[Issues] [mod_log_sql 0000158]: Bug when logging cookies with names which includes the name of other cookie
Mantis Bug Tracker
issues at outoforder.cc
Thu Jul 7 00:42:59 EDT 2011
The following issue has been SUBMITTED.
======================================================================
http://issues.outoforder.cc/view.php?id=158
======================================================================
Reported By: amersabag
Assigned To:
======================================================================
Project: mod_log_sql
Issue ID: 158
Category: Other
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Apache Version:
======================================================================
Date Submitted: 2011-07-07 00:42 EDT
Last Modified: 2011-07-07 00:42 EDT
======================================================================
Summary: Bug when logging cookies with names which includes
the name of other cookie
Description:
If you have a cookie named: oo, and another cookie named: look, you will have
invalid values for oo cookie logged in database.
I am not so good in c, but I did modify the source code and corrected the
problem.
The change is only in the file functions.h, and in one function only which is:
extract_specific_cookie
here is the new code for the whole function:
static const char *extract_specific_cookie(request_rec *r, char *a)
{
const char *cookiestr;
const char *cookiesearch;
char *cookieend;
char *isvalid;
char *cookiebuf;
if (a != NULL) {
log_error(APLOG_MARK,APLOG_DEBUG, 0, r->server,
"watching for cookie '%s'", a);
/* Fetch out the cookie header */
cookiestr = (char *)apr_table_get(r->headers_in, "cookie2");
if (cookiestr != NULL) {
log_error(APLOG_MARK,APLOG_DEBUG, 0, r->server,
"Cookie2: [%s]", cookiestr);
/* Does the cookie string contain one with our name? */
/* temporary to help repeat searching */
cookiesearch = cookiestr;
while((isvalid = ap_strstr_c(cookiesearch, a)) != NULL){
/* we should test for starting/ending of cookie name
if cookie found at the start or the character before it is not
alphanumeric
and the character after it should be = */
if(
(
(strcmp(isvalid, cookiesearch) == 0)
|| !(
(*(isvalid - 1) >= 48 && *(isvalid - 1) <= 57)
|| (*(isvalid - 1) >= 65 && *(isvalid - 1) <= 90)
|| (*(isvalid - 1) >= 97 && *(isvalid - 1) <= 122)
)
)
&&
*(isvalid + strlen(a)) == '='
){
/* we have a valid cookie */
break;
}else{
/* continue search after the current result */
cookiesearch = isvalid + 1;
}
}
if (isvalid != NULL) {
/* Move past the cookie name and equal sign */
isvalid += strlen(a) + 1;
/* Duplicate it into the pool */
cookiebuf = apr_pstrdup(r->pool, isvalid);
/* Segregate just this cookie out of the string
* with a terminating nul at the first semicolon */
cookieend = ap_strchr(cookiebuf, ';');
if (cookieend != NULL)
*cookieend = '\0';
return cookiebuf;
}
}
cookiestr = (char *)apr_table_get(r->headers_in, "cookie");
if (cookiestr != NULL) {
log_error(APLOG_MARK,APLOG_DEBUG, 0, r->server,
"Cookie: [%s]", cookiestr);
isvalid = ap_strstr_c(cookiestr, a);
cookiesearch = cookiestr;
while((isvalid = ap_strstr_c(cookiesearch, a)) != NULL){
if(
(
(strcmp(isvalid, cookiesearch)
== 0)
|| !(
(*(isvalid - 1) >= 48 &&
*(isvalid - 1) <= 57)
|| (*(isvalid - 1) >= 65
&& *(isvalid - 1) <= 90)
|| (*(isvalid - 1) >= 97
&& *(isvalid - 1) <= 122)
)
)
&&
*(isvalid + strlen(a)) == '='
){
break;
}else{
cookiesearch = isvalid + 1;
}
}
if (isvalid != NULL) {
isvalid += strlen(a) + 1;
cookiebuf = apr_pstrdup(r->pool, isvalid);
cookieend = ap_strchr(cookiebuf, ';');
if (cookieend != NULL)
*cookieend = '\0';
return cookiebuf;
}
}
cookiestr = apr_table_get(r->headers_out, "set-cookie");
if (cookiestr != NULL) {
log_error(APLOG_MARK,APLOG_DEBUG, 0, r->server,
"Set-Cookie: [%s]", cookiestr);
isvalid = ap_strstr_c(cookiestr, a);
cookiesearch = cookiestr;
while((isvalid = ap_strstr_c(cookiesearch, a)) != NULL){
if(
(
(strcmp(isvalid, cookiesearch)
== 0)
|| !(
(*(isvalid - 1) >= 48 &&
*(isvalid - 1) <= 57)
|| (*(isvalid - 1) >= 65
&& *(isvalid - 1) <= 90)
|| (*(isvalid - 1) >= 97
&& *(isvalid - 1) <= 122)
)
)
&&
*(isvalid + strlen(a)) == '='
){
break;
}else{
cookiesearch = isvalid + 1;
}
}
if (isvalid != NULL) {
isvalid += strlen(a) + 1;
cookiebuf = apr_pstrdup(r->pool, isvalid);
cookieend = ap_strchr(cookiebuf, ';');
if (cookieend != NULL)
*cookieend = '\0';
return cookiebuf;
}
}
}
return "-";
}
======================================================================
Issue History
Date Modified Username Field Change
======================================================================
2011-07-07 00:42 amersabag New Issue
======================================================================
More information about the Issues
mailing list