Closed
Description
I had to look for bugs in curl using Coverity for an assignment and encountered this in cookie.c:
Lines 875 to 878 in b898b4c
According to the first if statement
co->name
can be null and co->name
is passed to strncasecompare
(Curl_strncasecompare
) which does not check for null and dereferences this parameter.
int Curl_strncasecompare(const char *first, const char *second, size_t max)
{
while(*first && *second && max) {
...
Encountered when analyzing 9e8f28a, still present in b898b4c (which currently is the latest commit in master).
I don't think that it is a huge issue, but it doesn't seem to be a false positive and could potentially cause a crash.