diff options
author | Paul Dreik <github@pauldreik.se> | 2019-10-03 10:57:09 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-10-03 15:43:50 +0200 |
commit | 13ecc0725f723ce7068c114610f6d1418945705a (patch) | |
tree | e3c3c0670873617b4fea2f8f180c174c6a3bf5eb /lib/vquic | |
parent | 0b386392d60360bd642e0f115249debea3367913 (diff) |
cookie: avoid harmless use after free
This fix removes a use after free which can be triggered by
the internal cookie fuzzer, but otherwise is probably
impossible to trigger from an ordinary application.
The following program reproduces it:
curl_global_init(CURL_GLOBAL_DEFAULT);
CURL* handle=curl_easy_init();
CookieInfo* info=Curl_cookie_init(handle,NULL,NULL,false);
curl_easy_setopt(handle, CURLOPT_COOKIEJAR, "/dev/null");
Curl_flush_cookies(handle, true);
Curl_cookie_cleanup(info);
curl_easy_cleanup(handle);
curl_global_cleanup();
This was found through fuzzing.
Closes #4454
Diffstat (limited to 'lib/vquic')
0 files changed, 0 insertions, 0 deletions