generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed crash on weird input, this also better discards silly input

Browse Source
This commit is contained in:
Daniel Stenberg 2002-02-26 13:07:53 +00:00
parent d9c244278d
commit a23a897ad2
1 changed files with 31 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
lib/cookie.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 2001, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2002, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* In order to be useful for every potential user, curl and libcurl are * In order to be useful for every potential user, curl and libcurl are
* dual-licensed under the MPL and the MIT/X-derivate licenses. * dual-licensed under the MPL and the MIT/X-derivate licenses.
@ -127,15 +127,21 @@ Curl_cookie_add(struct CookieInfo *c,
if(httpheader) { if(httpheader) {
/* This line was read off a HTTP-header */ /* This line was read off a HTTP-header */
char *sep;
semiptr=strchr(lineptr, ';'); /* first, find a semicolon */ semiptr=strchr(lineptr, ';'); /* first, find a semicolon */
ptr = lineptr; ptr = lineptr;
do { do {
/* we have a <what>=<this> pair or a 'secure' word here */ /* we have a <what>=<this> pair or a 'secure' word here */
if(strchr(ptr, '=')) { sep = strchr(ptr, '=');
if(sep && (!semiptr || (semiptr>sep)) ) {
/*
* There is a = sign and if there was a semicolon too, which make sure
* that the semicolon comes _after_ the equal sign.
*/
name[0]=what[0]=0; /* init the buffers */ name[0]=what[0]=0; /* init the buffers */
if(1 <= sscanf(ptr, "%" MAX_NAME_TXT "[^=]=%" if(1 <= sscanf(ptr, "%" MAX_NAME_TXT "[^;=]=%"
MAX_COOKIE_LINE_TXT "[^;\r\n]", MAX_COOKIE_LINE_TXT "[^;\r\n ]",
name, what)) { name, what)) {
/* this is a legal <what>=<this> pair */ /* this is a legal <what>=<this> pair */
if(strequal("path", name)) { if(strequal("path", name)) {
@ -187,8 +193,11 @@ Curl_cookie_add(struct CookieInfo *c,
} }
} }
if(!semiptr) if(!semiptr || !*semiptr) {
continue; /* we already know there are no more cookies */ /* we already know there are no more cookies */
semiptr = NULL;
continue;
}
ptr=semiptr+1; ptr=semiptr+1;
while(ptr && *ptr && isspace((int)*ptr)) while(ptr && *ptr && isspace((int)*ptr))
@ -198,9 +207,23 @@ Curl_cookie_add(struct CookieInfo *c,
if(!semiptr && *ptr) if(!semiptr && *ptr)
/* There are no more semicolons, but there's a final name=value pair /* There are no more semicolons, but there's a final name=value pair
coming up */ coming up */
semiptr=ptr; semiptr=strchr(ptr, '\0');
} while(semiptr); } while(semiptr);
if(NULL == co->name) {
/* we didn't get a cookie name, this is an illegal line, bail out */
if(co->domain)
free(co->domain);
if(co->path)
free(co->path);
if(co->name)
free(co->name);
if(co->value)
free(co->value);
free(co);
return NULL;
}
if(NULL == co->domain) if(NULL == co->domain)
/* no domain given in the header line, set the default now */ /* no domain given in the header line, set the default now */
co->domain=domain?strdup(domain):NULL; co->domain=domain?strdup(domain):NULL;