cURL / Mailing Lists / curl-users / Single Mail

curl-users

[ curl-Bugs-556930 ] FreeBSD coredump from pack_hostent

From: <noreply_at_sourceforge.net>
Date: Thu, 16 May 2002 12:36:52 -0700

Bugs item #556930, was opened at 2002-05-16 12:36
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=556930&group_id=976

Category: client module
Group: crash
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Daniel Stenberg (bagder)
Summary: FreeBSD coredump from pack_hostent

Initial Comment:
When running curl-7.9.7 on FreeBSD 4.5-STABLE, I get
a coredump from
this command:

% curl http://www.life-gone-hazy.com/
Segmentation fault (core dumped)

% gdb `which curl` curl.core
(gdb) where
#0 0x28097ce7 in Curl_connecthost (conn=0x8084000,
remotehost=0x8085000, port=80, sockconn=0x80
8429c,
addr=0xbfbff00c) at connect.c:489
#1 0x2808cc66 in ConnectPlease (conn=0x8084000,
hostaddr=0x8085000) at url.c:1275
#2 0x2808e5db in CreateConnection (data=0x806f000,
in_connect=0xbfbff1d8) at url.c:2310
#3 0x2808e6f0 in Curl_connect (data=0x806f000,
in_connect=0xbfbff1d8) at url.c:2364
#4 0x28096dd3 in Curl_perform (data=0x806f000) at
transfer.c:1137
#5 0x28097136 in curl_easy_perform (curl=0x806f000)
at easy.c:245
#6 0x804c465 in operate (config=0xbfbff500, argc=2,
argv=0xbfbff654) at main.c:2617
#7 0x804c7b5 in main (argc=2, argv=0xbfbff654) at
main.c:2723
#8 0x8048ffd in _start ()
(gdb) list
484 }
485 #else
486 /*
487 * Connecting with IPv4-only support
488 */
489 if(!remotehost->h_addr_list[0]) {
490 /* If there is no addresses in the
address list, then we return
491 error right away */
492 failf(data, "no address available");
493 return CURLE_COULDNT_CONNECT;
(gdb) x/s remotehost
0x8085000: "User-Agent: curl/7.9.7
(i386-unknown-freebsd4.5) libcurl 7.9.7 azy.com"

I belive I have tracked it down to a bug in
pack_hostent(), which calls realloc() near the end.
realloc() returns a new pointer, rather than just
shrinking the old one, and pack_hostent() was
returning the old pointer, which is now invalid.

--- ../curl-7.9.7/lib/hostip.c Wed May 1 05:36:13
2002
+++ lib/hostip.c Thu May 16 13:26:46 2002
@@ -428,7 +428,7 @@
copy->h_addr_list[i] = NULL;

*buf=(char *)realloc(*buf,
(int)bufptr-(int)(*buf));
- return copy;
+ return (struct hostent*) *buf;
}
#endif

----------------------------------------------------------------------

You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=100976&aid=556930&group_id=976

_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidth_at_sourceforge.net
Received on 2002-05-16

This message: [ Message body ]
Next message: babbouux: "Found a new interpreted language"
Previous message: noreply_at_sourceforge.net: "[ curl-Bugs-556869 ] src/writeout.c needs sys/types.h"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]