From 12e2a81ffc2cbecee051757926c751d8f2854946 Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Sat, 7 Nov 2009 19:19:10 +0000 Subject: [PATCH] mod_log_config: Make ${cookie}C correctly match whole cookie names instead of substrings. PR: 28037 Submitted by: Dan Franklin , Stefan Fritsch git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@833738 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 4 +++ docs/manual/mod/mod_log_config.xml | 2 +- modules/loggers/mod_log_config.c | 45 ++++++++++++++++++++++-------- 3 files changed, 39 insertions(+), 12 deletions(-) diff --git a/CHANGES b/CHANGES index 706c32adbc..6138e3a701 100644 --- a/CHANGES +++ b/CHANGES @@ -10,6 +10,10 @@ Changes with Apache 2.3.3 mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch , Joe Orton] + *) mod_log_config: Make ${cookie}C correctly match whole cookie names + instead of substrings. PR 28037. [Dan Franklin , + Stefan Fritsch] + *) vhost: A purely-numeric Host: header should not be treated as a port. PR 44979 [Nick Kew] diff --git a/docs/manual/mod/mod_log_config.xml b/docs/manual/mod/mod_log_config.xml index 715b863269..93071c48a6 100644 --- a/docs/manual/mod/mod_log_config.xml +++ b/docs/manual/mod/mod_log_config.xml @@ -85,7 +85,7 @@ %{VARNAME}C The contents of cookie VARNAME in the request sent - to the server. + to the server. Only version 0 cookies are fully supported. %D The time taken to serve the request, in microseconds. diff --git a/modules/loggers/mod_log_config.c b/modules/loggers/mod_log_config.c index 2994e2decd..ee0afd5b89 100644 --- a/modules/loggers/mod_log_config.c +++ b/modules/loggers/mod_log_config.c @@ -497,19 +497,42 @@ static const char *log_env_var(request_rec *r, char *a) static const char *log_cookie(request_rec *r, char *a) { const char *cookies; - const char *start_cookie; + + /* + * This supports Netscape version 0 cookies while being tolerant to + * some properties of RFC2109/2965 version 1 cookies: + * - case-insensitive match of cookie names + * - white space around the '=' + * It does not support the following version 1 features: + * - quoted strings as cookie values + * - commas to separate cookies + */ if ((cookies = apr_table_get(r->headers_in, "Cookie"))) { - if ((start_cookie = ap_strstr_c(cookies,a))) { - char *cookie, *end_cookie; - start_cookie += strlen(a) + 1; /* cookie_name + '=' */ - cookie = apr_pstrdup(r->pool, start_cookie); - /* kill everything in cookie after ';' */ - end_cookie = strchr(cookie, ';'); - if (end_cookie) { - *end_cookie = '\0'; - } - return ap_escape_logitem(r->pool, cookie); + const char *cookie; + const char *cookie_end; + const char *cp; + int a_len = strlen(a); + /* + * Loop over semicolon-separated cookies. + */ + for (cookie = cookies; *cookie != '\0'; cookie = cookie_end + strspn(cookie_end, "; \t")) { + /* Loop invariant: "cookie" always points to start of cookie name */ + + /* Set cookie_end to ';' that ends this cookie, or '\0' at EOS */ + cookie_end = cookie + strcspn(cookie, ";"); + + cp = cookie + a_len; + if (cp >= cookie_end) + continue; + cp += strspn(cp, " \t"); + if (*cp == '=' && !strncasecmp(cookie, a, a_len)) { + char *cookie_value; + cp++; /* Move past '=' */ + cp += strspn(cp, " \t"); /* Move past WS */ + cookie_value = apr_pstrmemdup(r->pool, cp, cookie_end - cp); + return ap_escape_logitem(r->pool, cookie_value); + } } } return NULL; -- 2.40.0