[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 237/256: cookie: fix memory leak on oversized rejec
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 237/256: cookie: fix memory leak on oversized rejection |
|
Date: |
Fri, 06 Oct 2017 19:45:28 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 20ea22ff735097a02721fcb5cd44433973af6190
Author: Daniel Stenberg <address@hidden>
AuthorDate: Fri Sep 29 08:50:15 2017 +0200
cookie: fix memory leak on oversized rejection
Regression brought by 2bc230de63b
Detected by OSS-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513
Assisted-by: Max Dymond
Closes #1930
---
lib/cookie.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/cookie.c b/lib/cookie.c
index 0374f94c1..1d7defd84 100644
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -438,7 +438,7 @@ Curl_cookie_add(struct Curl_easy *data,
/* too long individual name or contents, or too long combination of
name + contents. Chrome and Firefox support 4095 or 4096 bytes
combo. */
- free(co);
+ freecookie(co);
infof(data, "oversized cookie dropped, name/val %d + %d bytes\n",
nlen, len);
return NULL;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 195/256: rtsp: Segfault in rtsp.c when using WRITEDATA, (continued)
- [GNUnet-SVN] [gnurl] 195/256: rtsp: Segfault in rtsp.c when using WRITEDATA, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 253/256: build-openssl.bat: Warn OpenSSL 1.1.0 not yet supported, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 30/256: metalink: adjust source code style, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 149/256: docs/curl_mime_*.3: added examples, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 93/256: configure: allow setting the default SSL backend, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 224/256: metalink: fix NSS issue in MultiSSL builds, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 198/256: non-ascii: use iconv() with 'char **' argument, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 136/256: RELEASE-NOTES: synced with 1ab9e9b50, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 189/256: code style: remove wrong uses of multiple spaces, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 166/256: travis: add c-ares enabled builds linux + osx, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 237/256: cookie: fix memory leak on oversized rejection,
gnunet <=
- [GNUnet-SVN] [gnurl] 212/256: smtp: fix memory leak in OOM, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 254/256: THANKS: added new 7.56.0 contributors, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 251/256: vtls: compare and clone ssl configs properly, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 203/256: socks: fix incorrect port number in SOCKS4 error message, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 138/256: curl.h: make the curl_strequal() protos use the same style, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 37/256: RELEASE-NOTES: synced with 8baead425, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 127/256: mime: use in curl cli tool instead of form API., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 158/256: mime: replace 'struct Curl_mimepart' by 'curl_mimepart' in encoder code., gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 71/256: vtls: move the SUPPORT_HTTPS_PROXY flag into the Curl_ssl struct, gnunet, 2017/10/06
- [GNUnet-SVN] [gnurl] 75/256: axtls: use Curl_none_* versions of init() and cleanup(), gnunet, 2017/10/06