word) or word in (os.curdir, os.pardir):
+                # Ignore components that are not a simple file/directory name
+                continue
             path = os.path.join(path, word)
         if trailing_slash:
             path += '/'
author	Martin Panter <vadmium+py@gmail.com>	2016-04-18 03:45:18 (GMT)
committer	Martin Panter <vadmium+py@gmail.com>	2016-04-18 03:45:18 (GMT)
commit	d274b3f1f1e2d8811733fb952c9f18d7da3a376a (patch)
tree	891261fc059068092ffa9e906c2a85c78f559520 /Lib/http
parent	6aafbd433dbca6c11f41f1fc55d4304d2d98d6f5 (diff)
download	cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.zip cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.tar.gz cpython-d274b3f1f1e2d8811733fb952c9f18d7da3a376a.tar.bz2