From 5e2170a69124218edd11f6b273b5a0dc02b7c7e7 Mon Sep 17 00:00:00 2001
From: uriel <uriel@vm41.cat-v.org>
Date: Sat, 6 Jun 2009 16:20:02 +0200
Subject: [PATCH] Move shared .tpl files to tpl/ from lib/, this fixes a DoS
 vulneravility where master_template.tpl could be accessed as a standalone
 .tpl file that recursively called itself.

---
 bin/corehandlers.rc           | 2 +-
 {lib => tpl}/_debug.tpl       | 0
 {lib => tpl}/_users/login.tpl | 0
 {lib => tpl}/sitemap.tpl      | 0
 4 files changed, 1 insertion(+), 1 deletion(-)
 rename {lib => tpl}/_debug.tpl (100%)
 rename {lib => tpl}/_users/login.tpl (100%)
 rename {lib => tpl}/sitemap.tpl (100%)

diff --git a/bin/corehandlers.rc b/bin/corehandlers.rc
index 4deeaec..091d40e 100644
--- a/bin/corehandlers.rc
+++ b/bin/corehandlers.rc
@@ -92,7 +92,7 @@ fn setup_handlers {
     if not if(test -f $local_path.html)
         handler_body_main=(html_handler $local_path.html)
     # Global tpl (eg sitemap.tpl), should take precedence over txt handler!
-    if not if(test -f lib^$req_path^.tpl)
+    if not if(test -f tpl^$req_path^.tpl)
         handler_body_main=(tpl_handler lib^$req_path^.tpl)
     if not if(test -f $local_path.txt)
         handler_body_main=(txt_handler $local_path.txt)
diff --git a/lib/_debug.tpl b/tpl/_debug.tpl
similarity index 100%
rename from lib/_debug.tpl
rename to tpl/_debug.tpl
diff --git a/lib/_users/login.tpl b/tpl/_users/login.tpl
similarity index 100%
rename from lib/_users/login.tpl
rename to tpl/_users/login.tpl
diff --git a/lib/sitemap.tpl b/tpl/sitemap.tpl
similarity index 100%
rename from lib/sitemap.tpl
rename to tpl/sitemap.tpl