Added checks for invalid characters in a cookie name or cookie data from setrawcookie

diff --git a/ext/standard/head.c b/ext/standard/head.c
index 9594276b8c5e8b3e88a3b8e7833ee5f47a05a592..096abbc6c7f4b0da534b26e0f08f5054562c8596 100644 (file)
--- a/ext/standard/head.c
+++ b/ext/standard/head.c
@@ -74,6 +74,16 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
        sapi_header_line ctr = {0};
        int result;
        
+       if (name && strpbrk(name, "=,; \t\r\n\013\014") != NULL) {   /* man isspace for \013 and \014 */
+               zend_error( E_WARNING, "Cookie names can not contain any of the folllowing '=,; \\t\\r\\n\\013\\014' (%s)", name );
+               return FAILURE;
+       }
+
+       if (!url_encode && value && strpbrk(value, ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
+               zend_error( E_WARNING, "Cookie values can not contain any of the folllowing ',; \\t\\r\\n\\013\\014' (%s)", value );
+               return FAILURE;
+       }
+
        len += name_len;
        if (value && url_encode) {
                int encoded_value_len;