github-repos/wget
1
0
Fork 0
mirror of https://github.com/mirror/wget.git synced 2025-01-04 01:10:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Bypass world-writable checks on Windows

Browse Source 
* src/hsts.c (hsts_file_access_valid): we should check for "world-writable"
   files only on Unix-based systems. It's difficult to mimic the same behavior
   on Windows, so it's better to just not do it.

Reported-by: Gisle Vanem <gvanem@yahoo.no>
Reported-by: Eli Zaretskii <eliz@gnu.org>
This commit is contained in:
Ander Juaristi 2016-06-26 17:43:28 +02:00 committed by Tim Rühsen
parent 43359f47c4
commit cdc3e28d8e
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/hsts.c
View File

@ -348,7 +348,15 @@ hsts_file_access_valid (const char *filename)
if (stat (filename, &st) == -1)
return false;
return !(st.st_mode & S_IWOTH) && S_ISREG (st.st_mode);
return
#ifndef WINDOWS
/*
* The world-writable concept is a Unix-centric notion.
* We bypass this test on Windows.
*/
!(st.st_mode & S_IWOTH) &&
#endif
S_ISREG (st.st_mode);
}
/* HSTS API */