diff options
| author | John Christopher Anderson <jchris@apache.org> | 2010-07-19 22:59:53 +0000 |
|---|---|---|
| committer | John Christopher Anderson <jchris@apache.org> | 2010-07-19 22:59:53 +0000 |
| commit | 2f25ac7fb8fc46a45ec0e3e746a6104becff6ce6 (patch) | |
| tree | 3bc0b7cd2a0aba0341f1771f250a75e456b1370f /src/couchdb/couch_httpd_stats_handlers.erl | |
| parent | 74161c6207ea150b79dc16a4e84a432a8d8af44e (diff) | |
remove unguarded atom creation to prevent DOS attacks. closes COUCHDB-829
git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.0.x@965673 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'src/couchdb/couch_httpd_stats_handlers.erl')
| -rw-r--r-- | src/couchdb/couch_httpd_stats_handlers.erl | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/couchdb/couch_httpd_stats_handlers.erl b/src/couchdb/couch_httpd_stats_handlers.erl index 26c8891d..41aeaed0 100644 --- a/src/couchdb/couch_httpd_stats_handlers.erl +++ b/src/couchdb/couch_httpd_stats_handlers.erl @@ -29,7 +29,8 @@ handle_stats_req(#httpd{method='GET', path_parts=[_, _Mod]}) -> handle_stats_req(#httpd{method='GET', path_parts=[_, Mod, Key]}=Req) -> flush(Req), - Stats = couch_stats_aggregator:get_json({?b2a(Mod), ?b2a(Key)}, range(Req)), + Stats = couch_stats_aggregator:get_json({list_to_atom(binary_to_list(Mod)), + list_to_atom(binary_to_list(Key))}, range(Req)), send_json(Req, {[{Mod, {[{Key, Stats}]}}]}); handle_stats_req(#httpd{method='GET', path_parts=[_, _Mod, _Key | _Extra]}) -> |