diff options
-rw-r--r-- | lib/cookie.c | 11 | ||||
-rw-r--r-- | lib/cookie.h | 31 |
2 files changed, 29 insertions, 13 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index d31bcd114..66309d767 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -149,7 +149,7 @@ Curl_cookie_add(struct SessionHandle *data, unless set */ { struct Cookie *clist; - char what[MAX_COOKIE_LINE]; + char *what; char name[MAX_NAME]; char *ptr; char *semiptr; @@ -167,6 +167,13 @@ Curl_cookie_add(struct SessionHandle *data, if(httpheader) { /* This line was read off a HTTP-header */ char *sep; + + what = malloc(MAX_COOKIE_LINE); + if(!what) { + free(co); + return NULL; + } + semiptr=strchr(lineptr, ';'); /* first, find a semicolon */ while(*lineptr && isspace((int)*lineptr)) @@ -387,6 +394,8 @@ Curl_cookie_add(struct SessionHandle *data, } } + free(what); + if(badcookie || !co->name) { /* we didn't get a cookie name or a bad one, this is an illegal line, bail out */ diff --git a/lib/cookie.h b/lib/cookie.h index af078d9d0..48b9d20fa 100644 --- a/lib/cookie.h +++ b/lib/cookie.h @@ -1,10 +1,10 @@ #ifndef __COOKIE_H #define __COOKIE_H /*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al. @@ -12,7 +12,7 @@ * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. - * + * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. @@ -41,11 +41,11 @@ struct Cookie { long expires; /* expires = <this> */ char *expirestr; /* the plain text version */ bool tailmatch; /* weather we do tail-matchning of the domain name */ - + /* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */ char *version; /* Version = <value> */ char *maxage; /* Max-Age = <value> */ - + bool secure; /* whether the 'secure' keyword was used */ bool livecookie; /* updated from a server, not a stored file */ }; @@ -60,13 +60,20 @@ struct CookieInfo { bool newsession; /* new session, discard session cookies on load */ }; -/* This is the maximum line length we accept for a cookie line */ -#define MAX_COOKIE_LINE 2048 -#define MAX_COOKIE_LINE_TXT "2047" +/* This is the maximum line length we accept for a cookie line. RFC 2109 + section 6.3 says: + + "at least 4096 bytes per cookie (as measured by the size of the characters + that comprise the cookie non-terminal in the syntax description of the + Set-Cookie header)" + +*/ +#define MAX_COOKIE_LINE 5000 +#define MAX_COOKIE_LINE_TXT "4999" /* This is the maximum length of a cookie name we deal with: */ -#define MAX_NAME 256 -#define MAX_NAME_TXT "255" +#define MAX_NAME 1024 +#define MAX_NAME_TXT "1023" struct SessionHandle; /* |