cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [patch] Curl_clone_ssl_config initialization bug

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Mon, 22 Mar 2010 09:40:34 +0100

On Monday 22 of March 2010 01:27:41 douglas steinwand wrote:
> libcurl 7.20.0 and earlier versions incompletely reinitialize CURL
> handles when options such as CURLOPT_CAINFO are changed. It seems
> Curl_clone_ssl_config() doesn't reset some attributes to NULL. As
> such, reusing a curl easy handle can cause "double free" and
> segmentation fault crashes, along with other random problems (curl
> errors 27 and 35).

Indeed. The fields were initialized on the way from create_conn(), but not on
the way from Curl_ssl_addsessionid(), which could have happened for OpenSSL
or GnuTLS.

> Two files are attached: a demonstration of the problem, and a patch
> to correct it.

I've just pushed your patch:
http://github.com/bagder/curl/commit/abcea311e3b3178e8848e4da5acdf50afd89e4ce

Thanks for your contribution!

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-03-22