mirrors/emacs
1
Fork 0
mirror of git://git.sv.gnu.org/emacs.git synced 2026-01-06 03:40:56 -08:00
Code Issues Projects Releases Wiki Activity

Make url-cookie.el be more resistant against bogus data

Browse source 
* lisp/url/url-cookie.el (url-cookie-handle-set-cookie): Don't bug
out on large max-age values (bug#37974).
This commit is contained in:
Lars Ingebrigtsen 2019-10-29 22:53:00 +01:00
parent 6f7e99fb18
commit d3517de4b4
1 changed files with 4 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
lisp/url/url-cookie.el
View file

@ -304,9 +304,10 @@ i.e. 1970-1-1) are loaded as expiring one year from now instead."
(url-filename url-current-object)))) (url-filename url-current-object))))
(expires nil)) (expires nil))
(if (and max-age (string-match "\\`-?[0-9]+\\'" max-age)) (if (and max-age (string-match "\\`-?[0-9]+\\'" max-age))
(setq expires (format-time-string "%a %b %d %H:%M:%S %Y GMT" (setq expires (ignore-errors
(time-add nil (read max-age)) (format-time-string "%a %b %d %H:%M:%S %Y GMT"
t)) (time-add nil (read max-age))
t)))
(setq expires (cdr-safe (assoc-string "expires" args t)))) (setq expires (cdr-safe (assoc-string "expires" args t))))
(while (consp trusted) (while (consp trusted)
(if (string-match (car trusted) current-url) (if (string-match (car trusted) current-url)