From 8750582fc6f84abe0f9cc8f643300196ad131729 Mon Sep 17 00:00:00 2001
From: Wei Zhang <wei.zhang@r2.ai>
Date: Thu, 15 Nov 2018 15:35:22 +0800
Subject: [PATCH] lws_hdr_total_length: match lws_hdr_copy actual length also
 for COOKIE

---
 lib/roles/http/server/parsers.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/lib/roles/http/server/parsers.c b/lib/roles/http/server/parsers.c
index ce8832b76..c5617fccf 100644
--- a/lib/roles/http/server/parsers.c
+++ b/lib/roles/http/server/parsers.c
@@ -459,6 +459,10 @@ LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h)
 	do {
 		len += wsi->http.ah->frags[n].len;
 		n = wsi->http.ah->frags[n].nfrag;
+
+		if (n && h != WSI_TOKEN_HTTP_COOKIE)
+			++len;
+
 	} while (n);
 
 	return len;
@@ -500,6 +504,7 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
 {
 	int toklen = lws_hdr_total_length(wsi, h);
 	int n;
+	int comma;
 
 	*dst = '\0';
 	if (!toklen)
@@ -516,7 +521,9 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
 		return 0;
 
 	do {
-		if (wsi->http.ah->frags[n].len + 1 >= len)
+		comma = (wsi->http.ah->frags[n].nfrag && h != WSI_TOKEN_HTTP_COOKIE) ? 1 : 0;
+
+		if (wsi->http.ah->frags[n].len + comma >= len)
 			return -1;
 		strncpy(dst, &wsi->http.ah->data[wsi->http.ah->frags[n].offset],
 		        wsi->http.ah->frags[n].len);
@@ -524,9 +531,9 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
 		len -= wsi->http.ah->frags[n].len;
 		n = wsi->http.ah->frags[n].nfrag;
 
-		if (n)
-			if (h != WSI_TOKEN_HTTP_COOKIE)
-				*dst++ = ',';
+		if (comma)
+			*dst++ = ',';
+				
 	} while (n);
 	*dst = '\0';