changeset 1605:1dd07874017e

cookies: use difftime() for time_t comparisons ...as Johannes pointed out. (This patch in itself is not meant to fix the time_t overflow problem.)
author corvid <corvid@lavabit.com>
date Tue, 09 Mar 2010 19:44:49 +0000
parents afb42f6a5236
children 9c9b1a1e5bb4
files dpi/cookies.c test/cookies.c
diffstat 2 files changed, 12 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/dpi/cookies.c	Mon Mar 08 20:23:00 2010 +0000
+++ b/dpi/cookies.c	Tue Mar 09 19:44:49 2010 +0000
@@ -137,6 +137,9 @@
 "# This is a generated file!  Do not edit.\n"
 "# [domain  TRUE  path  secure  expiry_time  name  value]\n\n";
 
+/* The epoch is Jan 1, 1970. */
+static struct tm cookies_epoch_tm = {0, 0, 0, 1, 0, 70, 0, 0, 0, 0, 0};
+static time_t cookies_epoch_time;
 
 /*
  * Forward declarations
@@ -231,6 +234,8 @@
    /* Default setting */
    disabled = TRUE;
 
+   cookies_epoch_time = mktime(&cookies_epoch_tm);
+
    /* Read and parse the cookie control file (cookiesrc) */
    if (Cookie_control_init() != 0) {
       MSG("Disabling cookies.\n");
@@ -361,7 +366,7 @@
    /* Iterate cookies per domain, saving and freeing */
    while ((node = dList_nth_data(cookies, 0))) {
       for (i = 0; (cookie = dList_nth_data(node->dlist, i)); ++i) {
-         if (!cookie->session_only && (cookie->expires_at > now)) {
+         if (!cookie->session_only && difftime(cookie->expires_at, now) > 0) {
             fprintf(file_stream, "%s\tTRUE\t%s\t%s\t%ld\t%s\t%s\n",
                     cookie->domain,
                     cookie->path,
@@ -554,7 +559,7 @@
    /* Don't add an expired cookie. Whether expiring now == expired, exactly,
     * is arguable, but we definitely do not want to add a Max-Age=0 cookie.
     */
-   if (cookie->expires_at <= time(NULL)) {
+   if (difftime(cookie->expires_at, time(NULL)) <= 0) {
       _MSG("Goodbye, expired cookie %s=%s d:%s p:%s\n", cookie->name,
            cookie->value, cookie->domain, cookie->path);
       Cookies_free_cookie(cookie);
@@ -728,7 +733,8 @@
             long age = strtol(value, NULL, 10);
 
             cookie->expires_at = now + age;
-            if (age > 0 && cookie->expires_at < 0) {
+            if (age > 0 &&
+                difftime(cookie->expires_at, cookies_epoch_time) < 0) {
                /* handle overflow */
                cookie->expires_at = DILLO_TIME_MAX;
             }
@@ -1049,7 +1055,7 @@
 
       for (i = 0; (cookie = dList_nth_data(domain_cookies, i)); ++i) {
          /* Remove expired cookie. */
-         if (cookie->expires_at < time(NULL)) {
+         if (difftime(cookie->expires_at, time(NULL)) < 0) {
             _MSG("Goodbye, expired cookie %s=%s d:%s p:%s\n", cookie->name,
                  cookie->value, cookie->domain, cookie->path);
             dList_remove(domain_cookies, cookie);
--- a/test/cookies.c	Mon Mar 08 20:23:00 2010 +0000
+++ b/test/cookies.c	Tue Mar 09 19:44:49 2010 +0000
@@ -551,6 +551,8 @@
    a_Cookies_set("name=val; max-age=-100", "maxage-100.com", "/", NULL);
    expect(__LINE__, "", "http", "maxage-100.com", "/");
 
+   a_Cookies_set("name=val; max-age=2000000000", "maxage-huge.com", "/", NULL);
+   expect(__LINE__, "Cookie: name=val\r\n", "http", "maxage-huge.com", "/");
    /* just having a server date shouldn't matter */
 
    a_Cookies_set("name=val; max-age=0", "maxage0s.com", "/", server_date);