| Bug ID | 907539 |
|---|---|
| Summary | segfault in lynx after removing expired cookie |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | 13.2 |
| Hardware | All |
| OS | Linux |
| Status | NEW |
| Severity | Normal |
| Priority | P5 - None |
| Component | Basesystem |
| Assignee | bnc-team-screening@forge.provo.novell.com |
| Reporter | mgorse@suse.com |
| QA Contact | qa-bugs@suse.de |
| Found By | --- |
| Blocker | --- |
Created attachment 615288 [details]
Backtrace.
I saw a crash in lynx this morning while trying to select a link on
m.facebook.com. See attached backtrace.
scan_cookie_sublist() needs to not remove the expired cookie from the list and
then try to read the item it just freed in order to get the pointer to the next
item.