Android 7.0.0 Release 33 (NBD92G)
-----BEGIN PGP SIGNATURE-----

iEYEABECAAYFAlji2zAACgkQ6K0/gZqxDnhzJwCfWLspnIeFjeVro9/CiXQCUSmG
rfgAn1mkdfCZzP54KwI78knU9Oxv1Z40
=h2C5
-----END PGP SIGNATURE-----
Pull upstream fix for CVE-2016-5552

to replace our local change that is essentially equivalent logic.

The upstream fix additionally fixes a flaw which if there is more
than one @ in the authority portion, then user and host are set to null
(ignored as malformed).

Upstream change:
  Merge

  http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1e8c18ddcab1

Test: libcore.java.net.URLTest#testMultipleUserField
Test: CtsLibcoreTestCases
Bug: 33351987
Change-Id: If5ab229f951c872aecb34834f0a52153f3f0fa26
(cherry picked from commit 2e3689a5019e781fb361cc67982926beaaa969c2)
(cherry picked from commit 7247f6a70e89efb4696aaaffaf7a0325604a6e06)
2 files changed