aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/cookie.c11
-rw-r--r--lib/cookie.h31
2 files changed, 29 insertions, 13 deletions
diff --git a/lib/cookie.c b/lib/cookie.c
index d31bcd114..66309d767 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -149,7 +149,7 @@ Curl_cookie_add(struct SessionHandle *data,
unless set */
{
struct Cookie *clist;
- char what[MAX_COOKIE_LINE];
+ char *what;
char name[MAX_NAME];
char *ptr;
char *semiptr;
@@ -167,6 +167,13 @@ Curl_cookie_add(struct SessionHandle *data,
if(httpheader) {
/* This line was read off a HTTP-header */
char *sep;
+
+ what = malloc(MAX_COOKIE_LINE);
+ if(!what) {
+ free(co);
+ return NULL;
+ }
+
semiptr=strchr(lineptr, ';'); /* first, find a semicolon */
while(*lineptr && isspace((int)*lineptr))
@@ -387,6 +394,8 @@ Curl_cookie_add(struct SessionHandle *data,
}
}
+ free(what);
+
if(badcookie || !co->name) {
/* we didn't get a cookie name or a bad one,
this is an illegal line, bail out */
diff --git a/lib/cookie.h b/lib/cookie.h
index af078d9d0..48b9d20fa 100644
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -1,10 +1,10 @@
#ifndef __COOKIE_H
#define __COOKIE_H
/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
@@ -12,7 +12,7 @@
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
- *
+ *
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
@@ -41,11 +41,11 @@ struct Cookie {
long expires; /* expires = <this> */
char *expirestr; /* the plain text version */
bool tailmatch; /* weather we do tail-matchning of the domain name */
-
+
/* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */
char *version; /* Version = <value> */
char *maxage; /* Max-Age = <value> */
-
+
bool secure; /* whether the 'secure' keyword was used */
bool livecookie; /* updated from a server, not a stored file */
};
@@ -60,13 +60,20 @@ struct CookieInfo {
bool newsession; /* new session, discard session cookies on load */
};
-/* This is the maximum line length we accept for a cookie line */
-#define MAX_COOKIE_LINE 2048
-#define MAX_COOKIE_LINE_TXT "2047"
+/* This is the maximum line length we accept for a cookie line. RFC 2109
+ section 6.3 says:
+
+ "at least 4096 bytes per cookie (as measured by the size of the characters
+ that comprise the cookie non-terminal in the syntax description of the
+ Set-Cookie header)"
+
+*/
+#define MAX_COOKIE_LINE 5000
+#define MAX_COOKIE_LINE_TXT "4999"
/* This is the maximum length of a cookie name we deal with: */
-#define MAX_NAME 256
-#define MAX_NAME_TXT "255"
+#define MAX_NAME 1024
+#define MAX_NAME_TXT "1023"
struct SessionHandle;
/*