mod_log_config: Make ${cookie}C correctly match whole cookie names

instead of substrings.

PR: 28037
Submitted by: Dan Franklin <dan dan-franklin.com>, Stefan Fritsch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833738 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 706c32adbc744c8f8c6f6185713ec1944d3777cb..6138e3a701d2af5397a750b3e4908d315f889fb1 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,10 @@ Changes with Apache 2.3.3
      mod_proxy_ftp: NULL pointer dereference on error paths.
      [Stefan Fritsch <sf fritsch.de>, Joe Orton]
 
+  *) mod_log_config: Make ${cookie}C correctly match whole cookie names
+     instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
+     Stefan Fritsch]
+
   *) vhost: A purely-numeric Host: header should not be treated as a port.
      PR 44979 [Nick Kew]
 

diff --git a/docs/manual/mod/mod_log_config.xml b/docs/manual/mod/mod_log_config.xml
index 715b863269301cf6a0ec3f2ce6c16eea0fea857f..93071c48a6cf71ad9624dcf57ce5e1157444c2a7 100644 (file)
--- a/docs/manual/mod/mod_log_config.xml
+++ b/docs/manual/mod/mod_log_config.xml
@@ -85,7 +85,7 @@
 
     <tr><td><code>%{<var>VARNAME</var>}C</code></td>
         <td>The contents of cookie <var>VARNAME</var> in the request sent
-        to the server.</td></tr>
+        to the server. Only version 0 cookies are fully supported.</td></tr>
 
     <tr><td><code>%D</code></td>
         <td>The time taken to serve the request, in microseconds.</td></tr>

diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c
index 2994e2decdaa09526bf5f2662972a67cc24b2b14..ee0afd5b892ff18437c3b308022a31965b6457d4 100644 (file)
--- a/modules/loggers/mod_log_config.c
+++ b/modules/loggers/mod_log_config.c
@@ -497,19 +497,42 @@ static const char *log_env_var(request_rec *r, char *a)
 static const char *log_cookie(request_rec *r, char *a)
 {
     const char *cookies;
-    const char *start_cookie;
+
+    /*
+     * This supports Netscape version 0 cookies while being tolerant to
+     * some properties of RFC2109/2965 version 1 cookies:
+     * - case-insensitive match of cookie names
+     * - white space around the '='
+     * It does not support the following version 1 features:
+     * - quoted strings as cookie values
+     * - commas to separate cookies
+     */
 
     if ((cookies = apr_table_get(r->headers_in, "Cookie"))) {
-        if ((start_cookie = ap_strstr_c(cookies,a))) {
-            char *cookie, *end_cookie;
-            start_cookie += strlen(a) + 1; /* cookie_name + '=' */
-            cookie = apr_pstrdup(r->pool, start_cookie);
-            /* kill everything in cookie after ';' */
-            end_cookie = strchr(cookie, ';');
-            if (end_cookie) {
-                *end_cookie = '\0';
-            }
-            return ap_escape_logitem(r->pool, cookie);
+        const char *cookie;
+        const char *cookie_end;
+        const char *cp;
+        int a_len = strlen(a);
+        /*
+         * Loop over semicolon-separated cookies.
+         */
+        for (cookie = cookies; *cookie != '\0'; cookie = cookie_end + strspn(cookie_end, "; \t")) {
+            /* Loop invariant: "cookie" always points to start of cookie name */
+
+            /* Set cookie_end to ';' that ends this cookie, or '\0' at EOS */
+            cookie_end = cookie + strcspn(cookie, ";");
+
+            cp = cookie + a_len;
+            if (cp >= cookie_end)
+                continue;
+            cp += strspn(cp, " \t");
+            if (*cp == '=' && !strncasecmp(cookie, a, a_len)) {
+                char *cookie_value;
+                cp++;  /* Move past '=' */
+                cp += strspn(cp, " \t");  /* Move past WS */
+                cookie_value = apr_pstrmemdup(r->pool, cp, cookie_end - cp);
+                return ap_escape_logitem(r->pool, cookie_value);
+             }
         }
     }
     return NULL;