From 1df21130122cc42f593f34a3984734f6f9ad5095 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Thu, 8 Jun 2017 12:23:27 +0200
Subject: Crash cookie parsing with badarg on error

---
 src/cow_cookie.erl | 46 ++++++++++++++++++++++++++--------------------
 1 file changed, 26 insertions(+), 20 deletions(-)

(limited to 'src/cow_cookie.erl')

diff --git a/src/cow_cookie.erl b/src/cow_cookie.erl
index b31a528..7ee067a 100644
--- a/src/cow_cookie.erl
+++ b/src/cow_cookie.erl
@@ -25,7 +25,7 @@
 
 %% @doc Parse a cookie header string and return a list of key/values.
 
--spec parse_cookie(binary()) -> [{binary(), binary()}] | {error, badarg}.
+-spec parse_cookie(binary()) -> [{binary(), binary()}].
 parse_cookie(Cookie) ->
 	parse_cookie(Cookie, []).
 
@@ -54,27 +54,27 @@ skip_cookie(<< _, Rest/binary >>, Acc) ->
 	skip_cookie(Rest, Acc).
 
 parse_cookie_name(<<>>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $=, _/binary >>, _, <<>>) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $=, Rest/binary >>, Acc, Name) ->
 	parse_cookie_value(Rest, Acc, Name, <<>>);
 parse_cookie_name(<< $,, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $;, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\s, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\t, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\r, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\n, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\013, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< $\014, _/binary >>, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_name(<< C, Rest/binary >>, Acc, Name) ->
 	parse_cookie_name(Rest, Acc, << Name/binary, C >>).
 
@@ -83,15 +83,15 @@ parse_cookie_value(<<>>, Acc, Name, Value) ->
 parse_cookie_value(<< $;, Rest/binary >>, Acc, Name, Value) ->
 	parse_cookie(Rest, [{Name, parse_cookie_trim(Value)}|Acc]);
 parse_cookie_value(<< $\t, _/binary >>, _, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_value(<< $\r, _/binary >>, _, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_value(<< $\n, _/binary >>, _, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_value(<< $\013, _/binary >>, _, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_value(<< $\014, _/binary >>, _, _, _) ->
-	{error, badarg};
+	error(badarg);
 parse_cookie_value(<< C, Rest/binary >>, Acc, Name, Value) ->
 	parse_cookie_value(Rest, Acc, Name, << Value/binary, C >>).
 
@@ -148,17 +148,23 @@ parse_cookie_test_() ->
 		]},
 		%% Potential edge cases (initially from Mochiweb).
 		{<<"foo=\\x">>, [{<<"foo">>, <<"\\x">>}]},
-		{<<"=">>, {error, badarg}},
-		{<<"  foo ; bar  ">>, {error, badarg}},
 		{<<"foo=;bar=">>, [{<<"foo">>, <<>>}, {<<"bar">>, <<>>}]},
-		{<<"foo=\\\";;bar ">>, {error, badarg}},
 		{<<"foo=\\\";;bar=good ">>,
 			[{<<"foo">>, <<"\\\"">>}, {<<"bar">>, <<"good">>}]},
-		{<<"foo=\"\\\";bar">>, {error, badarg}},
 		{<<>>, []}, %% Flash player.
 		{<<"foo=bar , baz=wibble ">>, [{<<"foo">>, <<"bar , baz=wibble">>}]}
 	],
 	[{V, fun() -> R = parse_cookie(V) end} || {V, R} <- Tests].
+
+parse_cookie_error_test_() ->
+	%% Value.
+	Tests = [
+		<<"=">>,
+		<<"  foo ; bar  ">>,
+		<<"foo=\\\";;bar ">>,
+		<<"foo=\"\\\";bar">>
+	],
+	[{V, fun() -> {'EXIT', {badarg, _}} = (catch parse_cookie(V)) end} || V <- Tests].
 -endif.
 
 %% @doc Convert a cookie name, value and options to its iodata form.
-- 
cgit v1.2.3