git.ipfire.org Git - thirdparty/curl.git/commit

]> git.ipfire.org Git - thirdparty/curl.git/commit

projects / thirdparty / curl.git / commit

author	Daniel Stenberg <daniel@haxx.se>
	Tue, 4 Oct 2016 21:26:13 +0000 (23:26 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Mon, 31 Oct 2016 07:46:35 +0000 (08:46 +0100)
commit	c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5
tree	796903dc1b07470871b957ffd4a20d22038bc2a5	tree \| snapshot
parent	fba28277ca17cb102209772e8bb214854a05cc6a	commit \| diff

cookies: getlist() now holds deep copies of all cookies

Previously it only held references to them, which was reckless as the
thread lock was released so the cookies could get modified by other
handles that share the same cookie jar over the share interface.

CVE-2016-8623

Bug: https://curl.haxx.se/docs/adv_20161102I.html
Reported-by: Cure53

lib/cookie.c		diff \| blob \| blame \| history
lib/cookie.h		diff \| blob \| blame \| history
lib/http.c		diff \| blob \| blame \| history

Mirror of https://github.com/curl/curl.git

RSS Atom