diff options
| author | corvid <corvid@lavabit.com> | 2010-01-10 06:17:48 +0000 |
|---|---|---|
| committer | corvid <corvid@lavabit.com> | 2010-01-10 06:17:48 +0000 |
| commit | 14674c9d6f152902475dee577ee3e6673238b93f (patch) | |
| tree | 5a8891f440e8dd5b7536dc83893ab1bddd5474b1 | |
| parent | 8ae7c88cadeb7c9b310909ca11547577d2656e74 (diff) | |
cookie handle time overflow
Jeremy pointed out
http://lists.auriga.wearlab.de/pipermail/dillo-dev/2010-January/007144.html
that time_t could in principle be a floating type.
The cookies dpi assumes that it is an integer type.
| -rw-r--r-- | dpi/cookies.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/dpi/cookies.c b/dpi/cookies.c index b8e24ef1..40c33356 100644 --- a/dpi/cookies.c +++ b/dpi/cookies.c @@ -62,6 +62,7 @@ int main(void) #define _MSG(...) #define MSG(...) printf("[cookies dpi]: " __VA_ARGS__) +#define DILLO_TIME_MAX ((time_t) ((1UL << (sizeof(time_t) * 8 - 1)) - 1)) /* * a_List_add() @@ -495,6 +496,10 @@ static time_t Cookies_create_timestamp(const char *expires) (minutes * 60) + seconds); + /* handle overflow */ + if (year >= 1970 && ret < 0) + ret = DILLO_TIME_MAX; + return ret; } @@ -704,7 +709,14 @@ static CookieData_t *Cookies_parse(char *cookie_str, const char *server_date) } else if (dStrcasecmp(attr, "Max-Age") == 0) { value = Cookies_parse_value(&str); if (isdigit(*value) || *value == '-') { - cookie->expires_at = time(NULL) + strtol(value, NULL, 10); + time_t now = time(NULL); + long age = strtol(value, NULL, 10); + + cookie->expires_at = now + age; + if (age > 0 && cookie->expires_at < 0) { + /* handle overflow */ + cookie->expires_at = DILLO_TIME_MAX; + } expires = max_age = TRUE; } dFree(value); |