From 41ff64d7f1615325cbf04b2249a3e9b06f42e704 Mon Sep 17 00:00:00 2001
From: Ed Tanous <ed.tanous@intel.com>
Date: Tue, 30 Jan 2018 13:13:38 -0800
Subject: Fix off by one error in cookie authentication

sizeof(const char*) will include the size of the null terminator at the
end.  Fix that.

Change-Id: Ia7c5ce4788bf0d2a5240d9df9684a2d93f791e58
---
 include/token_authorization_middleware.hpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/token_authorization_middleware.hpp')

diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp
index bbbaa156eb..809902022f 100644
--- a/include/token_authorization_middleware.hpp
+++ b/include/token_authorization_middleware.hpp
@@ -138,7 +138,7 @@ class Middleware {
     if (start_index == std::string::npos) {
       return nullptr;
     }
-    start_index += sizeof("SESSION=");
+    start_index += sizeof("SESSION=") - 1;
     auto end_index = cookie_value.find(";", start_index);
     if (end_index == std::string::npos) {
       end_index = cookie_value.size();
-- 
cgit v1.2.3