mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
- John P. McCaskey posted a bug report that showed how libcurl did wrong when
saving received cookies with no given path, if the path in the request had a query part. That is means a question mark (?) and characters on the right side of that. I wrote test case 1105 and fixed this problem.
This commit is contained in:
parent
8d39a31e89
commit
4f47fc4e14
6
CHANGES
6
CHANGES
@ -6,6 +6,12 @@
|
|||||||
|
|
||||||
Changelog
|
Changelog
|
||||||
|
|
||||||
|
Daniel Stenberg (26 Sep 2009)
|
||||||
|
- John P. McCaskey posted a bug report that showed how libcurl did wrong when
|
||||||
|
saving received cookies with no given path, if the path in the request had a
|
||||||
|
query part. That is means a question mark (?) and characters on the right
|
||||||
|
side of that. I wrote test case 1105 and fixed this problem.
|
||||||
|
|
||||||
Kamil Dudka (26 Sep 2009)
|
Kamil Dudka (26 Sep 2009)
|
||||||
- Implemented a protocol independent way to specify blocking direction, used by
|
- Implemented a protocol independent way to specify blocking direction, used by
|
||||||
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
|
transfer.c for blocking. It is currently used only by SCP and SFTP protocols.
|
||||||
|
@ -30,6 +30,8 @@ This release includes the following bugfixes:
|
|||||||
o cookie expiry date at 1970-jan-1 00:00:00
|
o cookie expiry date at 1970-jan-1 00:00:00
|
||||||
o libcurl-OpenSSL failed to verify some certs with Subject Alternative Name
|
o libcurl-OpenSSL failed to verify some certs with Subject Alternative Name
|
||||||
o libcurl-OpenSSL can load CRL files with more than one certificate inside
|
o libcurl-OpenSSL can load CRL files with more than one certificate inside
|
||||||
|
o received cookies without explicit path got saved wrong if the URL had a
|
||||||
|
query part
|
||||||
|
|
||||||
This release includes the following known bugs:
|
This release includes the following known bugs:
|
||||||
|
|
||||||
@ -40,6 +42,6 @@ advice from friends like these:
|
|||||||
|
|
||||||
Karl Moerder, Kamil Dudka, Krister Johansen, Andre Guibert de Bruet,
|
Karl Moerder, Kamil Dudka, Krister Johansen, Andre Guibert de Bruet,
|
||||||
Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson,
|
Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson,
|
||||||
Claes Jakobsson, Sven Anders, Chris Mumford
|
Claes Jakobsson, Sven Anders, Chris Mumford, John P. McCaskey
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
36
lib/cookie.c
36
lib/cookie.c
@ -167,6 +167,24 @@ static void strstore(char **str, const char *newstr)
|
|||||||
*str = strdup(newstr);
|
*str = strdup(newstr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The memrchr() function is like the memchr() function, except that it
|
||||||
|
* searches backwards from the end of the n bytes pointed to by s instead of
|
||||||
|
* forwards from the front.
|
||||||
|
*
|
||||||
|
* Exists in glibc but is not widely available on other systems.
|
||||||
|
*/
|
||||||
|
static void *memrchr(const char *s, int c, size_t n)
|
||||||
|
{
|
||||||
|
while(n--) {
|
||||||
|
if(s[n] == c)
|
||||||
|
return &s[n];
|
||||||
|
}
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/****************************************************************************
|
/****************************************************************************
|
||||||
*
|
*
|
||||||
* Curl_cookie_add()
|
* Curl_cookie_add()
|
||||||
@ -186,8 +204,8 @@ Curl_cookie_add(struct SessionHandle *data,
|
|||||||
char *lineptr, /* first character of the line */
|
char *lineptr, /* first character of the line */
|
||||||
const char *domain, /* default domain */
|
const char *domain, /* default domain */
|
||||||
const char *path) /* full path used when this cookie is set,
|
const char *path) /* full path used when this cookie is set,
|
||||||
used to get default path for the cookie
|
used to get default path for the cookie
|
||||||
unless set */
|
unless set */
|
||||||
{
|
{
|
||||||
struct Cookie *clist;
|
struct Cookie *clist;
|
||||||
char name[MAX_NAME];
|
char name[MAX_NAME];
|
||||||
@ -429,8 +447,18 @@ Curl_cookie_add(struct SessionHandle *data,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if(!badcookie && !co->path && path) {
|
if(!badcookie && !co->path && path) {
|
||||||
/* no path was given in the header line, set the default */
|
/* No path was given in the header line, set the default.
|
||||||
char *endslash = strrchr(path, '/');
|
Note that the passed-in path to this function MAY have a '?' and
|
||||||
|
following part that MUST not be stored as part of the path. */
|
||||||
|
char *queryp = strchr(path, '?');
|
||||||
|
|
||||||
|
/* queryp is where the interesting part of the path ends, so now we
|
||||||
|
want to the find the last */
|
||||||
|
char *endslash;
|
||||||
|
if(!queryp)
|
||||||
|
endslash = strrchr(path, '/');
|
||||||
|
else
|
||||||
|
endslash = memrchr(path, '/', queryp - path);
|
||||||
if(endslash) {
|
if(endslash) {
|
||||||
size_t pathlen = endslash-path+1; /* include the ending slash */
|
size_t pathlen = endslash-path+1; /* include the ending slash */
|
||||||
co->path=malloc(pathlen+1); /* one extra for the zero byte */
|
co->path=malloc(pathlen+1); /* one extra for the zero byte */
|
||||||
|
@ -5,4 +5,4 @@
|
|||||||
# Lines starting with '#' letters are treated as comments.
|
# Lines starting with '#' letters are treated as comments.
|
||||||
563
|
563
|
||||||
564
|
564
|
||||||
1105
|
|
||||||
|
@ -55,10 +55,9 @@ userid=myname&password=mypassword
|
|||||||
# http://curl.haxx.se/rfc/cookie_spec.html
|
# http://curl.haxx.se/rfc/cookie_spec.html
|
||||||
# This file was generated by libcurl! Edit at your own risk.
|
# This file was generated by libcurl! Edit at your own risk.
|
||||||
|
|
||||||
127.0.0.1 FALSE /we/want FALSE 0 foobar name
|
127.0.0.1 FALSE /we/want/ FALSE 0 foobar name
|
||||||
.127.0.0.1 TRUE "/silly/" FALSE 0 mismatch this
|
.127.0.0.1 TRUE "/silly/" FALSE 0 mismatch this
|
||||||
.0.0.1 TRUE / FALSE 0 partmatch present
|
.0.0.1 TRUE / FALSE 0 partmatch present
|
||||||
|
|
||||||
</file>
|
</file>
|
||||||
</verify>
|
</verify>
|
||||||
</testcase>
|
</testcase>
|
||||||
|
Loading…
Reference in New Issue
Block a user