Fix dangling pointer bug in URL storage

The previous implementation stored parsed_url which contained pointers
into the user's string literal that could be invalidated. This fix:

1. Allocates a copy of the URL string (url_buffer)
2. Parses the copy so all pointers reference owned memory
3. Removes redundant domain and path fields from HTTP_ClientConn
4. Updates save_cookies to use url.authority.host.text and url.path
5. Updates cleanup code to free url_buffer instead of domain.ptr

This ensures the URL and all its components remain valid for the
lifetime of the connection.
This commit is contained in:
Claude
2025-11-23 21:26:59 +00:00
parent 737d81f270
commit e87fa490df
4 changed files with 38 additions and 56 deletions
+3 -5
View File
@@ -894,12 +894,10 @@ typedef struct {
// TODO: comment
bool trace_bytes;
// Endpoint domain and path. These must be saved
// in case the server wants to set some cookies.
HTTP_String domain;
HTTP_String path;
// Parsed URL for connection establishment
// The url_buffer contains the allocated copy of the URL string,
// and url.* pointers reference into this buffer
char *url_buffer;
HTTP_URL url;
// Data received from the server