aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls/cyassl.h
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2016-10-04 23:26:13 +0200
committerDaniel Stenberg <daniel@haxx.se>2016-10-31 08:46:35 +0100
commitc5be3d7267c725dbd093ff3a883e07ee8cf2a1d5 (patch)
tree796903dc1b07470871b957ffd4a20d22038bc2a5 /lib/vtls/cyassl.h
parentfba28277ca17cb102209772e8bb214854a05cc6a (diff)
cookies: getlist() now holds deep copies of all cookies
Previously it only held references to them, which was reckless as the thread lock was released so the cookies could get modified by other handles that share the same cookie jar over the share interface. CVE-2016-8623 Bug: https://curl.haxx.se/docs/adv_20161102I.html Reported-by: Cure53
Diffstat (limited to 'lib/vtls/cyassl.h')
0 files changed, 0 insertions, 0 deletions