summaryrefslogtreecommitdiff
path: root/dpi
diff options
context:
space:
mode:
authorcorvid <corvid@lavabit.com>2011-05-18 00:04:48 +0000
committercorvid <corvid@lavabit.com>2011-05-18 00:04:48 +0000
commit7012367e6fa39aa7fa729564f21a220ecc004e68 (patch)
tree689de2b983dd9a6f2f7dda89e515ee950fab514b /dpi
parent7f0e0e2d10099b8b81c8b43cc37a673fb5232989 (diff)
don't save huge cookies
Huge cookies confuse the code that reads them back in. I suppose there's always the possibility of getting a cookies.txt from something else, or a manually-edited one, but... Incidentally, the RFC thinks user agents should allow 4096 bytes for name+value+attributes, which we must be within, say, 50 bytes of.
Diffstat (limited to 'dpi')
-rw-r--r--dpi/cookies.c27
1 files changed, 18 insertions, 9 deletions
diff --git a/dpi/cookies.c b/dpi/cookies.c
index 8adf59fd..42db1390 100644
--- a/dpi/cookies.c
+++ b/dpi/cookies.c
@@ -412,15 +412,24 @@ static void Cookies_save_and_free()
while ((node = dList_nth_data(domains, 0))) {
for (i = 0; (cookie = dList_nth_data(node->cookies, i)); ++i) {
if (!cookie->session_only && difftime(cookie->expires_at, now) > 0) {
- fprintf(file_stream, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
- cookie->domain,
- cookie->host_only ? "FALSE" : "TRUE",
- cookie->path,
- cookie->secure ? "TRUE" : "FALSE",
- (long)difftime(cookie->expires_at, cookies_epoch_time),
- cookie->name,
- cookie->value);
- saved++;
+ int len;
+ char buf[LINE_MAXLEN];
+
+ len = snprintf(buf, LINE_MAXLEN, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
+ cookie->domain,
+ cookie->host_only ? "FALSE" : "TRUE",
+ cookie->path,
+ cookie->secure ? "TRUE" : "FALSE",
+ (long) difftime(cookie->expires_at,
+ cookies_epoch_time),
+ cookie->name,
+ cookie->value);
+ if (len < LINE_MAXLEN) {
+ fprintf(file_stream, "%s", buf);
+ saved++;
+ } else {
+ MSG("Not saving overly long cookie for %s.\n", cookie->domain);
+ }
}
Cookies_free_cookie(cookie);
}