From f8afde1435b04f0b4f48993572e892c2a2a65154 Mon Sep 17 00:00:00 2001
From: corvid <corvid@lavabit.com>
Date: Wed, 13 Jan 2010 21:43:58 +0000
Subject: cookies: be more robust in rejecting IP addr partial matches

The code was already such that, even if we accepted 123.45 as a domain for
host 1.2.123.45, it wouldn't be sent back to anyone. But it would be easy
to make some small change later that would break that, so...
---
 dpi/cookies.c | 53 ++++++++++++++++++++++++++++-------------------------
 1 file changed, 28 insertions(+), 25 deletions(-)

diff --git a/dpi/cookies.c b/dpi/cookies.c
index 709f3be3..82075020 100644
--- a/dpi/cookies.c
+++ b/dpi/cookies.c
@@ -792,6 +792,31 @@ static int Cookies_cmp(const void *a, const void *b)
    return ret;
 }
 
+/*
+ * Is the domain an IP address?
+ */
+static bool_t Cookies_domain_is_ip(const char *domain)
+{
+   uint_t len;
+
+   if (!domain)
+      return FALSE;
+
+   len = strlen(domain);
+
+   if (len == strspn(domain, "0123456789.")) {
+      MSG("an IPv4 address\n");
+      return TRUE;
+   }
+   if (*domain == '[' &&
+       (len == strspn(domain, "0123456789abcdefABCDEF:.[]"))) {
+      /* The precise format is shown in section 3.2.2 of rfc 3986 */
+      MSG("an IPv6 address\n");
+      return TRUE;
+   }
+   return FALSE;
+}
+
 /*
  * Check whether url_path path-matches cookie_path
  *
@@ -858,6 +883,9 @@ static bool_t Cookies_domain_matches(char *A, char *B)
    if (!dStrcasecmp(A, B))
       return TRUE;
 
+   if (Cookies_domain_is_ip(B))
+      return FALSE;
+
    diff = strlen(A) - strlen(B);
 
    if (diff > 0) {
@@ -921,31 +949,6 @@ static uint_t Cookies_internal_dots_required(const char *host)
    return ret;
 }
 
-/*
- * Is the domain an IP address?
- */
-static bool_t Cookies_domain_is_ip(const char *domain)
-{
-   uint_t len;
-
-   if (!domain)
-      return FALSE;
-
-   len = strlen(domain);
-
-   if (len == strspn(domain, "0123456789.")) {
-      MSG("an IPv4 address\n");
-      return TRUE;
-   }
-   if (*domain == '[' &&
-       (len == strspn(domain, "0123456789abcdefABCDEF:.[]"))) {
-      /* The precise format is shown in section 3.2.2 of rfc 3986 */
-      MSG("an IPv6 address\n");
-      return TRUE;
-   }
-   return FALSE;
-}
-
 /*
  * Validate cookies domain against some security checks.
  */
-- 
cgit v1.2.3