From b1b326ec500bc8c11e9a6750036e509cb9e0a4cf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 11 Apr 2023 14:14:09 +0200 Subject: [PATCH] cookie: clarify that init with data set to NULL reads no file ... and make Curl_cookie_add() require 'data' being set proper with an assert. The function has not worked with a NULL data for quite some time so this just corrects the code and comment. This is a different take than the proposed fixed in #10927 Reported-by: Kvarec Lezki Ref: #10929 Closes #10930 --- lib/cookie.c | 110 +++++++++++++++++++++++---------------------------- lib/cookie.h | 1 - 2 files changed, 50 insertions(+), 61 deletions(-) diff --git a/lib/cookie.c b/lib/cookie.c index 0c6e0f7cda..c974a54dbb 100644 --- a/lib/cookie.c +++ b/lib/cookie.c @@ -483,11 +483,6 @@ static int invalid_octets(const char *p) */ struct Cookie * Curl_cookie_add(struct Curl_easy *data, - /* - * The 'data' pointer here may be NULL at times, and thus - * must only be used very carefully for things that can deal - * with data being NULL. Such as infof() and similar - */ struct CookieInfo *c, bool httpheader, /* TRUE if HTTP header-style line */ bool noexpire, /* if TRUE, skip remove_expired() */ @@ -508,10 +503,7 @@ Curl_cookie_add(struct Curl_easy *data, bool badcookie = FALSE; /* cookies are good by default. mmmmm yummy */ size_t myhash; -#ifdef CURL_DISABLE_VERBOSE_STRINGS - (void)data; -#endif - + DEBUGASSERT(data); DEBUGASSERT(MAX_SET_COOKIE_AMOUNT <= 255); /* counter is an unsigned char */ if(data->req.setcookies >= MAX_SET_COOKIE_AMOUNT) return NULL; @@ -1219,7 +1211,8 @@ Curl_cookie_add(struct Curl_easy *data, * * If 'newsession' is TRUE, discard all "session cookies" on read from file. * - * Note that 'data' might be called as NULL pointer. + * Note that 'data' might be called as NULL pointer. If data is NULL, 'file' + * will be ignored. * * Returns NULL on out of memory. Invalid cookies are ignored. */ @@ -1229,9 +1222,8 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, bool newsession) { struct CookieInfo *c; - FILE *fp = NULL; - bool fromfile = TRUE; char *line = NULL; + FILE *handle = NULL; if(!inc) { /* we didn't get a struct, create one */ @@ -1251,61 +1243,59 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, /* we got an already existing one, use that */ c = inc; } - c->running = FALSE; /* this is not running, this is init */ - - if(file && !strcmp(file, "-")) { - fp = stdin; - fromfile = FALSE; - } - else if(!file || !*file) { - /* points to an empty string or NULL */ - fp = NULL; - } - else { - fp = fopen(file, "rb"); - if(!fp) - infof(data, "WARNING: failed to open cookie file \"%s\"", file); - } - c->newsession = newsession; /* new session? */ - if(fp) { - char *lineptr; - bool headerline; - - line = malloc(MAX_COOKIE_LINE); - if(!line) - goto fail; - while(Curl_get_line(line, MAX_COOKIE_LINE, fp)) { - if(checkprefix("Set-Cookie:", line)) { - /* This is a cookie line, get it! */ - lineptr = &line[11]; - headerline = TRUE; - } + if(data) { + FILE *fp = NULL; + if(file) { + if(!strcmp(file, "-")) + fp = stdin; else { - lineptr = line; - headerline = FALSE; + fp = fopen(file, "rb"); + if(!fp) + infof(data, "WARNING: failed to open cookie file \"%s\"", file); + else + handle = fp; } - while(*lineptr && ISBLANK(*lineptr)) - lineptr++; - - Curl_cookie_add(data, c, headerline, TRUE, lineptr, NULL, NULL, TRUE); } - free(line); /* free the line buffer */ - /* - * Remove expired cookies from the hash. We must make sure to run this - * after reading the file, and not on every cookie. - */ - remove_expired(c); + c->running = FALSE; /* this is not running, this is init */ + if(fp) { + char *lineptr; + bool headerline; + + line = malloc(MAX_COOKIE_LINE); + if(!line) + goto fail; + while(Curl_get_line(line, MAX_COOKIE_LINE, fp)) { + if(checkprefix("Set-Cookie:", line)) { + /* This is a cookie line, get it! */ + lineptr = &line[11]; + headerline = TRUE; + } + else { + lineptr = line; + headerline = FALSE; + } + while(*lineptr && ISBLANK(*lineptr)) + lineptr++; - if(fromfile) - fclose(fp); - } + Curl_cookie_add(data, c, headerline, TRUE, lineptr, NULL, NULL, TRUE); + } + free(line); /* free the line buffer */ + + /* + * Remove expired cookies from the hash. We must make sure to run this + * after reading the file, and not on every cookie. + */ + remove_expired(c); - c->running = TRUE; /* now, we're running */ - if(data) + if(handle) + fclose(handle); + } data->state.cookie_engine = TRUE; + c->running = TRUE; /* now, we're running */ + } return c; @@ -1317,8 +1307,8 @@ fail: */ if(!inc) Curl_cookie_cleanup(c); - if(fromfile && fp) - fclose(fp); + if(handle) + fclose(handle); return NULL; /* out of memory */ } diff --git a/lib/cookie.h b/lib/cookie.h index 39bb08bc49..c588bbbb84 100644 --- a/lib/cookie.h +++ b/lib/cookie.h @@ -61,7 +61,6 @@ struct Cookie { struct CookieInfo { /* linked list of cookies we know of */ struct Cookie *cookies[COOKIE_HASH_SIZE]; - char *filename; /* file we read from/write to */ long numcookies; /* number of cookies in the "jar" */ bool running; /* state info, for cookie adding information */ -- 2.47.2