- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed

                                  Changelog

Daniel Stenberg (25 May 2009)

- bug report #2796358 (http://curl.haxx.se/bug/view.cgi?id=2796358) pointed

  out that the cookie parser would leak memory when it parses cookies that are

  received with domain, path etc set multiple times in the same header. While

  such a cookie is questionable, they occur in the wild and libcurl no longer

  leaks memory for them. I added such a header to test case 8.

Daniel Fandrich (22 May 2009)

- Removed some obsolete digest code that caused a valgrind error in test 551.

This release includes the following bugfixes:

 o crash on bad socket close with FTP

 o leaking cookie memory when duplicate domains or paths were used

This release includes the following known bugs:

  }

}

/*

 * strstore() makes a strdup() on the 'newstr' and if '*str' is non-NULL

 * that will be freed before the allocated string is stored there.

 *

 * It is meant to easily replace strdup()

 */

static void strstore(char **str, const char *newstr)

{

  if(*str)

    free(*str);

  *str = strdup(newstr);

}

/****************************************************************************

 *

 * Curl_cookie_add()

        if(1 <= sscanf(ptr, "%" MAX_NAME_TXT "[^;=]=%"

                       MAX_COOKIE_LINE_TXT "[^;\r\n]",

                       name, what)) {

          /* this is a <name>=<what> pair */

          /* this is a <name>=<what> pair. We use strstore() below to properly

             deal with received cookie headers that have the same string

             property set more than once, and then we use the last one. */

          const char *whatptr;

          }

          if(Curl_raw_equal("path", name)) {

            co->path=strdup(whatptr);

            strstore(&co->path, whatptr);

            if(!co->path) {

              badcookie = TRUE; /* out of memory bad */

              break;

                const char *tailptr=whatptr;

                if(tailptr[0] == '.')

                  tailptr++;

                co->domain=strdup(tailptr); /* don't prefix w/dots

                strstore(&co->domain, tailptr); /* don't prefix w/dots

                                                   internally */

                if(!co->domain) {

                  badcookie = TRUE;

            }

          }

          else if(Curl_raw_equal("version", name)) {

            co->version=strdup(whatptr);

            strstore(&co->version, whatptr);

            if(!co->version) {

              badcookie = TRUE;

              break;

               cookie should be discarded immediately.

             */

            co->maxage = strdup(whatptr);

            strstore(&co->maxage, whatptr);

            if(!co->maxage) {

              badcookie = TRUE;

              break;

              (long)now;

          }

          else if(Curl_raw_equal("expires", name)) {

            co->expirestr=strdup(whatptr);

            strstore(&co->expirestr, whatptr);

            if(!co->expirestr) {

              badcookie = TRUE;

              break;

Set-Cookie: foobar=name; domain=127.0.0.1; path=/;

Set-Cookie: mismatch=this; domain=127.0.0.1; path="/silly/";

Set-Cookie: partmatch=present; domain=.0.0.1; path=/;

Set-Cookie: duplicate=test; domain=.0.0.1; domain=.0.0.1; path=/donkey;

Set-Cookie: cookie=yes; path=/we;

Set-Cookie: nocookie=yes; path=/WE;