Package: amule-daemon
Version: 2.1.3-2
Severity: grave
Amuleweb does not check if a requested image actually exists. This
means requests like http://localhost:4711/xyzzy.png (but only if the
user is logged in) crash the webserver due to a NULL pointer
dereference.
Fix attached.
--
Jindrich Makovicka
--- WebServer.cpp.orig 2006-04-14 07:38:51.000000000 +0200
+++ WebServer.cpp 2007-05-20 20:23:51.000000000 +0200
@@ -303,6 +303,12 @@
// To prevent access to non-template images, we disallow use of paths in filenames.
wxString imgName = wxFileName::GetPathSeparator() + wxFileName(Data.sURL).GetFullName();
CAnyImage *img = m_ImageLib.GetImage(imgName);
+
+ if (!img) {
+ webInterface->DebugShow(wxT("**** imgrequest: failed, not found\n"));
+ ProcessURL(Data);
+ return;
+ }
// Only static images are available to visitors, in order to prevent
// information leakage, but still allowing images on the login page.
