cookies: only use full host matches for hosts used as IP address

By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both send cookies to wrong sites and to allow arbitrary sites to set cookies for others. CVE-2014-3613 Bug: http://curl.haxx.se/docs/adv_20140910A.html
author: Tim Ruehsen <tim.ruehsen@gmx.de> 2014-08-19 21:01:28 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2014-09-10 07:32:36 +0200
commit: 8a75dbeb2305297640453029b7905ef51b87e8dd (patch)
tree: bcde17d8f36ceb90239db5eaa8f2dcb412875e66 /tests/data/test8
parent: 1ccfabb66d9fab9bc99b68d558692ddacbb587f4 (diff)
download: gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.tar.gz
gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.tar.bz2
gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/tests/data/test8 b/tests/data/test8
index 4d5454153..030fd55eb 100644
--- a/tests/data/test8
+++ b/tests/data/test8
@@ -42,7 +42,8 @@ Set-Cookie: duplicate=test; domain=.0.0.1; domain=.0.0.1; path=/donkey;
 Set-Cookie: cookie=yes; path=/we;
 Set-Cookie: cookie=perhaps; path=/we/want;
 Set-Cookie: nocookie=yes; path=/WE;
-Set-Cookie: blexp=yesyes; domain=.0.0.1; domain=.0.0.1; expiry=totally bad;
+Set-Cookie: blexp=yesyes; domain=%HOSTIP; domain=%HOSTIP; expiry=totally bad;
+Set-Cookie: partialip=nono; domain=.0.0.1;
 
 </file>
 <precheck>
author	Tim Ruehsen <tim.ruehsen@gmx.de>	2014-08-19 21:01:28 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2014-09-10 07:32:36 +0200
commit	8a75dbeb2305297640453029b7905ef51b87e8dd (patch)
tree	bcde17d8f36ceb90239db5eaa8f2dcb412875e66 /tests/data/test8
parent	1ccfabb66d9fab9bc99b68d558692ddacbb587f4 (diff)
download	gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.tar.gz gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.tar.bz2 gnurl-8a75dbeb2305297640453029b7905ef51b87e8dd.zip