`Nread` reads up *to* N bytes from the socket. Since we only check that we read more than 0 bytes, it's possible for the cookie buffer only be partially initialized (and may not contain a valid null terminated string). Initializing the buffer to 0 fixes this.
Also swap `strcmp` with `strncmp` since we know know exactly how long a cookie should be. This will help prevent any buffer overflows if the length of the cookie ever changes for some reason.