Pull upstream fix for CVE-2016-5552
to replace our local change that is essentially equivalent logic. The upstream fix additionally fixes a flaw which if there is more than one @ in the authority portion, then user and host are set to null (ignored as malformed). Upstream change: Merge http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1e8c18ddcab1 Test: libcore.java.net.URLTest#testMultipleUserField Test: CtsLibcoreTestCases Bug: 33351987 Change-Id: If5ab229f951c872aecb34834f0a52153f3f0fa26
Loading
Please sign in to comment