From ce173bd3d1c66f937a958419a2c82786404e0d2e Mon Sep 17 00:00:00 2001
From: cflip <cflip@cflip.net>
Date: Tue, 20 Sep 2022 11:08:11 -0600
Subject: Validate CGI script paths before starting up the server

This still doesn't throw up an error when attepting to run scripts
without the leading './', but it's a start
---
 src/CGIScript.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'src/CGIScript.cpp')

diff --git a/src/CGIScript.cpp b/src/CGIScript.cpp
index 8731023..3ef1f3f 100644
--- a/src/CGIScript.cpp
+++ b/src/CGIScript.cpp
@@ -1,8 +1,11 @@
 #include "CGIScript.h"
 
 #include <cstdlib>
+#include <filesystem>
+#include <iostream>
 #include <sstream>
 #include <string>
+#include <unistd.h>
 
 CGIScript::CGIScript(const std::string& script_path)
 	: m_script_path(script_path)
@@ -49,3 +52,18 @@ std::string CGIScript::read_output()
 
 	return sstream.str();
 }
+
+void CGIScript::validate_path(const std::string& script_path)
+{
+	namespace fs = std::filesystem;
+
+	if (!fs::exists(script_path)) {
+		std::cerr << "cfws: Script not found: " << script_path << std::endl;
+		exit(1);
+	}
+
+	if (access(script_path.c_str(), X_OK)) {
+		std::cerr << "cfws: Script does not have execute permissions: " << script_path << std::endl;
+		exit(1);
+	}
+}
-- 
cgit v1.2.3