From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 19 Sep 2025 13:59:57 +0000 (+0200)
Subject: cookie: avoid saving a cookie file if no transfer was done
X-Git-Tag: rc-8_17_0-1~340
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fd6eb8d6e77d95e71c0c55678b46173b21edd1e9;p=thirdparty%2Fcurl.git

cookie: avoid saving a cookie file if no transfer was done

Because parts of the cookie loading happens on transfer start the
in-memory cookie jar risks being incomplete and then a save might
wrongly truncate the target file.

Added test 1902 to verify.

Reported-by: divinity76 on github
Fixes #18621
Closes #18622
---

diff --git a/lib/cookie.c b/lib/cookie.c
index 35d33268f9..90d375a761 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -1658,18 +1658,18 @@ void Curl_flush_cookies(struct Curl_easy *data, bool cleanup)
 {
   CURLcode res;
 
-  if(data->set.str[STRING_COOKIEJAR]) {
-    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-
+  Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
+  /* only save the cookie file if a transfer was started (data->state.url is
+     set), as otherwise the cookies were not completely initialized and there
+     might be cookie files that weren't loaded so saving the file is the wrong
+     thing. */
+  if(data->set.str[STRING_COOKIEJAR] && data->state.url) {
     /* if we have a destination file for all the cookies to get dumped to */
     res = cookie_output(data, data->cookies, data->set.str[STRING_COOKIEJAR]);
     if(res)
       infof(data, "WARNING: failed to save cookies in %s: %s",
             data->set.str[STRING_COOKIEJAR], curl_easy_strerror(res));
   }
-  else {
-    Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-  }
 
   if(cleanup && (!data->share || (data->cookies != data->share->cookies))) {
     Curl_cookie_cleanup(data->cookies);
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 4523de4886..dfff012257 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -232,7 +232,7 @@ test1708 test1709 test1710 \
 \
 test1800 test1801 \
 \
-test1900 test1901          test1903 test1904 test1905 test1906 test1907 \
+test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 \
 test1908 test1909 test1910 test1911 test1912 test1913 test1914 test1915 \
 test1916 test1917 test1918 test1919 \
 \
diff --git a/tests/data/test1902 b/tests/data/test1902
new file mode 100644
index 0000000000..7bf70e9068
--- /dev/null
+++ b/tests/data/test1902
@@ -0,0 +1,43 @@
+<testcase>
+<info>
+<keywords>
+cookies
+</keywords>
+</info>
+
+# Client-side
+<client>
+
+<name>
+set COOKIEFILE and COOKIEJAR but make no transfer
+</name>
+<features>
+cookies
+</features>
+<tool>
+lib%TESTNUMBER
+</tool>
+
+<command>
+%LOGDIR/cookie%TESTNUMBER
+</command>
+<file name="%LOGDIR/cookie%TESTNUMBER">
+# Netscape HTTP Cookie File
+# https://curl.se/docs/http-cookies.html
+# This file was generated by libcurl! Edit at your own risk.
+
+example.com	FALSE	/	FALSE	0	has_js	1
+</file>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<file name="%LOGDIR/cookie%TESTNUMBER">
+# Netscape HTTP Cookie File
+# https://curl.se/docs/http-cookies.html
+# This file was generated by libcurl! Edit at your own risk.
+
+example.com	FALSE	/	FALSE	0	has_js	1
+</file>
+</verify>
+</testcase>
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 40ec0d1559..00273f9e9d 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -90,7 +90,7 @@ TESTS_C = \
   lib1591.c lib1592.c lib1593.c lib1594.c                     lib1597.c \
   lib1598.c lib1599.c \
   lib1662.c \
-  lib1900.c lib1901.c           lib1903.c lib1905.c lib1906.c lib1907.c \
+  lib1900.c lib1901.c lib1902.c lib1903.c lib1905.c lib1906.c lib1907.c \
   lib1908.c           lib1910.c lib1911.c lib1912.c lib1913.c \
   lib1915.c lib1916.c           lib1918.c lib1919.c \
   lib1933.c lib1934.c lib1935.c lib1936.c lib1937.c lib1938.c lib1939.c \
diff --git a/tests/libtest/lib1902.c b/tests/libtest/lib1902.c
new file mode 100644
index 0000000000..8e5929e338
--- /dev/null
+++ b/tests/libtest/lib1902.c
@@ -0,0 +1,48 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "first.h"
+
+#include "memdebug.h"
+
+static CURLcode test_lib1902(const char *URL)
+{
+  CURLcode res = CURLE_OK;
+  CURL *curl;
+
+  curl_global_init(CURL_GLOBAL_ALL);
+
+  curl = curl_easy_init();
+  if(curl) {
+    easy_setopt(curl, CURLOPT_COOKIEFILE, URL);
+    easy_setopt(curl, CURLOPT_COOKIEJAR,  URL);
+
+    /* Do not perform any actual network operation,
+       the issue occur when not calling curl.*perform */
+  }
+
+test_cleanup:
+  curl_easy_cleanup(curl);
+  curl_global_cleanup();
+  return res;
+}