From 17dc8833aa9cc84122e6750efe0d5e234534eab9 Mon Sep 17 00:00:00 2001
From: edgul <edgul@mozilla.com>
Date: Tue, 30 Aug 2022 16:49:43 +0000
Subject: [PATCH] Bug 1787122 - Fixed assert crash when attempting to get base
 domain from a malformed URL. r=kershaw

Testing will be completed in: https://bugzilla.mozilla.org/show_bug.cgi?id=1788080

Differential Revision: https://phabricator.services.mozilla.com/D155878
---
 netwerk/cookie/CookieServiceParent.cpp | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/netwerk/cookie/CookieServiceParent.cpp b/netwerk/cookie/CookieServiceParent.cpp
index c2fd5908d806..df95e918149c 100644
--- a/netwerk/cookie/CookieServiceParent.cpp
+++ b/netwerk/cookie/CookieServiceParent.cpp
@@ -82,6 +82,7 @@ void CookieServiceParent::AddCookie(const Cookie& cookie) {
 
 bool CookieServiceParent::CookieMatchesContentList(const Cookie& cookie) {
   nsCString baseDomain;
+  // CookieStorage notifications triggering this won't fail to get base domain
   MOZ_ALWAYS_SUCCEEDS(CookieCommons::GetBaseDomainFromHost(
       mTLDService, cookie.Host(), baseDomain));
 
@@ -135,8 +136,12 @@ void CookieServiceParent::UpdateCookieInContentList(
     nsIURI* uri, const OriginAttributes& originAttrs) {
   nsCString baseDomain;
   bool requireAHostMatch = false;
-  MOZ_ALWAYS_SUCCEEDS(CookieCommons::GetBaseDomain(mTLDService, uri, baseDomain,
-                                                   requireAHostMatch));
+
+  // prevent malformed urls from being added to the cookie list
+  if (NS_WARN_IF(NS_FAILED(CookieCommons::GetBaseDomain(
+          mTLDService, uri, baseDomain, requireAHostMatch)))) {
+    return;
+  }
 
   CookieKey cookieKey(baseDomain, originAttrs);
   bool& allowSecure = mCookieKeysInContent.LookupOrInsert(cookieKey, false);