curl-library
Re: curl_easy_perform crash in Curl_do after Curl_reconnect_request has been called
Date: Wed, 26 Sep 2012 23:07:18 +0200 (CEST)
On Wed, 26 Sep 2012, Ho-chi Chen wrote:
> The previous fix is good if the return error is CURLE_OK or CURLE_SEND_ERROR
> but when I use debugger to walk throught and try to simulate the failure by
> forcing it to call Curl_reconnect_request() from Curl_do(), Curl_done()
> returned CURLE_GOT_NOTHING and free the memory for conn, which is the same
> memory for *connp got freed but *connp is not set to NULL and crash later
> in:
Thanks for your patience and explaining the case further. I see now how this
can indeed be a problem. May I suggest that we simplify your suggested fix and
just add a single line? The command already warned us and the variable will be
assigned (again) further down if things are fine for that.
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1985,7 +1985,9 @@ Curl_reconnect_request(struct connectdata **connp)
conn->bits.close = TRUE; /* enforce close of this connection */
result = Curl_done(&conn, result, FALSE); /* we are so done with this */
- /* conn may no longer be a good pointer */
+ /* conn may no longer be a good pointer, clear it to avoid mistakes by
+ parent functions */
+ *connp = NULL;
/*
* According to bug report #1330310. We need to check for CURLE_SEND_ERROR
-- / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-09-26