Check file permissions even when we get full path over FastCGI

It's not a security issue (executing the file would fail, anyway) but it's a sensible sanity check.
author: Furkan Sahin <furkan-dev@proton.me> 2013-02-03 12:55:53 +0100
committer: Furkan Sahin <furkan-dev@proton.me> 2013-02-03 12:55:53 +0100
commit: 53be4228cb0025991db4f87eb0c721ea1122de8f (patch)
tree: e30d1668c5794d5334f858825072ef0b0d9f0960 /fcgiwrap.c
parent: 569c8d1ac263bf0c9d4cc6bad0a6fb0a10b4ddb1 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/fcgiwrap.c b/fcgiwrap.c
index aeccf3b..4ec75bc 100644
--- a/fcgiwrap.c
+++ b/fcgiwrap.c
@@ -388,6 +388,8 @@ static char *get_cgi_filename(void) /* and fixup environment */
 	char *pathinfo = NULL;
 
 	if ((p = getenv("SCRIPT_FILENAME"))) {
+		if (check_file_perms(p) != 0)
+			goto err;
 		return strdup(p);
 	}
author	Furkan Sahin <furkan-dev@proton.me>	2013-02-03 12:55:53 +0100
committer	Furkan Sahin <furkan-dev@proton.me>	2013-02-03 12:55:53 +0100
commit	53be4228cb0025991db4f87eb0c721ea1122de8f (patch)
tree	e30d1668c5794d5334f858825072ef0b0d9f0960 /fcgiwrap.c
parent	569c8d1ac263bf0c9d4cc6bad0a6fb0a10b4ddb1 (diff)