diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-10-04 23:26:13 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-10-31 08:46:35 +0100 |
commit | c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5 (patch) | |
tree | 796903dc1b07470871b957ffd4a20d22038bc2a5 /lib/vtls/cyassl.h | |
parent | fba28277ca17cb102209772e8bb214854a05cc6a (diff) |
cookies: getlist() now holds deep copies of all cookies
Previously it only held references to them, which was reckless as the
thread lock was released so the cookies could get modified by other
handles that share the same cookie jar over the share interface.
CVE-2016-8623
Bug: https://curl.haxx.se/docs/adv_20161102I.html
Reported-by: Cure53
Diffstat (limited to 'lib/vtls/cyassl.h')
0 files changed, 0 insertions, 0 deletions