--- libaitwww/src/tools.c	2012/08/06 11:08:08	1.3.2.1
+++ libaitwww/src/tools.c	2012/08/06 11:26:23	1.3.2.2
@@ -3,7 +3,7 @@
 *  by Michael Pounov <misho@elwix.org>
 *
 * $Author: misho $
-* $Id: tools.c,v 1.3.2.1 2012/08/06 11:08:08 misho Exp $
+* $Id: tools.c,v 1.3.2.2 2012/08/06 11:26:23 misho Exp $
 *
 **************************************************************************
 The ELWIX and AITNET software is distributed under the following
@@ -183,16 +183,17 @@ www_unescape(char * __restrict str)
  * www_undot() - Undotted and clean WWW query filename
  *
  * @fname = query filename
- * return: none
+ * @fnlen = filename length
+ * return: -1 error, 0 not valid filename or >0 validated filename length
  */
-void
-www_undot(const char * __restrict fname)
+int
+www_undot(const char * __restrict fname, int fnlen)
 {
 	char *s, *s2;
 	int l;
 
-	if (!fname)
-		return;
+	if (!fname || !fnlen)
+		return -1;
 
 	/* collapse / sequences */
 	if ((s = strstr(fname, "//"))) {
@@ -225,4 +226,15 @@ www_undot(const char * __restrict fname)
 			break;
 		*s2 = 0;
 	}
+
+	/* if filename is empry add current dir */
+	if (!*fname)
+		strlcpy((char*) fname, "./", fnlen);
+
+	/* check for valid filename */
+	if (*fname == '/' || (fname[0] == '.' && fname[1] == '.' && 
+				(!fname[2] || fname[2] == '/')))
+		return 0;
+
+	return strlen(fname);
 }