From ce173bd3d1c66f937a958419a2c82786404e0d2e Mon Sep 17 00:00:00 2001
From: cflip <cflip@cflip.net>
Date: Tue, 20 Sep 2022 11:08:11 -0600
Subject: Validate CGI script paths before starting up the server

This still doesn't throw up an error when attepting to run scripts
without the leading './', but it's a start
---
 src/main.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/main.cpp')

diff --git a/src/main.cpp b/src/main.cpp
index 89a8139..ee7c673 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -3,6 +3,7 @@
 #include <filesystem>
 #include <fstream>
 #include <iostream>
+#include <sstream>
 
 #include "CGIScript.h"
 #include "ClientConnection.h"
@@ -115,6 +116,11 @@ int main(int argc, char** argv)
 		}
 	}
 
+	// Check the script path to ensure that it is a valid executable
+	// script before attempting to start the server.
+	if (in_cgi_mode)
+		CGIScript::validate_path(cgi_program_name);
+
 	ServerConnection server(port);
 	std::cout << "Serving a " << (in_cgi_mode ? "CGI script" : "directory") << " on port " << port << std::endl;
 
-- 
cgit v1.2.3