|
1 From ceab2ea8f0c0fc4c4be219240ccf99ddc2de7b22 Mon Sep 17 00:00:00 2001 |
|
2 From: Daniel Stenberg <[email protected]> |
|
3 Date: Tue, 19 Aug 2014 21:11:20 +0200 |
|
4 Subject: [PATCH 2/2] cookies: reject incoming cookies set for TLDs |
|
5 |
|
6 Test 61 was modified to verify this. |
|
7 |
|
8 Reported-by: Tim Ruehsen |
|
9 --- |
|
10 lib/cookie.c | 6 ++++++ |
|
11 tests/data/test61 | 1 + |
|
12 2 files changed, 7 insertions(+) |
|
13 |
|
14 This problem has been fixed upstream in curl version 7.38.0 |
|
15 |
|
16 --- lib/cookie.c.orig 2014-09-04 10:48:44.170722741 -0700 |
|
17 +++ lib/cookie.c 2014-09-04 10:44:28.980086252 -0700 |
|
18 @@ -303,6 +303,7 @@ |
|
19 } |
|
20 else if(Curl_raw_equal("domain", name)) { |
|
21 bool is_ip; |
|
22 + const char *dotp; |
|
23 |
|
24 /* note that this name may or may not have a preceeding dot, but |
|
25 we don't care about that, we treat the names the same anyway */ |
|
26 @@ -347,6 +348,11 @@ |
|
27 |
|
28 is_ip = isip(domain ? domain : whatptr); |
|
29 |
|
30 + /* check for more dots */ |
|
31 + dotp = strchr(whatptr, '.'); |
|
32 + if(!dotp) |
|
33 + domain=":"; |
|
34 + |
|
35 if(!domain |
|
36 || (is_ip && !strcmp(whatptr, domain)) |
|
37 || (!is_ip && tailmatch(whatptr, domain))) { |
|
38 --- tests/data/test61.orig 2014-09-04 10:50:40.756783312 -0700 |
|
39 +++ tests/data/test61 2014-09-04 10:53:06.461671210 -0700 |
|
40 @@ -22,6 +22,8 @@ |
|
41 Set-Cookie: test3=maybe; domain=foo.com; path=/moo; secure |
|
42 Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure |
|
43 Set-Cookie: test5=name; domain=anything.com; path=/ ; secure |
|
44 +Set-Cookie: fake=fooledyou; domain=..com; path=/; |
|
45 +Set-Cookie: supercookie=fooledyou; domain=.com; path=/; |
|
46 Content-Length: 4 |
|
47 |
|
48 boo |