From 023a0d52f106321838ab1c0997e76693f4dcbdf6 Mon Sep 17 00:00:00 2001
From: Jim Evans <james.h.evans.jr@gmail.com>
Date: Sat, 7 Oct 2023 11:13:19 -0400
Subject: [PATCH] [IEDriver] Fix potential null pointer access in CookieManager

---
 cpp/iedriver/CookieManager.cpp | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/cpp/iedriver/CookieManager.cpp b/cpp/iedriver/CookieManager.cpp
index 91b400159334a..0279296da9509 100644
--- a/cpp/iedriver/CookieManager.cpp
+++ b/cpp/iedriver/CookieManager.cpp
@@ -522,11 +522,21 @@ LRESULT CALLBACK CookieWndProc(int nCode, WPARAM wParam, LPARAM lParam) {
           all_cookies.append(L"\n*\n");
         }
         INTERNETCOOKIE2* current_cookie = cookie_pointer + cookie_index;
-        std::wstring cookie_name = current_cookie->pwszName;
+        std::wstring cookie_name = L"";
+        if (current_cookie->pwszName) {
+          // Note that the spec appears to allow "nameless" cookies,
+          // which clients like Selenium may not support.
+          cookie_name = current_cookie->pwszName;
+        }
         std::wstring cookie_value = L"";
         if (current_cookie->pwszValue) {
           cookie_value = current_cookie->pwszValue;
         }
+
+        // TODO: The spec does not allow a cookie with an empty name
+        // and value. It's unclear what the driver could do in this
+        // case, but we should probably handle it somehow in the off
+        // chance it ever comes up.
         std::wstring cookie_domain = L"";
         if (current_cookie->pwszDomain) {
           cookie_domain = current_cookie->pwszDomain;