Do not run kore_split_string() on original cookie - kore - Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.

commit 519c3c16d42127884f4802832c8439adc8e2feb5
parent 5f7709211b6a66740fb4f930b51102e22411936e
Author: Joris Vink <joris@coders.se>
Date:   Mon, 14 Dec 2015 18:48:48 +0100

Do not run kore_split_string() on original cookie

This broke after http_request_header() started returning
a pointer to the actual header value instead of a copy.

Reminded by PauloMelo via github.

Diffstat:
src/auth.c  | 14 +++++++++++---

1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/auth.c b/src/auth.c
@@ -109,9 +109,11 @@ kore_auth_cookie(struct http_request *req, struct kore_auth *auth)
 	size_t		len, slen;
 	char		*value, *c, *cookie, *cookies[HTTP_MAX_COOKIES];
 
-	if (!http_request_header(req, "cookie", &cookie))
+	if (!http_request_header(req, "cookie", &c))
 		return (KORE_RESULT_ERROR);
 
+	cookie = kore_strdup(c);
+
 	slen = strlen(auth->value);
 	v = kore_split_string(cookie, ";", cookies, HTTP_MAX_COOKIES);
 	for (i = 0; i < v; i++) {
@@ -123,14 +125,20 @@ kore_auth_cookie(struct http_request *req, struct kore_auth *auth)
 			break;
 	}
 
-	if (i == v)
+	if (i == v) {
+		kore_mem_free(cookie);
 		return (KORE_RESULT_ERROR);
+	}
 
 	c = cookies[i];
-	if ((value = strchr(c, '=')) == NULL)
+	if ((value = strchr(c, '=')) == NULL) {
+		kore_mem_free(cookie);
 		return (KORE_RESULT_ERROR);
+	}
 
 	i = kore_validator_check(req, auth->validator, ++value);
+	kore_mem_free(cookie);
+
 	return (i);
 }

	kore Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
	Commits \| Files \| Refs \| README \| LICENSE \| git clone https://git.kore.io/kore.git