FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability

[Dag-Erling Smørgrav]

Eygene Ryabinkin <rea-fbsd at codelabs.ru> writes:
> "Dag-Erling Smørgrav" <des at des.no> writes:
> > (don't be fooled by the comment on line 270;
> > the code inside the if statement is for the *non*-symlink case).
> Me sees this on the line 226, but may be I hadn't updated my 7.x.

I was working on head.  The code is (mostly) the same, just shifted
somewhere between ~50 and ~90 lines depending on where you look.  Your
patch should apply cleanly.

BTW, you made a lot of whitespace changes in namei.h.  This is generally
frowned upon, as it makes the functional change almost impossible to
spot in the diff.

> And yes, I know what was meant by '(cnp->cn_flags & ISSYMLINK) == 0'
> ;))

I know you know :)  I was just pointing out that the comment is
misleading.

DES
-- 
Dag-Erling Smørgrav - des at des.no