From 524bdb0dd6acdd2b0e85e17df5256c1ddfd6b0fe Mon Sep 17 00:00:00 2001
From: shokara <shokara@8f5ca974-a7f8-e144-9f80-d41d5039c194>
Date: Thu, 23 Dec 2021 19:15:29 +0000
Subject: [PATCH] do not allow .. in selector

git-svn-id: file:///srv/svn/repo/tokiko/trunk@7 8f5ca974-a7f8-e144-9f80-d41d5039c194
---
 main.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 5e982dd..48284e4 100644
--- a/main.go
+++ b/main.go
@@ -96,6 +96,8 @@ func connHandle(c net.Conn) {
 
 	if selector == "" {
 		printGophermap(c, "./")
+	} else if strings.Contains(selector, "..") {
+		writeError(c, "Selector contains ..")
 	} else if selector[0] == '/' {
 		info, err := os.Stat(selector[1:])
 		if err != nil {
@@ -112,7 +114,7 @@ func connHandle(c net.Conn) {
 			printFile(c, selector[1:])
 		}
 	} else {
-		writeError(c, "Selector doesn't start with a / or it contains a ..")
+		writeError(c, "Selector doesn't start with a /")
 	}
 
 	c.Close()