From 481cbc5ad578bbde804464487add074e8c7d1e76 Mon Sep 17 00:00:00 2001
From: Nicolas George <george@nsup.org>
Date: Sun, 17 Aug 2014 14:09:45 +0200
Subject: [PATCH] lavf/http: fix cookie parsing.

The current code would use any unknown attribute-value pair
as the cookie value.
RFC 6265 states that the first key-value pair is the actual
cookie, and the attribute-value pairs only start after.

With the current code:
Set-Cookie: test=good_value; path=/; dummy=42
gives this:
Cookie: dummy=42
instead of this with the new code:
Cookie: test=good_value
---
 libavformat/http.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/libavformat/http.c b/libavformat/http.c
index 7480834ec3..bd67645e46 100644
--- a/libavformat/http.c
+++ b/libavformat/http.c
@@ -565,8 +565,11 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path,
         set_cookies = NULL;
 
         while ((param = av_strtok(cookie, "; ", &next_param))) {
-            cookie = NULL;
-            if        (!av_strncasecmp("path=",   param, 5)) {
+            if (cookie) {
+                // first key-value pair is the actual cookie value
+                cvalue = av_strdup(param);
+                cookie = NULL;
+            } else if (!av_strncasecmp("path=",   param, 5)) {
                 av_free(cpath);
                 cpath = av_strdup(&param[5]);
             } else if (!av_strncasecmp("domain=", param, 7)) {
@@ -581,8 +584,7 @@ static int get_cookies(HTTPContext *s, char **cookies, const char *path,
                        !av_strncasecmp("version", param, 7)) {
                 // ignore Comment, Max-Age, Secure and Version
             } else {
-                av_free(cvalue);
-                cvalue = av_strdup(param);
+                // ignore unknown attributes
             }
         }
         if (!cdomain)