For -WWW, fix test for ".." directory references (and avoid warning for

index -1).

apps/s_server.c

@@ -1423,20 +1423,34 @@ static int www_body(char *hostname, int s, unsigned char *context)
 			{
 			BIO *file;
 			char *p,*e;
-			static char *text="HTTP/1.0 200 ok\r\n"
+			static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
-                                "Content-type: text/plain\r\n\r\n";
 
 			/* skip the '/' */
 			p= &(buf[5]);
-			dot=0;
+
+			dot = 1;
 			for (e=p; *e != '\0'; e++)
 				{
-				if (e[0] == ' ') break;
+				if (e[0] == ' ')
-				if (	(e[0] == '.') &&
+					break;
-					(strncmp(&(e[-1]),"/../",4) == 0))
+
-					dot=1;
+				switch (dot)
+					{
+				case 0:
+					dot = (e[0] == '/') ? 1 : 0;
+					break;
+				case 1:
+					dot = (e[0] == '.') ? 2 : 0;
+					break;
+				case 2:
+					dot = (e[0] == '.') ? 3 : 0;
+					break;
+				case 3:
+					dot = (e[0] == '/') ? -1 : 0;
+					break;
+					}
 				}
-			
+			dot = (dot == 3) || (dot == -1); /* filename contains ".." component */
 
 			if (*e == '\0')
 				{