Bugs item #634610, was opened at 2002-11-06 11:36
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=634610&group_id=976

Category: http
Group: crash
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Daniel Stenberg (bagder)
Summary: Curl_follow() crash on RFC2068 Violation

Initial Comment:
When using libcurl to access the following original URL:

http://multimedia.lycos.com/default.asp?agree=1&query=straczynski&component=MorePictures&ViewStyle=detail

The page returns a "follow" to this:

results.asp?agree=1&query=straczynski&component=MoreP
ictures&ViewStyle=detail

We get a crash in transfer.c, function of Curl_follow() around line 1353 (of version 7.10.1); this is in the section where, according to the comments, the follow given is in violation of RFC 2068, and the hack used to get past it is "doomed to cause problems in the future".

Welcome to the future. :-)

Anyhow, the line that crashes is this:

    sprintf(newest, "%s%s%s", url_clone,
            (('/' == useurl[0]) || !*protsep)?"":"/",
            useurl);

useurl is the "results.asp..." string above, and protsep is nil -- so dereferencing it is causing the access error.

I'm not really following the logic of what protsep is, so I don't really have a suggested fix. *Maybe* you meant to say !protsep instead of !*protsep, or you need an additional || !protset before testing for !*protsep

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=634610&group_id=976

-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
Received on 2002-11-06