[AWS] Cookie bug

Maciej Sobczak prog at msobczak.com
Tue Jan 10 12:06:32 CET 2012

Previous message: [AWS] A video followup about the Hash table based DoS attack
Next message: [AWS] Cookie bug
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

The AWS.Cookie.Get contains the following in its implementation:

    function Get
      (Request : Status.Data;
       Key     : String) return String
    is
       -- ...

       Content_Start : constant Natural :=
                         Index (Cookie, Key & "=") + Key'Length + 1;

       -- ...
    begin
       if Content_Start = 0 then
          return "";
       end if;

That is - Content_Start will never be 0, even if Key is not in Cookie 
(although Index does return 0 in such a case).
Thus, this control might continue past the if statement and return wrong 
values.

Regards,

-- 
Maciej Sobczak * www.msobczak.com * www.inspirel.com

Previous message: [AWS] A video followup about the Hash table based DoS attack
Next message: [AWS] Cookie bug
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AWS mailing list