diff options
Diffstat (limited to 'cgi-bin')
-rw-r--r-- | cgi-bin/var.c | 31 |
1 files changed, 25 insertions, 6 deletions
diff --git a/cgi-bin/var.c b/cgi-bin/var.c index 408634dac..3935508fc 100644 --- a/cgi-bin/var.c +++ b/cgi-bin/var.c @@ -3,7 +3,7 @@ * * CGI form variable and array functions for CUPS. * - * Copyright 2007-2014 by Apple Inc. + * Copyright 2007-2015 by Apple Inc. * Copyright 1997-2005 by Easy Software Products. * * These coded instructions, statements, and computer programs are the @@ -626,6 +626,8 @@ cgi_initialize_cookies(void) while (*cookie) { + int skip = 0; /* Skip this cookie? */ + /* * Skip leading whitespace... */ @@ -641,9 +643,14 @@ cgi_initialize_cookies(void) for (ptr = name; *cookie && *cookie != '=';) if (ptr < (name + sizeof(name) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } if (*cookie != '=') break; @@ -659,26 +666,38 @@ cgi_initialize_cookies(void) { for (cookie ++, ptr = value; *cookie && *cookie != '\"';) if (ptr < (value + sizeof(value) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } if (*cookie == '\"') cookie ++; + else + skip = 1; } else { for (ptr = value; *cookie && *cookie != ';';) if (ptr < (value + sizeof(value) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } } if (*cookie == ';') cookie ++; else if (*cookie) - break; + skip = 1; *ptr = '\0'; @@ -687,7 +706,7 @@ cgi_initialize_cookies(void) * "$"... */ - if (name[0] != '$') + if (name[0] != '$' && !skip) num_cookies = cupsAddOption(name, value, num_cookies, &cookies); } } |