Fix crash when setting an invalid cookie (fixes issue #2657)

2025-02-02 20:26:59 +01:00 · 2019-05-08 18:12:21 +00:00 · 2019-05-08 18:12:21 +00:00 · 03c1c21fd3
commit 03c1c21fd3
parent 473c29a70d
3 changed files with 50 additions and 8 deletions
--- a/libcef/browser/net/cookie_manager_old_impl.cc
+++ b/libcef/browser/net/cookie_manager_old_impl.cc
@ -400,18 +400,26 @@ void CefCookieManagerOldImpl::SetCookieInternal(
  if (cookie.has_expires)
    cef_time_to_basetime(cookie.expires, expiration_time);

+  auto canonical_cookie = net::CanonicalCookie::CreateSanitizedCookie(
+      url, name, value, domain, path,
+      base::Time(),  // Creation time.
+      expiration_time,
+      base::Time(),  // Last access time.
+      cookie.secure ? true : false, cookie.httponly ? true : false,
+      net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT);
+
  net::CookieOptions options;
  if (cookie.httponly)
    options.set_include_httponly();

-  cookie_store->SetCanonicalCookieAsync(
-      net::CanonicalCookie::CreateSanitizedCookie(
-          url, name, value, domain, path,
-          base::Time(),  // Creation time.
-          expiration_time,
-          base::Time(),  // Last access time.
-          cookie.secure ? true : false, cookie.httponly ? true : false,
-          net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT),
+  if (!canonical_cookie) {
+    SetCookieCallbackImpl(
+        callback,
+        net::CanonicalCookie::CookieInclusionStatus::EXCLUDE_UNKNOWN_ERROR);
+    return;
+  }
+
+  cookie_store->SetCanonicalCookieAsync(std::move(canonical_cookie),
      url.scheme(), options, base::Bind(SetCookieCallbackImpl, callback));
 }

--- a/libcef/browser/net_service/cookie_manager_impl.cc
+++ b/libcef/browser/net_service/cookie_manager_impl.cc
@ -209,6 +209,11 @@ bool CefCookieManagerImpl::SetCookie(const CefString& url,
      cookie.secure ? true : false, cookie.httponly ? true : false,
      net::CookieSameSite::DEFAULT_MODE, net::COOKIE_PRIORITY_DEFAULT);

+  if (!canonical_cookie) {
+    SetCookieCallbackImpl(callback, false);
+    return true;
+  }
+
  net::CookieOptions options;
  if (cookie.httponly)
    options.set_include_httponly();
--- a/tests/ceftests/cookie_unittest.cc
+++ b/tests/ceftests/cookie_unittest.cc
@ -300,6 +300,22 @@ void TestHostCookie(CefRefPtr<CefCookieManager> manager,
  VerifyNoCookies(manager, event, true);
 }

+void TestInvalidCookie(CefRefPtr<CefCookieManager> manager,
+                       CefRefPtr<CefWaitableEvent> event) {
+  CookieVector cookies;
+
+  CefCookie cookie;
+  const char* kUrl = "http://www.xyz.com";
+  CefString(&cookie.name).FromASCII("invalid1");
+  CefString(&cookie.value).FromASCII("invalid1");
+  CefString(&cookie.domain).FromASCII(".zyx.com");  // domain mismatch
+
+  cookies.push_back(cookie);
+
+  // No cookies will be set due to non canonical cookie
+  SetCookies(manager, kUrl, cookies, false, event);
+}
+
 void TestMultipleCookies(CefRefPtr<CefCookieManager> manager,
                         CefRefPtr<CefWaitableEvent> event) {
  std::stringstream ss;
@ -474,6 +490,19 @@ void TestAllCookies(CefRefPtr<CefCookieManager> manager,

 }  // namespace

+// Test creation of a invalid cookie.
+TEST(CookieTest, BasicInvalidCookie) {
+  CefRefPtr<CefWaitableEvent> event =
+      CefWaitableEvent::CreateWaitableEvent(true, false);
+
+  CefRefPtr<CefCookieManager> manager =
+      CefCookieManager::GetGlobalManager(new TestCompletionCallback(event));
+  event->Wait();
+  EXPECT_TRUE(manager.get());
+
+  TestInvalidCookie(manager, event);
+}
+
 // Test creation of a domain cookie.
 TEST(CookieTest, BasicDomainCookie) {
  CefRefPtr<CefWaitableEvent> event =