Check-in [88948d582a]
Not logged in
HomeFilesLeavesTimelineBranchesTagsTicketsWikiLogin
Overview

SHA1 Hash:88948d582aef0ade4c6b0f6c87b161cafb989c53
Date: 2008-02-16 18:49:39
User: stephan
Comment:Fixed memleaks of date-related header strings.
Timelines: ancestors | descendants | both | trunk
Other Links: files | ZIP archive | manifest

Tags And Properties
Changes
[hide diffs]

Modified src/cgi.c from [651d100b98] to [0e9e18ccfe]. 

@@ -202,11 +202,11 @@
 ){
   if( zPath==0 ) zPath = g.zTop;
   if( lifetime>0 ){
     lifetime += (int)time(0);
     blob_appendf(&extraHeader,
-       "Set-Cookie: %s=%t; Path=%s; expires=%s; Version=1\r\n",
+       "Set-Cookie: %s=%t; Path=%s; expires=%z; Version=1\r\n",
         zName, zValue, zPath, cgi_rfc822_datestamp(lifetime));
   }else{
     blob_appendf(&extraHeader,
        "Set-Cookie: %s=%t; Path=%s; Version=1\r\n",
        zName, zValue, zPath);
@@ -287,11 +287,13 @@
   }
 #endif
 
   if( fullHttpReply ){
     printf("HTTP/1.0 %d %s\r\n", iReplyStatus, zReplyStatus);
-    printf("Date: %s\r\n", cgi_rfc822_datestamp(time(0)));
+    char * zDate = cgi_rfc822_datestamp(time(0));
+    printf("Date: %s\r\n", zDate );
+    if( zDate[0] ) free( zDate );
     printf("Connection: close\r\n");
   }else{
     printf("Status: %d %s\r\n", iReplyStatus, zReplyStatus);
   }
 
@@ -308,11 +310,13 @@
     ** stale cache is the least of the problem. So we provide an Expires
     ** header set to a reasonable period (default: one week).
     */
     /*time_t expires = time(0) + atoi(db_config("constant_expires","604800"));*/
     time_t expires = time(0) + 604800;
-    printf( "Expires: %s\r\n", cgi_rfc822_datestamp(expires));
+    char * zDate = cgi_rfc822_datestamp(expires);
+    printf( "Expires: %s\r\n", zDate );
+    if( zDate[0] ) free( zDate );
   }
 
   /* Content intended for logged in users should only be cached in
   ** the browser, not some shared location.
   */
@@ -1249,10 +1253,12 @@
 
 /*
 ** Returns an RFC822-formatted time string suitable for HTTP headers, among
 ** other things.
 ** Returned timezone is always GMT as required by HTTP/1.1 specification.
+** The returned string is allocated with malloc() and must be freed
+** with free().
 **
 ** See http://www.faqs.org/rfcs/rfc822.html, section 5
 ** and http://www.faqs.org/rfcs/rfc2616.html, section 3.3.
 */
 char *cgi_rfc822_datestamp(time_t now){

Fossil version [c0211010a1] 2009-12-13 01:31:36