cookie: treat cookie name case sensitively

2024-12-09 09:04:47 +00:00 · 2024-12-09 09:04:47 +00:00 · 2c145170bb
commit 2c145170bb
parent a7e01fa8e8
2 changed files with 62 additions and 1 deletions
--- a/backport-cookie-treat-cookie-name-case-sensitively.patch
+++ b/backport-cookie-treat-cookie-name-case-sensitively.patch
@ -0,0 +1,54 @@
+From 9919149aef67014150e2a1c75a7aa2c79204e30d Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 6 Nov 2024 11:26:25 +0100
+Subject: [PATCH] cookie: treat cookie name case sensitively
+
+Extend test 31 to verify
+
+Reported-by: delogicsreal on github
+Fixes #15492
+Closes #15493
+
+Conflict:context adapt
+Reference:https://github.com/curl/curl/commit/9919149aef67014150e2a1c75a7aa2c79204e30d
+---
+ lib/cookie.c      | 2 +-
+ tests/data/test31 | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index ca8c3c596..e37d58f1d 100644
+--- a/lib/cookie.c
+++ b/lib/cookie.c
+@@ -989,7 +989,7 @@ replace_existing(struct Curl_easy *data,
+   clist = c->cookies[myhash];
+   replace_old = FALSE;
+   while(clist) {
+-    if(strcasecompare(clist->name, co->name)) {
+    if(!strcmp(clist->name, co->name)) {
+       /* the names are identical */
+ 
+       if(clist->domain && co->domain) {
+diff --git a/tests/data/test31 b/tests/data/test31
+index d9d073996..2d411b5cd 100644
+--- a/tests/data/test31
+++ b/tests/data/test31
+@@ -26,6 +26,7 @@ Set-Cookie: blankdomain=sure; domain=; path=/
+ Funny-head: yesyes
+ Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure
+ Set-Cookie:ismatch=this  ; domain=127.0.0.1; path=/silly/
+Set-Cookie:ISMATCH=this  ; domain=127.0.0.1; path=/silly/
+ Set-Cookie: overwrite=this  ; domain=127.0.0.1; path=/overwrite/
+ Set-Cookie: overwrite=this2  ; domain=127.0.0.1; path=/overwrite
+ Set-Cookie: sec1value=secure1  ; domain=127.0.0.1; path=/secure1/ ; secure
+@@ -181,6 +183,7 @@ 127.0.0.1	FALSE	/we/want/	FALSE	2118138987	nodomain	value
+ #HttpOnly_127.0.0.1	FALSE	/p2/	FALSE	0	httpo2	value2
+ #HttpOnly_127.0.0.1	FALSE	/p1/	FALSE	0	httpo1	value1
+ 127.0.0.1	FALSE	/overwrite	FALSE	0	overwrite	this2
+127.0.0.1	FALSE	/silly/	FALSE	0	ISMATCH	this
+ 127.0.0.1	FALSE	/silly/	FALSE	0	ismatch	this
+ </file>
+ </verify>
+-- 
+2.33.0
+
--- a/curl.spec
+++ b/curl.spec
@ -6,7 +6,7 @@

 Name:           curl
 Version:        7.71.1
-Release:        38
+Release:        39
 Summary:        Curl is used in command lines or scripts to transfer data
 License:        MIT
 URL:            https://curl.haxx.se/
@ -87,6 +87,7 @@ Patch174:       backport-0002-CVE-2024-7264.patch
 Patch175:       backport-CVE-2024-8096-gtls-fix-OCSP-stapling-management.patch
 Patch176:       backport-url-allow-DoH-transfers-to-override-max-connection-limit.patch
 Patch177:       backport-multi-check-that-the-multi-handle-is-valid-in-curl_m.patch
+Patch178:       backport-cookie-treat-cookie-name-case-sensitively.patch

 BuildRequires:  automake brotli-devel coreutils gcc groff krb5-devel
 BuildRequires:  libidn2-devel libnghttp2-devel libpsl-devel
@ -251,6 +252,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
 %{_mandir}/man3/*

 %changelog
+* Mon Dec 09 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.71.1-39
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:cookie: treat cookie name case sensitively
+
 * Sat Nov 30 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.71.1-38
 - Type:bugfix
 - CVE:NA