From 533083e4983df98531c79286e6583b98b99a4c30 Mon Sep 17 00:00:00 2001
From: Jacek Caban <jacek@codeweavers.com>
Date: Fri, 5 Oct 2018 14:59:10 +0200
Subject: [PATCH] winhttp: Make cookie access thread safe.

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/winhttp/cookie.c          | 32 ++++++++++++++++++++++----------
 dlls/winhttp/session.c         |  4 ++++
 dlls/winhttp/winhttp_private.h |  1 +
 3 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/dlls/winhttp/cookie.c b/dlls/winhttp/cookie.c
index 63cbde7c3df..668daba5fa4 100644
--- a/dlls/winhttp/cookie.c
+++ b/dlls/winhttp/cookie.c
@@ -116,24 +116,28 @@ static BOOL add_cookie( session_t *session, cookie_t *cookie, WCHAR *domain_name
     cookie_t *old_cookie;
     struct list *item;
 
+    if (!(cookie->path = strdupW( path ))) return FALSE;
+
+    EnterCriticalSection( &session->cs );
+
     LIST_FOR_EACH( item, &session->cookie_cache )
     {
         domain = LIST_ENTRY( item, domain_t, entry );
         if (domain_match( domain_name, domain, FALSE )) break;
         domain = NULL;
     }
-    if (!domain)
-    {
-        if (!(domain = add_domain( session, domain_name ))) return FALSE;
-    }
+    if (!domain) domain = add_domain( session, domain_name );
     else if ((old_cookie = find_cookie( domain, path, cookie->name ))) delete_cookie( old_cookie );
 
-    cookie->path = strdupW( path );
-    list_add_head( &domain->cookies, &cookie->entry );
+    if (domain)
+    {
+        list_add_head( &domain->cookies, &cookie->entry );
+        TRACE("domain %s path %s <- %s=%s\n", debugstr_w(domain_name), debugstr_w(cookie->path),
+              debugstr_w(cookie->name), debugstr_w(cookie->value));
+    }
 
-    TRACE("domain %s path %s <- %s=%s\n", debugstr_w(domain_name), debugstr_w(cookie->path),
-          debugstr_w(cookie->name), debugstr_w(cookie->value));
-    return TRUE;
+    LeaveCriticalSection( &session->cs );
+    return domain != NULL;
 }
 
 static cookie_t *parse_cookie( const WCHAR *string )
@@ -303,6 +307,8 @@ BOOL add_cookie_headers( request_t *request )
     struct list *domain_cursor;
     session_t *session = request->connect->session;
 
+    EnterCriticalSection( &session->cs );
+
     LIST_FOR_EACH( domain_cursor, &session->cookie_cache )
     {
         domain_t *domain = LIST_ENTRY( domain_cursor, domain_t, entry );
@@ -325,7 +331,11 @@ BOOL add_cookie_headers( request_t *request )
 
                     len = len_cookie + len_name;
                     if (cookie->value) len += strlenW( cookie->value ) + 1;
-                    if (!(header = heap_alloc( (len + 1) * sizeof(WCHAR) ))) return FALSE;
+                    if (!(header = heap_alloc( (len + 1) * sizeof(WCHAR) )))
+                    {
+                        LeaveCriticalSection( &session->cs );
+                        return FALSE;
+                    }
 
                     memcpy( header, cookieW, len_cookie * sizeof(WCHAR) );
                     strcpyW( header + len_cookie, cookie->name );
@@ -343,5 +353,7 @@ BOOL add_cookie_headers( request_t *request )
             }
         }
     }
+
+    LeaveCriticalSection( &session->cs );
     return TRUE;
 }
diff --git a/dlls/winhttp/session.c b/dlls/winhttp/session.c
index 061091547a3..7078e47473e 100644
--- a/dlls/winhttp/session.c
+++ b/dlls/winhttp/session.c
@@ -102,6 +102,8 @@ static void session_destroy( object_header_t *hdr )
         domain = LIST_ENTRY( item, domain_t, entry );
         delete_domain( domain );
     }
+    session->cs.DebugInfo->Spare[0] = 0;
+    DeleteCriticalSection( &session->cs );
     heap_free( session->agent );
     heap_free( session->proxy_server );
     heap_free( session->proxy_bypass );
@@ -279,6 +281,8 @@ HINTERNET WINAPI WinHttpOpen( LPCWSTR agent, DWORD access, LPCWSTR proxy, LPCWST
     session->receive_timeout = DEFAULT_RECEIVE_TIMEOUT;
     session->receive_response_timeout = DEFAULT_RECEIVE_RESPONSE_TIMEOUT;
     list_init( &session->cookie_cache );
+    InitializeCriticalSection( &session->cs );
+    session->cs.DebugInfo->Spare[0] = (DWORD_PTR)(__FILE__ ": session.cs");
 
     if (agent && !(session->agent = strdupW( agent ))) goto end;
     if (access == WINHTTP_ACCESS_TYPE_DEFAULT_PROXY)
diff --git a/dlls/winhttp/winhttp_private.h b/dlls/winhttp/winhttp_private.h
index cac87bb6f2a..2ea798bb12f 100644
--- a/dlls/winhttp/winhttp_private.h
+++ b/dlls/winhttp/winhttp_private.h
@@ -85,6 +85,7 @@ typedef struct {
 typedef struct
 {
     object_header_t hdr;
+    CRITICAL_SECTION cs;
     LPWSTR agent;
     DWORD access;
     int resolve_timeout;