Darshit Shah <dar...@gmail.com> writes:

>>>  static bool
>>>  check_domain_match (const char *cookie_domain, const char *host)
>>> @@ -509,6 +519,7 @@ check_domain_match (const char *cookie_domain, const 
>>> char *host)
>>>
>>>  #ifdef HAVE_LIBPSL
>>>    DEBUGP (("cdm: 1"));
>>> +  char * cookie_domain_lower, * host_lower;
>>
>> please initialize them to NULL and format like char
>> *cookie_domain_lower, *host_lower (no space between * and the variable
>> name), otherwise...
>>
>>>    const psl_ctx_t *psl;
>>>    int is_acceptable;
>>>
>>> @@ -519,7 +530,18 @@ check_domain_match (const char *cookie_domain, const 
>>> char *host)
>>>        goto no_psl;
>>>      }
>>>
>>> -  is_acceptable = psl_is_cookie_domain_acceptable (psl, host, 
>>> cookie_domain);
>>> +  if (psl_str_to_utf8lower (cookie_domain, NULL, NULL, 
>>> &cookie_domain_lower) != PSL_SUCCESS ||
>>> +      psl_str_to_utf8lower (host, NULL, NULL, &host_lower) != PSL_SUCCESS)
>>
>> ...if the first "psl_str_to_utf8lower" fails then "host_lower" keeps
>> some bogus value...
>>
>>> +    {
>>> +        DEBUGP (("libpsl unable to parse domain name. "
>>> +                 "Falling back to simple heuristics.\n"));
>>> +        goto no_psl;
>>> +    }
>>> +
>>> +  is_acceptable = psl_is_cookie_domain_acceptable (psl, host_lower, 
>>> cookie_domain_lower);
>>> +  xfree (cookie_domain_lower);
>>> +  xfree (host_lower);
>>
>> ...and *boom* here.
>>
> Aah! I somehow managed not to get any "boom"s despite having a test
> that saw psl_str_to_utf8lower() fail. However, your comment is correct
> and I'll fix that. The general idea was that if the function fails, it
> will fail on both the calls

I somehow misread the patch and the position of the no_psl label.  We
should move the two xfree in the cleanup block, after "no_psl", to avoid
a potential memory leak.

Regards,
Giuseppe

Reply via email to