Skip to content
Commit c5be3d72 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

cookies: getlist() now holds deep copies of all cookies

Previously it only held references to them, which was reckless as the
thread lock was released so the cookies could get modified by other
handles that share the same cookie jar over the share interface.

CVE-2016-8623

Bug: https://curl.haxx.se/docs/adv_20161102I.html
Reported-by: Cure53
parent fba28277
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment