]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 49d75a4)
cookie: fix memory leak on oversized rejection
authorDaniel Stenberg <daniel@haxx.se>
Fri, 29 Sep 2017 06:50:15 +0000 (08:50 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Fri, 29 Sep 2017 10:06:34 +0000 (12:06 +0200)
Regression brought by 2bc230de63b

Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513
Assisted-by: Max Dymond
Closes #1930

lib/cookie.c patch | blob | history

diff --git a/lib/cookie.c b/lib/cookie.c
index 0374f94c16fd7a0e67ec6372c6c5892ee08bc4e8..1d7defd848683dfe05b62a38ccedbd9598de66de 100644 (file)
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -438,7 +438,7 @@ Curl_cookie_add(struct Curl_easy *data,
           /* too long individual name or contents, or too long combination of
              name + contents. Chrome and Firefox support 4095 or 4096 bytes
              combo. */
-          free(co);
+          freecookie(co);
           infof(data, "oversized cookie dropped, name/val %d + %d bytes\n",
                 nlen, len);
           return NULL;
Unnamed repository; edit this file 'description' to name the repository.