]> git.plutz.net Git - cgilite/blobdiff - session.sh
projects / cgilite / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Bugfix (security): fail session id check on undetermined condition
[cgilite] / session.sh
diff --git a/session.sh b/session.sh
index 5bf8fad83a8067d72d432a73fd2784568b8694f9..8ed8d8808e0655cc8b89c6ce7bb0df318b0b571f 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -62,9 +62,9 @@ update_session(){
   checksig="${checksig%% *}"
   d=$(date +%s)
   
-  if [ "$checksig" != "$sig" \
-    -o "$time" -lt "$d" \
-    -o ! "$(printf %s "$sid" |checkid)" ] 2>&-
+  if ! [ "$checksig" = "$sig" \
+    -a "$time" -ge "$d" \
+    -a "$(printf %s "$sid" |checkid)" ] 2>&-
   then
     debug Setting up new session
     sid="$(randomid)"
Very light weight framework for writing cgi using unix shell script. See https://plutz.net/software/cgilite/