From b7439093ff5985855f461e99f10827c21e22af8d Mon Sep 17 00:00:00 2001
From: xingdai <davi315@gmail.com>
Date: Thu, 29 Oct 2015 01:26:12 +0800
Subject: [PATCH] fix upload file-suffix bug

---
 init.lua | 2 +-
 waf.lua  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/init.lua b/init.lua
index eb44bf0..de7fdbe 100644
--- a/init.lua
+++ b/init.lua
@@ -93,7 +93,7 @@ function fileExtCheck(ext)
     local items = Set(black_fileExt)
     ext=string.lower(ext)
     if ext then
-        for rule in pairs(items) do
+        for rule,_ in pairs(items) do
             if ngx.re.match(ext,rule,"isjo") then
 	        log('POST',ngx.var.request_uri,"-","file attack with ext "..ext)
             say_html()
diff --git a/waf.lua b/waf.lua
index 257bb84..8fc467a 100644
--- a/waf.lua
+++ b/waf.lua
@@ -42,7 +42,7 @@ elseif PostCheck then
 	   	        return true
     	    	end
 		size = size + len(data)
-		local m = ngxmatch(data,[[Content-Disposition: form-data;(.+)filename="(.+)\\.(.*)"]],'ijo')
+		local m = ngxmatch(data,[[Content-Disposition: form-data;(.+)filename="(.+)\.(.*)"]],'ijo')
         	if m then
             		fileExtCheck(m[3])
             		filetranslate = true