On Mon, 18 Aug 2003, Jeff Pohlmeyer wrote:

> When a lookup fails in ares, Curl_connecthost() in connect.c gets a NULL
> pointer in the remotehost argument, and then tries to dereference it on line
> 606, causing a segfault.

Aha! I think the bug is in the Curl_is_resolved() function that sometimes
return done==TRUE while at the same time returning an error, and the caller of
the function doesn't check the return code if done is true.

I would say that this fix corrects the problem in an earlier stage than your
fix did (I'll be adding a new test case for this case):

--- hostip.c 6 Aug 2003 15:26:02 -0000 1.92
+++ hostip.c 19 Aug 2003 09:28:25 -0000
@@ -409,10 +409,9 @@
     ares_process(data->state.areschannel, &read_fds, &write_fds);

   if(conn->async.done) {
- *done = TRUE;
-
     if(!conn->async.dns)
       return CURLE_COULDNT_RESOLVE_HOST;
+ *done = TRUE;
   }
   else
     *done = FALSE;

-- 
 Daniel Stenberg -- curl: been grokking URLs since 1998
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01