diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2014-01-16 08:51:30 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2014-01-17 08:57:27 +0100 |
| commit | ecaf2f02f1df70f0bbcbbbf48914bfc83c8f2a56 (patch) | |
| tree | 9093989fc99625fd00dbded6aa7c5d7158a5ea4d | |
| parent | d4296f6f06239a43f5438f28ea01525cc0a6025c (diff) | |
| download | gnurl-ecaf2f02f1df70f0bbcbbbf48914bfc83c8f2a56.tar.gz gnurl-ecaf2f02f1df70f0bbcbbbf48914bfc83c8f2a56.tar.bz2 gnurl-ecaf2f02f1df70f0bbcbbbf48914bfc83c8f2a56.zip | |
cookie: max-age fixes
1 - allow >31 bit max-age values
2 - don't overflow on extremely large max-age values when we add the
value to the current time
3 - make sure max-age takes precedence over expires as dictated by
RFC6265
Bug: http://curl.haxx.se/mail/lib-2014-01/0130.html
Reported-by: Chen Prog
| -rw-r--r-- | lib/cookie.c | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/lib/cookie.c b/lib/cookie.c index 9961c67b8..059064348 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -489,9 +489,6 @@ Curl_cookie_add(struct SessionHandle *data, badcookie = TRUE; break; } - co->expires = - strtol((*co->maxage=='\"')?&co->maxage[1]:&co->maxage[0],NULL,10) - + (long)now; } else if(Curl_raw_equal("expires", name)) { strstore(&co->expirestr, whatptr); @@ -499,17 +496,6 @@ Curl_cookie_add(struct SessionHandle *data, badcookie = TRUE; break; } - /* Note that if the date couldn't get parsed for whatever reason, - the cookie will be treated as a session cookie */ - co->expires = curl_getdate(what, NULL); - - /* Session cookies have expires set to 0 so if we get that back - from the date parser let's add a second to make it a - non-session cookie */ - if(co->expires == 0) - co->expires = 1; - else if(co->expires < 0) - co->expires = 0; } else if(!co->name) { co->name = strdup(name); @@ -544,6 +530,30 @@ Curl_cookie_add(struct SessionHandle *data, semiptr=strchr(ptr, '\0'); } while(semiptr); + if(co->maxage) { + co->expires = + curlx_strtoofft((*co->maxage=='\"')? + &co->maxage[1]:&co->maxage[0], NULL, 10); + if(CURL_OFF_T_MAX - now < co->expires) + /* avoid overflow */ + co->expires = CURL_OFF_T_MAX; + else + co->expires += now; + } + else if(co->expirestr) { + /* Note that if the date couldn't get parsed for whatever reason, + the cookie will be treated as a session cookie */ + co->expires = curl_getdate(co->expirestr, NULL); + + /* Session cookies have expires set to 0 so if we get that back + from the date parser let's add a second to make it a + non-session cookie */ + if(co->expires == 0) + co->expires = 1; + else if(co->expires < 0) + co->expires = 0; + } + if(!badcookie && !co->domain) { if(domain) { /* no domain was given in the header line, set the default */ |