diff options
author | chleun.moon <chleun.moon@samsung.com> | 2018-09-04 20:00:10 +0900 |
---|---|---|
committer | chleun.moon <chleun.moon@samsung.com> | 2018-09-04 20:02:59 +0900 |
commit | 2c680052ea4bebd0956749d31d733e10bc3ef784 (patch) | |
tree | d54e8d5f2eec56ddef00b64eed660c1f64a30cd7 | |
parent | 4b0ec45685c0f91b82121a633a31e40eb46b8f92 (diff) | |
download | libsoup-2c680052ea4bebd0956749d31d733e10bc3ef784.tar.gz libsoup-2c680052ea4bebd0956749d31d733e10bc3ef784.tar.bz2 libsoup-2c680052ea4bebd0956749d31d733e10bc3ef784.zip |
cookie-jar: bail if hostname is an empty string (CVE-2018-12910)submit/tizen_3.0/20180905.002012accepted/tizen/3.0/wearable/20180906.095341accepted/tizen/3.0/tv/20180906.095337accepted/tizen/3.0/mobile/20180906.095332accepted/tizen/3.0/common/20180906.114438tizen_3.0accepted/tizen_3.0_wearableaccepted/tizen_3.0_tvaccepted/tizen_3.0_mobileaccepted/tizen_3.0_common
https://nvd.nist.gov/vuln/detail/CVE-2018-12910
Change-Id: Icd72ec579aaf2e4d372be33ebb9346a34565d097
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
-rwxr-xr-x | libsoup/soup-cookie-jar.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libsoup/soup-cookie-jar.c b/libsoup/soup-cookie-jar.c index eac9cd96..fddf2ec8 100755 --- a/libsoup/soup-cookie-jar.c +++ b/libsoup/soup-cookie-jar.c @@ -307,7 +307,7 @@ get_cookies (SoupCookieJar *jar, SoupURI *uri, gboolean for_http, gboolean copy_ priv = SOUP_COOKIE_JAR_GET_PRIVATE (jar); - if (!uri->host) + if (!uri->host || !uri->host[0]) return NULL; /* The logic here is a little weird, but the plan is that if |