Fix crash when setting an invalid cookie (fixes issue #2657)

This commit is contained in:
Andrei Kurushin 2019-05-08 18:12:21 +00:00 committed by Marshall Greenblatt
parent 473c29a70d
commit 03c1c21fd3
3 changed files with 50 additions and 8 deletions

View File

@ -400,18 +400,26 @@ void CefCookieManagerOldImpl::SetCookieInternal(
if (cookie.has_expires)
cef_time_to_basetime(cookie.expires, expiration_time);
auto canonical_cookie = net::CanonicalCookie::CreateSanitizedCookie(
url, name, value, domain, path,
base::Time(), // Creation time.
expiration_time,
base::Time(), // Last access time.
cookie.secure ? true : false, cookie.httponly ? true : false,
net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT);
net::CookieOptions options;
if (cookie.httponly)
options.set_include_httponly();
cookie_store->SetCanonicalCookieAsync(
net::CanonicalCookie::CreateSanitizedCookie(
url, name, value, domain, path,
base::Time(), // Creation time.
expiration_time,
base::Time(), // Last access time.
cookie.secure ? true : false, cookie.httponly ? true : false,
net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT),
if (!canonical_cookie) {
SetCookieCallbackImpl(
callback,
net::CanonicalCookie::CookieInclusionStatus::EXCLUDE_UNKNOWN_ERROR);
return;
}
cookie_store->SetCanonicalCookieAsync(std::move(canonical_cookie),
url.scheme(), options, base::Bind(SetCookieCallbackImpl, callback));
}

View File

@ -209,6 +209,11 @@ bool CefCookieManagerImpl::SetCookie(const CefString& url,
cookie.secure ? true : false, cookie.httponly ? true : false,
net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT);
if (!canonical_cookie) {
SetCookieCallbackImpl(callback, false);
return true;
}
net::CookieOptions options;
if (cookie.httponly)
options.set_include_httponly();

View File

@ -300,6 +300,22 @@ void TestHostCookie(CefRefPtr<CefCookieManager> manager,
VerifyNoCookies(manager, event, true);
}
void TestInvalidCookie(CefRefPtr<CefCookieManager> manager,
CefRefPtr<CefWaitableEvent> event) {
CookieVector cookies;
CefCookie cookie;
const char* kUrl = "http://www.xyz.com";
CefString(&cookie.name).FromASCII("invalid1");
CefString(&cookie.value).FromASCII("invalid1");
CefString(&cookie.domain).FromASCII(".zyx.com"); // domain mismatch
cookies.push_back(cookie);
// No cookies will be set due to non canonical cookie
SetCookies(manager, kUrl, cookies, false, event);
}
void TestMultipleCookies(CefRefPtr<CefCookieManager> manager,
CefRefPtr<CefWaitableEvent> event) {
std::stringstream ss;
@ -474,6 +490,19 @@ void TestAllCookies(CefRefPtr<CefCookieManager> manager,
} // namespace
// Test creation of a invalid cookie.
TEST(CookieTest, BasicInvalidCookie) {
CefRefPtr<CefWaitableEvent> event =
CefWaitableEvent::CreateWaitableEvent(true, false);
CefRefPtr<CefCookieManager> manager =
CefCookieManager::GetGlobalManager(new TestCompletionCallback(event));
event->Wait();
EXPECT_TRUE(manager.get());
TestInvalidCookie(manager, event);
}
// Test creation of a domain cookie.
TEST(CookieTest, BasicDomainCookie) {
CefRefPtr<CefWaitableEvent> event =