[AWS] Cookie bug

Thomas Løcke thomas.granvej6 at gmail.com
Tue Jan 10 13:46:56 CET 2012

Previous message: [AWS] Cookie bug
Next message: [AWS] Cookie bug
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 10, 2012 at 12:06 PM, Maciej Sobczak <prog at msobczak.com> wrote:

> Hi,
>
> The AWS.Cookie.Get contains the following in its implementation:
>
>    function Get
>      (Request : Status.Data;
>       Key     : String) return String
>    is
>       -- ...
>
>       Content_Start : constant Natural :=
>                         Index (Cookie, Key & "=") + Key'Length + 1;
>
>       -- ...
>    begin
>       if Content_Start = 0 then
>          return "";
>       end if;
>
> That is - Content_Start will never be 0, even if Key is not in Cookie
> (although Index does return 0 in such a case).
> Thus, this control might continue past the if statement and return wrong
> values.
>

That Get function is actually not only buggy, it's also pretty poorly made
I think.

As far as I can see, I'm searching the entire cookie string
from AWS.Headers.Get_Values, which is stupid (and bad!), considering I can
search individual cookies by looping the Containers.Tables.VString_Array
instead.

I will fix this as soon as possible, unless someone else already have a fix
in the pipeline?

:o)
Thomas Løcke
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/aws/attachments/20120110/dd6f68e8/attachment.htm

Previous message: [AWS] Cookie bug
Next message: [AWS] Cookie bug
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AWS mailing list