From c6ae07c6a541e0e96d0040afb62b45dd37711300 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 11 Aug 2025 20:23:05 +0200 Subject: [PATCH] cookie: don't treat the leading slash as trailing If there is only a leading slash in the path, keep that. Also add an assert to make sure the path is never blank. Reported-by: Google Big Sleep Closes #18266 --- lib/cookie.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) Index: curl-8.0.1/lib/cookie.c =================================================================== --- curl-8.0.1.orig/lib/cookie.c +++ curl-8.0.1/lib/cookie.c @@ -316,8 +316,9 @@ static char *sanitize_cookie_path(const return new_path; } + /* remove trailing slash when path is non-empty */ /* convert /hoge/ to /hoge */ - if(len && new_path[len - 1] == '/') { + if(len > 1 && new_path[len - 1] == '/') { new_path[len - 1] = 0x0; } @@ -1091,7 +1092,7 @@ Curl_cookie_add(struct Curl_easy *data, clist->spath && co->spath && /* both have paths */ clist->secure && !co->secure && !secure) { size_t cllen; - const char *sep; + const char *sep = NULL; /* * A non-secure cookie may not overlay an existing secure cookie. @@ -1100,8 +1101,9 @@ Curl_cookie_add(struct Curl_easy *data, * "/loginhelper" is ok. */ - sep = strchr(clist->spath + 1, '/'); - + DEBUGASSERT(clist->spath[0]); + if(clist->spath[0]) + sep = strchr(clist->spath + 1, '/'); if(sep) cllen = sep - clist->spath; else