• Volker Dobler's avatar
    net/http/cookiejar: fix out-of-bounds errors on malformed domains · d972dc2d
    Volker Dobler authored
    The old implementation of Jar made the assumption that the host names
    in the URLs given to SetCookies() and Cookies() methods are well-formed.
    This is not an unreasonable assumption as malformed host names do not
    trigger calls to SetCookies or Cookies (at least not from net/http)
    as the HTTP request themselves are not executed. But there can be other
    invocations of these methods and at least on Linux it was possible to
    make DNS lookup to domain names with two trailing dots (see issue #7122).
    
    This is an old bug and this CL revives an old change (see
    https://codereview.appspot.com/52100043) to fix the issue. The discussion
    around 52100043 focused on the interplay between the jar and the
    public suffix list and who is responsible for which type if domain name
    canonicalization. The new bug report in issue #19384 used a nil public
    suffix list which demonstrates that the package cookiejar alone exhibits
    this problem and any solution cannot be fully delegated to the
    implementation of the used PublicSuffixList: Package cookiejar itself
    needs to protect against host names of the form ".." which triggered an
    out-of-bounds error.
    
    This CL does not address the issue of host name canonicalization and
    the question who is responsible for it. This CL just prevents the
    out-of-bounds error: It is a very conservative change, i.e. one might
    still set and retrieve cookies for host names like "weird.stuf...".
    Several more test cases document how the current code works.
    
    Fixes #19384.
    
    Change-Id: I14be080e8a2a0b266ced779f2aeb18841b730610
    Reviewed-on: https://go-review.googlesource.com/37843
    Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
    TryBot-Result: Gobot Gobot <gobot@golang.org>
    Reviewed-by: 's avatarRuss Cox <rsc@golang.org>
    d972dc2d
jar_test.go 32.5 KB