From d82aca4192214ceb77bad18c99c5bacbd817030a Mon Sep 17 00:00:00 2001 From: Mark Jones Date: Tue, 20 Nov 2012 22:37:53 -0600 Subject: [PATCH] Fixed cookie bug caused by httponly; in the cookie string, fixed expires in the cookie string if it was not explicitly defined, compiler warning pointed the way --- .gitignore | 22 ++++++++++++++++++++++ src/cookie.c | 12 +++++++----- 2 files changed, 29 insertions(+), 5 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c185396 --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +*.o +*.lo +*~ +*.1 +*.5 +*.7 +include/config.in +Makefile +PLATFORM +autom4te.cache/ +config.log +config.status +config.status.lineno +configure.lineno +doc/siegerc +include/config.h +include/joedog/joepath.h +include/stamp-h1 +libtool +utils/bombardment +utils/siege.config +utils/siege2csv.pl diff --git a/src/cookie.c b/src/cookie.c index bd306fb..d26db86 100644 --- a/src/cookie.c +++ b/src/cookie.c @@ -80,7 +80,7 @@ parse_cookie(char *cookiestr, PARSED_COOKIE* ck) ck->expires = 0; ck->expires = ~ck->expires; if(ck->expires < 0){ - ck->expires = ~(1 << ((sizeof(ck->expires) * 8) - 1)); + ck->expires = ~0UL >> 1; } if(ck->expires < 0){ ck->expires = (ck->expires >> 1) * -1; @@ -101,7 +101,8 @@ parse_cookie(char *cookiestr, PARSED_COOKIE* ck) if (!*cookiestr) break; lval = cookiestr; - while( *cookiestr && *cookiestr != '=' ) + // httponly; can cause you to miss the path that follows it + while( *cookiestr && *cookiestr != '=' && *cookiestr != ';') cookiestr++; if(!strcasecmp (lval, "secure")){ @@ -110,7 +111,8 @@ parse_cookie(char *cookiestr, PARSED_COOKIE* ck) } else { if (!*cookiestr) return; - *cookiestr++ = 0; + if(*cookiestr != ';') // httponly; can cause you to miss the path that follows it + *cookiestr++ = 0; rval = cookiestr; while(*cookiestr && *cookiestr != ';') @@ -183,9 +185,9 @@ add_cookie(pthread_t id, char *host, char *cookiestr) else fresh->domain = xstrdup(ck.domain); fresh->next = cur; - if(cur==cookie->first) + if(cur==cookie->first) { cookie->first = fresh; - else + } else pre->next = fresh; } if(name != NULL) xfree(name);