Likely over-aggressive deduplication of token contexts triggers incorrect provenance chain
pgoodman opened this issue · comments
This is in the HTTP structure from cURL:
struct HTTP {
curl_mimepart *sendit;
curl_off_t postsize;
const char *postdata;
const char *p_pragma;
curl_mimepart form;
struct back {
curl_read_callback fread_func;
void *fread_in;
const char *postdata;
curl_off_t postsize;
} backup;
enum { HTTPSEND_NADA, HTTPSEND_REQUEST, HTTPSEND_BODY } sending;
struct dynbuf send_buffer;
};
form is a non-pointer field, but I think due to deduplication in the context paths, it turns into a pointer.
Reproduced a simplified form:
