Catch ValueError on invalid cookie expiration dates.

doc/changelog.txt

@@ -31,6 +31,9 @@ Fixes:
 - logging: Close logger properly on I/O errors.
   Closes: SF bug #3567476
 - checking: Fix wrong method name when printing SSL certificate warnings.
+- checking: Catch ValueError on invalid cookie expiration dates.
+  Patch from Charles Jones.
+  Closes: SF bug #3575556
 
 
 8.0 "Luminaris" (released 2.9.2012)

linkcheck/cookies.py

@@ -119,7 +119,12 @@ class HttpCookie (object):
                 # note: even self.now + maxage can overflow
                 pass
         elif "expires" in self.attributes:
-            self.expire = cookielib.http2time(self.attributes["expires"])
+            expiration_date = self.attributes["expires"]
+            try:
+                self.expire = cookielib.http2time(expiration_date)
+            except ValueError:
+                # see http://bugs.python.org/issue16181
+                raise CookieError("Invalid expiration date in %r" % expiration_date)
 
     def is_expired (self, now=None):
         """Return True if this cookie is expired, else False."""

tests/test_cookies.py

@@ -151,6 +151,22 @@ class TestCookies (unittest.TestCase):
         self.assertRaises(linkcheck.cookies.CookieError,
                  linkcheck.cookies.NetscapeCookie, value, scheme, host, path)
 
+    def test_netscape_cookie9 (self):
+        # illegal expiration date
+        data = (
+            ("Foo", "Bar"),
+            ("Domain", "example.org"),
+            ("Expires", "Thu, 08-Oct-3697739 18:36:07 GMT"),
+            ("Path", "/"),
+        )
+        # note: values are without quotes
+        value = "; ".join('%s=%s' % (key, value) for key, value in data)
+        scheme = "http"
+        host = "example.org"
+        path = "/"
+        self.assertRaises(linkcheck.cookies.CookieError,
+                 linkcheck.cookies.NetscapeCookie, value, scheme, host, path)
+
     def test_rfc_cookie1 (self):
         data = (
             ("Foo", "Bar"),