cURL / Mailing Lists / curl-library / Single Mail

curl-library

[BUG] Crash on curl_easy_cleanup

From: Jean-François VERDON <jfverdon_at_gmail.com>
Date: Wed, 12 Jan 2011 13:54:48 +0100

Hello,

I may found a bug in libCurl, when builded statically on Windows (7).
I've got an error on the curl_easy_cleanup function, more precisely at the
line 2554 of "url.c" file:
>> Curl_safefree(conn->user);

My piece of code is piece of cake:
>> CURL* curlConnection = curl_easy_init();
>> curl_easy_setopt(curlConnection, CURLOPT_USERAGENT, "Mozilla/5.0");
>> curl_easy_setopt(curlConnection, CURLOPT_URL, path.c_str());
>> curl_easy_setopt(curlConnection, CURLOPT_WRITEFUNCTION,
urlWriteDataCallback);
>> curl_easy_setopt(curlConnection, CURLOPT_WRITEDATA, &urlStream);
>> CURLcode requestResponse = curl_easy_perform(curlConnection);
>> curl_easy_cleanup(curlConnection);

Searching deeper, i found that if not supplied, user and password are setted
to empties string (conn->user and conn->passwd).
But, the pointers are setted to "create_conn(struct SessionHandle *data,
struct connectdata **in_connect, bool *async)" internal variables at line
1888 (set_userpass call):
4653 >> char user[MAX_CURL_USER_LENGTH];
4654 >> char passwd[MAX_CURL_PASSWORD_LENGTH];

Those 2 variable are static functions local variable, so a call to
"free(ptr)" as done in "Curl_safefree(void *ptr)" (line 271) seems invalid
in this case, no?

Nodrev

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-01-12