cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [BUG] Crash on curl_easy_cleanup

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 12 Jan 2011 14:06:56 +0100 (CET)

On Wed, 12 Jan 2011, Jean-François VERDON wrote:

> I may found a bug in libCurl, when builded statically on Windows (7).
> I've got an error on the curl_easy_cleanup function, more precisely at the
> line 2554 of "url.c" file:

>>> Curl_safefree(conn->user);

What error did you get on that line? Did you check what 'user' pointed to?

> Searching deeper, i found that if not supplied, user and password are setted
> to empties string (conn->user and conn->passwd).

No, that's not correct. See lib/url.c:set_userpass() and you'll see that it
always strdups() or NULLs them.

> But, the pointers are setted to "create_conn(struct SessionHandle *data,
> struct connectdata **in_connect, bool *async)" internal variables at line
> 1888 (set_userpass call):
> 4653 >> char user[MAX_CURL_USER_LENGTH];
> 4654 >> char passwd[MAX_CURL_PASSWORD_LENGTH];
>
> Those 2 variable are static functions local variable

No, they're not static. Yes they are local buffers to hold temporary strings.

> a call to "free(ptr)" as done in "Curl_safefree(void *ptr)" (line 271) seems
> invalid in this case, no?

Not at all, since the free() is not done on the local buffers.

You're pointing out generic code that is used for all platforms and we have
>500 test cases that run fine. I'm not saying you haven't found a bug, I'm
just suggesting that if it is a libcurl bug it is slightly more complicated
than just this.

Or I'm hallucating. It would help us a lot if you provided us with a complete
example that repeats the problem.

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-01-12