commit e17642a7bb0f182c3c6a26c27681d49ca9dce8dc
from: Omar Polo <op@omarpolo.com>
date: Mon Feb 01 11:08:57 2021 UTC

require absolute paths in config file

commit - bcf5d929e608a3c61a79f5c021478760db54d271
commit + e17642a7bb0f182c3c6a26c27681d49ca9dce8dc
blob - de97bfadfec8f597f3906d3f107e3960502d092e
blob + 6b290d9b376d3000fa60f4bce5d5987700cd38a8
--- ChangeLog
+++ ChangeLog
@@ -1,3 +1,7 @@
+2021-02-01  Omar Polo  <op@omarpolo.com>
+
+	* parse.y (servopt): require absolute paths in config file
+
 2021-01-31  Omar Polo  <op@omarpolo.com>
 
 	* gmid.c (main): cgi scripts now have only std{in,out,err} open
blob - e5a107d55b5c3526eeaccb715875e402a94a9ffa
blob + 7123035d79de816a83aeff8633388952bc2dc177
--- parse.y
+++ parse.y
@@ -40,6 +40,7 @@ const char *config_path;
 void		 yyerror(const char*);
 int		 parse_portno(const char*);
 void		 parse_conf(const char*);
+char		*ensure_absolute_path(char*);
 
 %}
 
@@ -111,9 +112,9 @@ servopts	: /* empty */
 		| servopts servopt
 		;
 
-servopt		: TCERT TSTRING		{ host->cert = $2; }
-		| TKEY TSTRING		{ host->key = $2; }
-		| TROOT TSTRING		{ host->dir = $2; }
+servopt		: TCERT TSTRING		{ host->cert = ensure_absolute_path($2); }
+		| TKEY TSTRING		{ host->key  = ensure_absolute_path($2); }
+		| TROOT TSTRING		{ host->dir  = ensure_absolute_path($2); }
 		| TCGI TSTRING		{
 			host->cgi = $2;
 			/* drop the starting '/', if any */
@@ -191,3 +192,11 @@ parse_conf(const char *path)
 	if (goterror)
 		exit(1);
 }
+
+char *
+ensure_absolute_path(char *path)
+{
+	if (path == NULL || *path != '/')
+		yyerror("not an absolute path");
+	return path;
+}