changeset 2034:7cad4651d972

don't save huge cookies Huge cookies confuse the code that reads them back in. I suppose there's always the possibility of getting a cookies.txt from something else, or a manually-edited one, but... Incidentally, the RFC thinks user agents should allow 4096 bytes for name+value+attributes, which we must be within, say, 50 bytes of.
author corvid <corvid@lavabit.com>
date Wed, 18 May 2011 00:04:48 +0000
parents 56134df9c63a
children 5625ee0230ad
files dpi/cookies.c
diffstat 1 files changed, 18 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/dpi/cookies.c	Tue May 17 18:58:20 2011 -0400
+++ b/dpi/cookies.c	Wed May 18 00:04:48 2011 +0000
@@ -412,15 +412,24 @@
    while ((node = dList_nth_data(domains, 0))) {
       for (i = 0; (cookie = dList_nth_data(node->cookies, i)); ++i) {
          if (!cookie->session_only && difftime(cookie->expires_at, now) > 0) {
-            fprintf(file_stream, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
-                    cookie->domain,
-                    cookie->host_only ? "FALSE" : "TRUE",
-                    cookie->path,
-                    cookie->secure ? "TRUE" : "FALSE",
-                    (long)difftime(cookie->expires_at, cookies_epoch_time),
-                    cookie->name,
-                    cookie->value);
-            saved++;
+            int len;
+            char buf[LINE_MAXLEN];
+
+            len = snprintf(buf, LINE_MAXLEN, "%s\t%s\t%s\t%s\t%ld\t%s\t%s\n",
+                           cookie->domain,
+                           cookie->host_only ? "FALSE" : "TRUE",
+                           cookie->path,
+                           cookie->secure ? "TRUE" : "FALSE",
+                           (long) difftime(cookie->expires_at,
+                                           cookies_epoch_time),
+                           cookie->name,
+                           cookie->value);
+            if (len < LINE_MAXLEN) {
+               fprintf(file_stream, "%s", buf);
+               saved++;
+            } else {
+               MSG("Not saving overly long cookie for %s.\n", cookie->domain);
+            }
          }
          Cookies_free_cookie(cookie);
       }