From 0044443a020d15c262e9f6c724b29365a8148437 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 28 Nov 2019 15:27:58 +0100
Subject: parsedate: offer a getdate_capped() alternative

... and use internally. This function will return TIME_T_MAX instead of
failure if the parsed data is found to be larger than what can be
represented. TIME_T_MAX being the largest value curl can represent.

Reviewed-by: Daniel Gustafsson
Reported-by: JanB on github
Fixes #4152
Closes #4651
---
 lib/cookie.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/cookie.c')

diff --git a/lib/cookie.c b/lib/cookie.c
index 7e68b0785..c9e420ad4 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -96,6 +96,7 @@ Example set of cookies:
 #include "curl_get_line.h"
 #include "curl_memrchr.h"
 #include "inet_pton.h"
+#include "parsedate.h"
 
 /* The last 3 #include files should be in this order */
 #include "curl_printf.h"
@@ -715,7 +716,7 @@ Curl_cookie_add(struct Curl_easy *data,
     else if(co->expirestr) {
       /* Note that if the date couldn't get parsed for whatever reason,
          the cookie will be treated as a session cookie */
-      co->expires = curl_getdate(co->expirestr, NULL);
+      co->expires = Curl_getdate_capped(co->expirestr);
 
       /* Session cookies have expires set to 0 so if we get that back
          from the date parser let's add a second to make it a
-- 
cgit v1.2.3