Long cookies caused the web interface to stop working (STR #4619)

git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@12621 a1ca3aef-8c08-0410-bb20-df032aa958be

1 files changed, 25 insertions, 6 deletions

diff --git a/cgi-bin/var.c b/cgi-bin/var.c
index 408634dac..3935508fc 100644
--- a/cgi-bin/var.c
+++ b/cgi-bin/var.c
@@ -3,7 +3,7 @@
  *
  * CGI form variable and array functions for CUPS.
  *
- * Copyright 2007-2014 by Apple Inc.
+ * Copyright 2007-2015 by Apple Inc.
  * Copyright 1997-2005 by Easy Software Products.
  *
  * These coded instructions, statements, and computer programs are the
@@ -626,6 +626,8 @@ cgi_initialize_cookies(void)
 
   while (*cookie)
   {
+    int	skip = 0;			/* Skip this cookie? */
+
    /*
     * Skip leading whitespace...
     */
@@ -641,9 +643,14 @@ cgi_initialize_cookies(void)
 
     for (ptr = name; *cookie && *cookie != '=';)
       if (ptr < (name + sizeof(name) - 1))
+      {
         *ptr++ = *cookie++;
+      }
       else
-        break;
+      {
+        skip = 1;
+	cookie ++;
+      }
 
     if (*cookie != '=')
       break;
@@ -659,26 +666,38 @@ cgi_initialize_cookies(void)
     {
       for (cookie ++, ptr = value; *cookie && *cookie != '\"';)
         if (ptr < (value + sizeof(value) - 1))
+	{
 	  *ptr++ = *cookie++;
+	}
 	else
-	  break;
+	{
+	  skip = 1;
+	  cookie ++;
+	}
 
       if (*cookie == '\"')
         cookie ++;
+      else
+        skip = 1;
     }
     else
     {
       for (ptr = value; *cookie && *cookie != ';';)
         if (ptr < (value + sizeof(value) - 1))
+	{
 	  *ptr++ = *cookie++;
+	}
 	else
-	  break;
+	{
+	  skip = 1;
+	  cookie ++;
+	}
     }
 
     if (*cookie == ';')
       cookie ++;
     else if (*cookie)
-      break;
+      skip = 1;
 
     *ptr = '\0';
 
@@ -687,7 +706,7 @@ cgi_initialize_cookies(void)
     * "$"...
     */
 
-    if (name[0] != '$')
+    if (name[0] != '$' && !skip)
       num_cookies = cupsAddOption(name, value, num_cookies, &cookies);
   }
 }