Android 7.0.0 Release 32 (NBD92F)
-----BEGIN PGP SIGNATURE-----

iEYEABECAAYFAlji2scACgkQ6K0/gZqxDnieCgCfYgxcc8Bufe1kE0NhxfY+Vp+p
41MAmweMTXvkCUwuoNtu2TO3MYjavAJo
=D+A1
-----END PGP SIGNATURE-----
Pull upstream fix for CVE-2016-5552

to replace our local change that is essentially equivalent logic.

The upstream fix additionally fixes a flaw which if there is more
than one @ in the authority portion, then user and host are set to null
(ignored as malformed).

Upstream change:
  Merge

  http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1e8c18ddcab1

Test: libcore.java.net.URLTest#testMultipleUserField
Test: CtsLibcoreTestCases
Bug: 33351987
Change-Id: If5ab229f951c872aecb34834f0a52153f3f0fa26
(cherry picked from commit 2e3689a5019e781fb361cc67982926beaaa969c2)
(cherry picked from commit 7247f6a70e89efb4696aaaffaf7a0325604a6e06)
2 files changed