David Cohen pointed out that RFC2109 says clients should allow cookies to

contain least 4096 bytes while libcurl only allowed 2047. I raised the limit to 4999 now and made the used buffer get malloc()ed instead of simply allocated on stack as before.
author: Daniel Stenberg <daniel@haxx.se> 2004-06-22 21:15:51 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2004-06-22 21:15:51 +0000
commit: 35558e6bd7b7ee699a5701c970c5721e99d8023c (patch)
tree: f3925c50c601d9a84c984383c4d61b5cdcf1284a /lib/cookie.c
parent: 7659747e6f814bdc8edf4b5dbb6765b7a25ef0cb (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/cookie.c b/lib/cookie.c
index d31bcd114..66309d767 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -149,7 +149,7 @@ Curl_cookie_add(struct SessionHandle *data,
                                     unless set */
 {
   struct Cookie *clist;
-  char what[MAX_COOKIE_LINE];
+  char *what;
   char name[MAX_NAME];
   char *ptr;
   char *semiptr;
@@ -167,6 +167,13 @@ Curl_cookie_add(struct SessionHandle *data,
   if(httpheader) {
     /* This line was read off a HTTP-header */
     char *sep;
+
+    what = malloc(MAX_COOKIE_LINE);
+    if(!what) {
+      free(co);
+      return NULL;
+    }
+
     semiptr=strchr(lineptr, ';'); /* first, find a semicolon */
 
     while(*lineptr && isspace((int)*lineptr))
@@ -387,6 +394,8 @@ Curl_cookie_add(struct SessionHandle *data,
       }
     }
 
+    free(what);
+
     if(badcookie || !co->name) {
       /* we didn't get a cookie name or a bad one,
          this is an illegal line, bail out */
author	Daniel Stenberg <daniel@haxx.se>	2004-06-22 21:15:51 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2004-06-22 21:15:51 +0000
commit	35558e6bd7b7ee699a5701c970c5721e99d8023c (patch)
tree	f3925c50c601d9a84c984383c4d61b5cdcf1284a /lib/cookie.c
parent	7659747e6f814bdc8edf4b5dbb6765b7a25ef0cb (diff)