[FFmpeg-devel] [PATCH v3] Parse cookies more correctly
Lukasz Marek
lukasz.m.luki at gmail.com
Fri Feb 14 20:13:44 CET 2014
On 14.02.2014 19:46, Scott Moak wrote:
> On Thu, Feb 13, 2014 at 6:24 AM, Michael Niedermayer <michaelni at gmx.at>wrote:
>
>> On Wed, Feb 12, 2014 at 09:07:42PM -0800, Scott Moak wrote:
>>> Cookies with an Expires directive do not get parsed (and ignored)
>>> correctly, so we need to fix that.
>>>
>>> Signed-off-by: Scott Moak <scott.moak at mybrainoncode.com>
>>> ---
>>> libavformat/http.c | 18 +++++++++++++++---
>>> 1 file changed, 15 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/libavformat/http.c b/libavformat/http.c
>>> index 69c4d6d..3ea2e55 100644
>>> --- a/libavformat/http.c
>>> +++ b/libavformat/http.c
>>> @@ -484,8 +484,19 @@ static int get_cookies(HTTPContext *s, char
>> **cookies, const char *path,
>>> char *param, *next_param, *cdomain = NULL, *cpath = NULL,
>> *cvalue = NULL;
>>> set_cookies = NULL;
>>>
>>> - while ((param = av_strtok(cookie, "; ", &next_param))) {
>>> + /* skip trailing spaces */
>>> + while (0x20 == cookie[strlen(cookie) - 1]) {
>>> + cookie[strlen(cookie) - 1] = 0;
>>> + }
>>
>> probably redundant
>> unless i miss something ?
>>
>
> I think there still could be a chance where a cookie ends with a trailing
> space, unless you feel it's unnecessary.
I'm also didn't investigate it in full context, but you have the same
code below.
>>
>>> +
>>> + while ((param = av_strtok(cookie, ";", &next_param))) {
>>> cookie = NULL;
>>> + /* skip leading spaces */
>>> + param += strspn(param, " ");
>>> + /* skip trailing spaces */
>>> + while (0x20 == param[strlen(param) - 1]) {
>>> + param[strlen(param) - 1] = 0;
>>> + }
>>
>> indention is wrong
>> also this can read and write out of array
>>
>>
>>
> Is there a better way to do this? From a previous thread, there was a
> suggestion to set it to 0, perhaps I misunderstood.
Problem is not with assigning 0, but you don't check if string is empty
and use strlen() - 1
--
Best Regards,
Lukasz Marek
Insanity: doing the same thing over and over again and expecting
different results. - Albert Einstein
More information about the ffmpeg-devel
mailing list