cURL / Mailing Lists / curl-library / Single Mail

curl-library

sendf.c bug line 153

From: Todd Fisher <taf2_at_lehigh.edu>
Date: Sat, 08 Feb 2003 19:14:20 -0500

Hi,
I've been using the curl library for about 8 months now. Currently,
i'm using it to build a webcrawler for a research project at my school.

I have been getting errors that I believe are coming from libcurl.

here's the stack trace i'm getting from the core file

#0 Curl_failf (data=0x0, fmt=0x4144a564 "\231\231\231\031
�\036@\006\001") at sendf.c:153
153 if(data->set.errorbuffer && !data->state.errorbuf) {
(gdb) where
#0 Curl_failf (data=0x0, fmt=0x4144a564 "\231\231\231\031
�\036@\006\001") at sendf.c:153
#1 0x4003c106 in Curl_resolv (data=0x0, hostname=0x0, port=0) at
hostip.c:237
Current language: auto; currently c

I decided to check in sendf.c on line 153 and sure enough it looks like
there is a bug in that code if Curl_failf is passed data as a NULL
pointer, depending on its semantics of course... here's my changes:

void Curl_failf(struct SessionHandle *data, const char *fmt, ...)
{
   va_list ap;
   va_start(ap, fmt);
   if( data != NULL ){ // just added this line
   if(data->set.errorbuffer && !data->state.errorbuf) {
     vsnprintf(data->set.errorbuffer, CURL_ERROR_SIZE, fmt, ap);
     data->state.errorbuf = TRUE; /* wrote error string */

     if(data->set.verbose) {
       int len = strlen(data->set.errorbuffer);
       bool doneit=FALSE;
       if(len < CURL_ERROR_SIZE) {
         doneit = TRUE;
         data->set.errorbuffer[len] = '\n';
         data->set.errorbuffer[++len] = '\0';
       }
       Curl_debug(data, CURLINFO_TEXT, data->set.errorbuffer, len);
       if(doneit)
         /* cut off the newline again */
         data->set.errorbuffer[--len]=0;
     }
   }
   }
   va_end(ap);
}

so, then after recompiling curl with a little extra paraniona in
Curl_failf I got this stack trace from my core:

#0 0x40055e3c in _fini () from /home/taf2/usr/lib/libcurl.so.2
(gdb) where
#0 0x40055e3c in _fini () from /home/taf2/usr/lib/libcurl.so.2
#1 0x40041d1b in Curl_failf (data=0x41dff63c, fmt=0x43a1ac10 "name
lookup time-outed\n") at sendf.c:166
#2 0x4003c086 in Curl_resolv (data=0x41dff63c, hostname=0x43835578 "
�\200Cg\233E>\001", port=1105196583)
at hostip.c:237
#3 0x41dffbe0 in ?? ()
#4 0x00048d8d in ?? ()

At this point i'm not sure what to make of it, but i'm hoping that this
info might be useful to the libcurl developers as well as possible
fixing my problems :)

-todd

-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld http://www.vasoftware.com
Received on 2003-02-09

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: sendf.c bug line 153"
Previous message: Daniel Stenberg: "I'm going skiing"
Next in thread: Daniel Stenberg: "Re: sendf.c bug line 153"
Reply: Daniel Stenberg: "Re: sendf.c bug line 153"
Reply: Daniel Stenberg: "Re: sendf.c bug line 153"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]