Download
Browse source Changelog
Documentation
Project   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Etiquette
Development
Autobuilds Code Style Contribute Internals Release Notes Release Procedure Roadmap Run Tests Security Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Access violation in Curl_hash_add

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 14 Dec 2016 17:43:04 -0500

On 12/14/2016 3:47 PM, Jake Fehr (jfehr) wrote:
>
> Thank you for the review and the links. The crash is random. The crash
> reports are coming from our error reporting system. I have gone
> through our code and noticed something that might be of concern. Is it
> OK to do this? All calls are on the same thread:
>
> 1.Call curl_easy_init()
>
> 2.Make a couple calls curl_easy_escape()
>
> 3.Cleanup the handle from curl_easy_init() with curl_easy_cleanup()
>
> 4.Call curl_global_init()
>
> 5.Make further calls to curl_easy_init()
>
> The first 3 steps are used to encode proxy urls that get used in steps
> 5 and later. I know that this violates the guidance in the thread
> safety guide below and I will fix that but I just wanted to confirm if
> this could lead to errors in curl_hash_add()?
>

Is where it crashes random or is when it crashes random? Are you sure
you're not calling curl_easy_cleanup multiple times on the same handle?
What you're describing now is different from what you described earlier.
Calling curl_easy_escape has no bearing on the connection cache. If
you're using a CURLOPT_CONV_TO_NETWORK_FUNCTION try disabling it.
curl_global_init is not thread safe and should be called once at the
beginning of the program before other threads are created. Internally it
increments a static variable but if that variable is == 0 then goes on
to initialize libcurl and its dependencies which may not be thread safe.
If you call curl_easy_init before curl_global_init then you have the
same problem.

Try building your program and libcurl with sanitization checks, like
this for example
CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover -Wformat
-Werror=format-security -Werror=array-bounds -g" \
CXXFLAGS="-fsanitize=address,undefined -fno-sanitize-recover -Wformat
-Werror=format-security -Werror=array-bounds -g" \
LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover " \
   ./configure --enable-debug ...

You don't need to install the debug libcurl just
LD_PRELOAD=libasan.so.2:/curlpath/lib/.libs/libcurl.so /your/app

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-12-14