curl-library
[ curl-Bugs-963207 ] URLs longer than 63 chars with no protocol crashes (lib)curl
Date: Sun, 30 May 2004 10:28:25 -0700
Bugs item #963207, was opened at 2004-05-30 19:28
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=963207&group_id=976
Category: libcurl
Group: crash
Status: Open
Resolution: None
Priority: 5
Submitted By: Adam Blomberg (blomberg)
Assigned to: Daniel Stenberg (bagder)
Summary: URLs longer than 63 chars with no protocol crashes (lib)curl
Initial Comment:
There is a problem in libcurl (and subsequently in curl) version
7.11.2 when running on Linux (Debian 3 stable). Specifying a URL
longer than 63 characters without including the protocol crashes
curl. The problem is fully reproducible.
Running
./curl "www.haxx.se/
fooooooooooooooooooooooooooooooooooooooooooooooooooo"
consistently crashes curl, while
./curl "www.haxx.se/
foooooooooooooooooooooooooooooooooooooooooooooooooo"
doesn't. Furthermore,
./curl "http://www.haxx.se/
fooooooooooooooooooooooooooooooooooooooooooooooooooo"
also doesn't crash curl.
This problem doesn't occur on Mac OS X (10.3.3) by the way.
Before curl crashes, getaddrinfo fails (the url passed to getaddrinfo
is obviously incorrect), and the crash occurs when curl disconnects
(after the failed name lookup). Here follows some gdb output from
a program using libcurl (not curl itself), with the verbose option
enabled:
/.../
* getaddrinfo(3) failed for
ееееееееееееееееееееееееееееееееееееееееееееееееееееееее
ееееееееееееееееееееееееееееееееееееееееееееееееееееееее
ееееееееееееееееееееееееееееееееееееееееееееееееееееееее
ееееееееееееееееееееееееееееееееееееееееееееееееееееееее
ееееееееееееееееееееееееееееееее2df5:80
* Closing connection #0
Program received signal SIGSEGV, Segmentation fault.
0x401a6d45 in memset (dstpp=0x8413300, c=19, len=320017171)
at ../sysdeps/i386/memset.c:65
65 ../sysdeps/i386/memset.c: No such file or directory.
in ../sysdeps/i386/memset.c
Current language: auto; currently c
(gdb) bt
#0 0x401a6d45 in memset (dstpp=0x8413300, c=19,
len=320017171) at ../sysdeps/i386/memset.c:65
#1 0x4003e690 in curl_dofree (ptr=0x8413300, line=175,
source=0x40045f40 "../../../lib/url.c") at ../../../lib/memdebug.c:
218
#2 0x4002919b in Curl_safefree (ptr=0x8413300) at ../../../lib/
url.c:175
#3 0x4002b0a4 in Curl_disconnect (conn=0x8412cdc) at ../../../
lib/url.c:1364
#4 0x4002e70a in Curl_connect (data=0x81a1f44,
in_connect=0xbffe28ac, asyncp=0xbffe28a3 "") at ../../../lib/url.c:
3268
#5 0x4003d4df in Curl_perform (data=0x81a1f44) at ../../../lib/
transfer.c:1915
#6 0x4003dd8e in curl_easy_perform (curl=0x81a1f44) at ../../../
lib/easy.c:285
/.../
-----
curl 7.11.2 (i686-pc-linux-gnu) libcurl/7.11.2 OpenSSL/0.9.6c zlib/
1.1.4
Protocols: ftp gopher telnet dict ldap http file https ftps
Features: SSL libz NTLM Largefile
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=963207&group_id=976
Received on 2004-05-30