Resolve: #1311907 - cookie: fix bug in export if any-domain cookie is present
This commit is contained in:
parent
c70c78b593
commit
0c9fbb7ebe
63
0005-curl-7.43.0-ef0fdb83.patch
Normal file
63
0005-curl-7.43.0-ef0fdb83.patch
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
From 635c0837cfb774053238a691378716286842d886 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Satiro <raysatiro@yahoo.com>
|
||||||
|
Date: Thu, 18 Jun 2015 19:35:04 -0400
|
||||||
|
Subject: [PATCH] cookie: Fix bug in export if any-domain cookie is present
|
||||||
|
|
||||||
|
In 3013bb6 I had changed cookie export to ignore any-domain cookies,
|
||||||
|
however the logic I used to do so was incorrect, and would lead to a
|
||||||
|
busy loop in the case of exporting a cookie list that contained
|
||||||
|
any-domain cookies. The result of that is worse though, because in that
|
||||||
|
case the other cookies would not be written resulting in an empty file
|
||||||
|
once the application is terminated to stop the busy loop.
|
||||||
|
|
||||||
|
Upstream-commit: ef0fdb83b89c87b63e94bf6ecdab5cd8c6458b2e
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/cookie.c | 9 ++-------
|
||||||
|
1 file changed, 2 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/cookie.c b/lib/cookie.c
|
||||||
|
index 94f2a8b..22730cf 100644
|
||||||
|
--- a/lib/cookie.c
|
||||||
|
+++ b/lib/cookie.c
|
||||||
|
@@ -1274,9 +1274,8 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere)
|
||||||
|
"# http://curl.haxx.se/docs/http-cookies.html\n"
|
||||||
|
"# This file was generated by libcurl! Edit at your own risk.\n\n",
|
||||||
|
out);
|
||||||
|
- co = c->cookies;
|
||||||
|
|
||||||
|
- while(co) {
|
||||||
|
+ for(co = c->cookies; co; co = co->next) {
|
||||||
|
if(!co->domain)
|
||||||
|
continue;
|
||||||
|
format_ptr = get_netscape_format(co);
|
||||||
|
@@ -1288,7 +1287,6 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere)
|
||||||
|
}
|
||||||
|
fprintf(out, "%s\n", format_ptr);
|
||||||
|
free(format_ptr);
|
||||||
|
- co=co->next;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1309,9 +1307,7 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data)
|
||||||
|
(data->cookies->numcookies == 0))
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
- c = data->cookies->cookies;
|
||||||
|
-
|
||||||
|
- while(c) {
|
||||||
|
+ for(c = data->cookies->cookies; c; c = c->next) {
|
||||||
|
if(!c->domain)
|
||||||
|
continue;
|
||||||
|
line = get_netscape_format(c);
|
||||||
|
@@ -1326,7 +1322,6 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data)
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
list = beg;
|
||||||
|
- c = c->next;
|
||||||
|
}
|
||||||
|
|
||||||
|
return list;
|
||||||
|
--
|
||||||
|
2.5.0
|
||||||
|
|
@ -1,7 +1,7 @@
|
|||||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||||
Name: curl
|
Name: curl
|
||||||
Version: 7.43.0
|
Version: 7.43.0
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
||||||
@ -19,6 +19,9 @@ Patch3: 0003-curl-7.43.0-958d2ffb.patch
|
|||||||
# match credentials when re-using a proxy connection (CVE-2016-0755)
|
# match credentials when re-using a proxy connection (CVE-2016-0755)
|
||||||
Patch4: 0004-curl-7.43.0-CVE-2016-0755.patch
|
Patch4: 0004-curl-7.43.0-CVE-2016-0755.patch
|
||||||
|
|
||||||
|
# cookie: fix bug in export if any-domain cookie is present (#1311907)
|
||||||
|
Patch5: 0005-curl-7.43.0-ef0fdb83.patch
|
||||||
|
|
||||||
# patch making libcurl multilib ready
|
# patch making libcurl multilib ready
|
||||||
Patch101: 0101-curl-7.32.0-multilib.patch
|
Patch101: 0101-curl-7.32.0-multilib.patch
|
||||||
|
|
||||||
@ -133,6 +136,7 @@ documentation of the library, too.
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
# Fedora patches
|
# Fedora patches
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
@ -252,6 +256,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_datadir}/aclocal/libcurl.m4
|
%{_datadir}/aclocal/libcurl.m4
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Feb 25 2016 Kamil Dudka <kdudka@redhat.com> 7.43.0-6
|
||||||
|
- cookie: fix bug in export if any-domain cookie is present (#1311907)
|
||||||
|
|
||||||
* Wed Jan 27 2016 Kamil Dudka <kdudka@redhat.com> 7.43.0-5
|
* Wed Jan 27 2016 Kamil Dudka <kdudka@redhat.com> 7.43.0-5
|
||||||
- match credentials when re-using a proxy connection (CVE-2016-0755)
|
- match credentials when re-using a proxy connection (CVE-2016-0755)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user