From d5b6608da57741462ac13509cb81a7b1af295cff Mon Sep 17 00:00:00 2001
From: Brian France <bfrance@php.net>
Date: Wed, 11 Feb 2004 19:00:42 +0000
Subject: 	Added checks for invalid characters in a cookie name or cookie
 data from setrawcookie

---
 ext/standard/head.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'ext/standard/head.c')

diff --git a/ext/standard/head.c b/ext/standard/head.c
index 9594276b8c..096abbc6c7 100644
--- a/ext/standard/head.c
+++ b/ext/standard/head.c
@@ -74,6 +74,16 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
 	sapi_header_line ctr = {0};
 	int result;
 	
+	if (name && strpbrk(name, "=,; \t\r\n\013\014") != NULL) {   /* man isspace for \013 and \014 */
+		zend_error( E_WARNING, "Cookie names can not contain any of the folllowing '=,; \\t\\r\\n\\013\\014' (%s)", name );
+		return FAILURE;
+	}
+
+	if (!url_encode && value && strpbrk(value, ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
+		zend_error( E_WARNING, "Cookie values can not contain any of the folllowing ',; \\t\\r\\n\\013\\014' (%s)", value );
+		return FAILURE;
+	}
+
 	len += name_len;
 	if (value && url_encode) {
 		int encoded_value_len;
-- 
cgit v1.2.1