cookie: do not store the expire or max-age strings

Convert it to an expire time at once and save memory. Closes #11862
2025-03-31 16:00:35 +08:00 · 2023-09-15 09:17:34 +02:00 · 2023-09-15 09:17:34 +02:00 · 8c285a76ee
commit 8c285a76ee
parent 61275672b4
2 changed files with 45 additions and 58 deletions
--- a/lib/cookie.c
+++ b/lib/cookie.c
@ -112,13 +112,11 @@ static void strstore(char **str, const char *newstr, size_t len);

 static void freecookie(struct Cookie *co)
 {
-  free(co->expirestr);
  free(co->domain);
  free(co->path);
  free(co->spath);
  free(co->name);
  free(co->value);
-  free(co->maxage);
  free(co);
 }

@ -729,17 +727,55 @@ Curl_cookie_add(struct Curl_easy *data,
           * client should discard the cookie.  A value of zero means the
           * cookie should be discarded immediately.
           */
-          strstore(&co->maxage, valuep, vlen);
-          if(!co->maxage) {
-            badcookie = TRUE;
+          CURLofft offt;
+          const char *maxage = valuep;
+          offt = curlx_strtoofft((*maxage == '\"')?
+                                 &maxage[1]:&maxage[0], NULL, 10,
+                                 &co->expires);
+          switch(offt) {
+          case CURL_OFFT_FLOW:
+            /* overflow, used max value */
+            co->expires = CURL_OFF_T_MAX;
+            break;
+          case CURL_OFFT_INVAL:
+            /* negative or otherwise bad, expire */
+            co->expires = 1;
+            break;
+          case CURL_OFFT_OK:
+            if(!co->expires)
+              /* already expired */
+              co->expires = 1;
+            else if(CURL_OFF_T_MAX - now < co->expires)
+              /* would overflow */
+              co->expires = CURL_OFF_T_MAX;
+            else
+              co->expires += now;
            break;
          }
        }
        else if((nlen == 7) && strncasecompare("expires", namep, 7)) {
-          strstore(&co->expirestr, valuep, vlen);
-          if(!co->expirestr) {
-            badcookie = TRUE;
-            break;
+          char date[128];
+          if(!co->expires && (vlen < sizeof(date))) {
+            /* copy the date so that it can be null terminated */
+            memcpy(date, valuep, vlen);
+            date[vlen] = 0;
+            /*
+             * Let max-age have priority.
+             *
+             * If the date cannot get parsed for whatever reason, the cookie
+             * will be treated as a session cookie
+             */
+            co->expires = Curl_getdate_capped(date);
+
+            /*
+             * Session cookies have expires set to 0 so if we get that back
+             * from the date parser let's add a second to make it a
+             * non-session cookie
+             */
+            if(co->expires == 0)
+              co->expires = 1;
+            else if(co->expires < 0)
+              co->expires = 0;
          }
        }

@ -759,49 +795,6 @@ Curl_cookie_add(struct Curl_easy *data,
        break;
    } while(1);

-    if(co->maxage) {
-      CURLofft offt;
-      offt = curlx_strtoofft((*co->maxage == '\"')?
-                             &co->maxage[1]:&co->maxage[0], NULL, 10,
-                             &co->expires);
-      switch(offt) {
-      case CURL_OFFT_FLOW:
-        /* overflow, used max value */
-        co->expires = CURL_OFF_T_MAX;
-        break;
-      case CURL_OFFT_INVAL:
-        /* negative or otherwise bad, expire */
-        co->expires = 1;
-        break;
-      case CURL_OFFT_OK:
-        if(!co->expires)
-          /* already expired */
-          co->expires = 1;
-        else if(CURL_OFF_T_MAX - now < co->expires)
-          /* would overflow */
-          co->expires = CURL_OFF_T_MAX;
-        else
-          co->expires += now;
-        break;
-      }
-    }
-    else if(co->expirestr) {
-      /*
-       * Note that if the date couldn't get parsed for whatever reason, the
-       * cookie will be treated as a session cookie
-       */
-      co->expires = Curl_getdate_capped(co->expirestr);
-
-      /*
-       * Session cookies have expires set to 0 so if we get that back from the
-       * date parser let's add a second to make it a non-session cookie
-       */
-      if(co->expires == 0)
-        co->expires = 1;
-      else if(co->expires < 0)
-        co->expires = 0;
-    }
-
    if(!badcookie && !co->domain) {
      if(domain) {
        /* no domain was given in the header line, set the default */
@ -1154,8 +1147,6 @@ Curl_cookie_add(struct Curl_easy *data,
    free(clist->domain);
    free(clist->path);
    free(clist->spath);
-    free(clist->expirestr);
-    free(clist->maxage);

    *clist = *co;  /* then store all the new data */

@ -1362,13 +1353,11 @@ static struct Cookie *dup_cookie(struct Cookie *src)
 {
  struct Cookie *d = calloc(sizeof(struct Cookie), 1);
  if(d) {
-    CLONE(expirestr);
    CLONE(domain);
    CLONE(path);
    CLONE(spath);
    CLONE(name);
    CLONE(value);
-    CLONE(maxage);
    d->expires = src->expires;
    d->tailmatch = src->tailmatch;
    d->secure = src->secure;
--- a/lib/cookie.h
+++ b/lib/cookie.h
@ -35,8 +35,6 @@ struct Cookie {
  char *spath;        /* sanitized cookie path */
  char *domain;      /* domain = <this> */
  curl_off_t expires;  /* expires = <this> */
-  char *expirestr;   /* the plain text version */
-  char *maxage;      /* Max-Age = <value> */
  bool tailmatch;    /* whether we do tail-matching of the domain name */
  bool secure;       /* whether the 'secure' keyword was used */
  bool livecookie;   /* updated from a server, not a stored file */