Google Git
Sign in
chromium / chromium / src / 35ee7ff74b4650d7d54634d64c71e5182b085841
commit35ee7ff74b4650d7d54634d64c71e5182b085841[log] [tgz]
author= <patilmayur@microsoft.com>Wed May 28 16:36:13 2025
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Wed May 28 16:36:13 2025
tree0b8cf5501089c2b463424fa0fbb65cf8f3a694d9
parent07e5f17e711b7154cae5f295516c40f84e52fe34 [diff]
Domain Validation: Reject leading dots in non special urls

This PR addresses a crash reported by the net_canonical_cookie_fuzzer
related to the GetCookieDomainWithString method in Chromium. The issue
occurs when a URL like o://%2e is passed with an empty domain string.

On Windows, this URL is treated as a special URL (scheme: file), where
On Linux, it is treated as a non-special URL, leading to inconsistent
behavior.

During the domain canonicalization process, %2e is decoded to a dot (.),
and a leading dot causes domain parsing to fail in the DomainIsHostOnly
method.

To resolve this, the proposed solution is to explicitly reject leading
dots in non-special URLs during domain validation. This change ensures
consistent behavior across platforms and prevents malformed domain
inputs from causing crashes.

Bug: 403967933

Change-Id: Ie0c53f8037fbec2de15cc15ef08a1af607bfe4a9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6553452
Reviewed-by: Dylan Cutler <dylancutler@google.com>
Reviewed-by: Chris Fredrickson <cfredric@chromium.org>
Commit-Queue: Mayur Patil <patilmayur@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#1466536}
3 files changed
tree: 0b8cf5501089c2b463424fa0fbb65cf8f3a694d9
  1. .github/
  2. android_webview/
  3. apps/
  4. ash/
  5. base/
  6. build/
  7. build_overrides/
  8. buildtools/
  9. cc/
  10. chrome/
  11. chromecast/
  12. chromeos/
  13. codelabs/
  14. components/
  15. content/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia_web/
  22. gin/
  23. google_apis/
  24. gpu/
  25. headless/
  26. infra/
  27. ios/
  28. ipc/
  29. media/
  30. mojo/
  31. native_client_sdk/
  32. net/
  33. pdf/
  34. ppapi/
  35. printing/
  36. remoting/
  37. rlz/
  38. sandbox/
  39. services/
  40. skia/
  41. sql/
  42. storage/
  43. styleguide/
  44. testing/
  45. third_party/
  46. tools/
  47. ui/
  48. url/
  49. webkit/
  50. clank
  51. internal
  52. ios_internal
  53. native_client
  54. signing_keys
  55. v8
  56. .clang-format
  57. .clang-tidy
  58. .clangd
  59. .git-blame-ignore-revs
  60. .gitallowed
  61. .gitattributes
  62. .gitignore
  63. .gitmodules
  64. .gn
  65. .mailmap
  66. .rustfmt.toml
  67. .vpython3
  68. .yapfignore
  69. ATL_OWNERS
  70. AUTHORS
  71. BUILD.gn
  72. CODE_OF_CONDUCT.md
  73. codereview.settings
  74. CPPLINT.cfg
  75. CRYPTO_OWNERS
  76. DEPS
  77. DIR_METADATA
  78. LICENSE
  79. LICENSE.chromium_os
  80. OWNERS
  81. PRESUBMIT.py
  82. PRESUBMIT_test.py
  83. PRESUBMIT_test_mocks.py
  84. README.md
  85. SECURITY_OWNERS
  86. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure.

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.

If you found a bug, please file it at https://crbug.com/new.