curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Access violation in Curl_hash_add

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 14 Dec 2016 17:43:04 -0500

On 12/14/2016 3:47 PM, Jake Fehr (jfehr) wrote:
>
> Thank you for the review and the links. The crash is random. The crash
> reports are coming from our error reporting system. I have gone
> through our code and noticed something that might be of concern. Is it
> OK to do this? All calls are on the same thread:
>
> 1.Call curl_easy_init()
>
> 2.Make a couple calls curl_easy_escape()
>
> 3.Cleanup the handle from curl_easy_init() with curl_easy_cleanup()
>
> 4.Call curl_global_init()
>
> 5.Make further calls to curl_easy_init()
>
> The first 3 steps are used to encode proxy urls that get used in steps
> 5 and later. I know that this violates the guidance in the thread
> safety guide below and I will fix that but I just wanted to confirm if
> this could lead to errors in curl_hash_add()?
>

Is where it crashes random or is when it crashes random? Are you sure
you're not calling curl_easy_cleanup multiple times on the same handle?
What you're describing now is different from what you described earlier.
Calling curl_easy_escape has no bearing on the connection cache. If
you're using a CURLOPT_CONV_TO_NETWORK_FUNCTION try disabling it.
curl_global_init is not thread safe and should be called once at the
beginning of the program before other threads are created. Internally it
increments a static variable but if that variable is == 0 then goes on
to initialize libcurl and its dependencies which may not be thread safe.
If you call curl_easy_init before curl_global_init then you have the
same problem.

Try building your program and libcurl with sanitization checks, like
this for example
CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover -Wformat
-Werror=format-security -Werror=array-bounds -g" \
CXXFLAGS="-fsanitize=address,undefined -fno-sanitize-recover -Wformat
-Werror=format-security -Werror=array-bounds -g" \
LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover " \
   ./configure --enable-debug ...

You don't need to install the debug libcurl just
LD_PRELOAD=libasan.so.2:/curlpath/lib/.libs/libcurl.so /your/app

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-12-14