diff options
Diffstat (limited to 'data.c')
| -rw-r--r-- | data.c | 13 |
1 files changed, 12 insertions, 1 deletions
| @@ -340,6 +340,12 @@ double f_ctime(const char *fn) | |||
| 340 | } | 340 | } |
| 341 | 341 | ||
| 342 | 342 | ||
| 343 | int is_md5_hex(const char *md5) | ||
| 344 | { | ||
| 345 | return xs_is_hex(md5) && strlen(md5) == 32; | ||
| 346 | } | ||
| 347 | |||
| 348 | |||
| 343 | /** database 2.1+ **/ | 349 | /** database 2.1+ **/ |
| 344 | 350 | ||
| 345 | /** indexes **/ | 351 | /** indexes **/ |
| @@ -351,6 +357,11 @@ int index_add_md5(const char *fn, const char *md5) | |||
| 351 | int status = 201; /* Created */ | 357 | int status = 201; /* Created */ |
| 352 | FILE *f; | 358 | FILE *f; |
| 353 | 359 | ||
| 360 | if (!is_md5_hex(md5)) { | ||
| 361 | srv_log(xs_fmt("index_add_md5: bad md5 %s %s", fn, md5)); | ||
| 362 | return 400; | ||
| 363 | } | ||
| 364 | |||
| 354 | pthread_mutex_lock(&data_mutex); | 365 | pthread_mutex_lock(&data_mutex); |
| 355 | 366 | ||
| 356 | if ((f = fopen(fn, "a")) != NULL) { | 367 | if ((f = fopen(fn, "a")) != NULL) { |
| @@ -606,7 +617,7 @@ static xs_str *_object_fn_by_md5(const char *md5, const char *func) | |||
| 606 | if (md5[0] == '-') | 617 | if (md5[0] == '-') |
| 607 | ok = 0; | 618 | ok = 0; |
| 608 | else | 619 | else |
| 609 | if (!xs_is_hex(md5) || strlen(md5) != 32) { | 620 | if (!is_md5_hex(md5)) { |
| 610 | srv_log(xs_fmt("_object_fn_by_md5() [from %s()]: bad md5 '%s'", func, md5)); | 621 | srv_log(xs_fmt("_object_fn_by_md5() [from %s()]: bad md5 '%s'", func, md5)); |
| 611 | ok = 0; | 622 | ok = 0; |
| 612 | } | 623 | } |