curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: libcurl truncating long cookies?

From: Kevin Smith via curl-library <curl-library_at_cool.haxx.se>
Date: Sat, 9 Sep 2017 15:25:44 -0700

Yeah, I see in the code where a check could be added for making sure the
cookie value is not too long. I have never submitted a fix to curl before,
do I just provide a diff here or open a pull request in Github? Would you
want any unit test to show it is working?

On Sat, Sep 9, 2017 at 2:08 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:

> On Fri, 8 Sep 2017, Kevin Smith via curl-library wrote:
>
> "If for some reason there is inadequate space to store the cookie, it must
>> be discarded, not truncated." I am using libcurl 7.49.1 and I am seeing
>> that cookies seem to get truncated when they are too long instead of
>> discarded, is this expected?
>>
>
> I'd say it is a bug that also exist in current source code. I suspect that
> it is just so extremely rare that people actually get that huge cookies so
> people have not had a problem with this over the years (and I think
> browsers don't support that big ones). I'm quite sure libcurl has always
> had this flawed behavior.
>
> Are you up to working out a fix for this issue?
>
> --
>
> / daniel.haxx.se
>

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-09-10