Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Crash in nw_in_read when client drives SSL sockets
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Ray Satiro via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 22 Jan 2024 17:22:56 -0500
On 1/22/2024 3:46 PM, Dmitry Karpov via curl-library wrote:
> I can confirm that the checks for null data below prevent the crashes
> that I observed when client drives SSL sockets and steps on read/write
> errors.
> Should I create a PR with these changes?
>
> ---
> lib/cf-socket.c | 16 ++++++++++------
> 1 file changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/lib/cf-socket.c b/lib/cf-socket.c
> index e42b4a87b..98bca9f17 100644
> --- a/lib/cf-socket.c
> +++ b/lib/cf-socket.c
> _at__at_ -863,9 +863,11 _at__at_ static ssize_t nw_in_read(void *reader_ctx,
> else {
> char buffer[STRERROR_LEN];
>
> - failf(rctx->data, "Recv failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - rctx->data->state.os_errno = sockerr;
> + if(rctx->data) {
> + failf(rctx->data, "Recv failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + rctx->data->state.os_errno = sockerr;
> + }
> *err = CURLE_RECV_ERROR;
> nread = -1;
> }
> _at__at_ -1329,9 +1331,11 _at__at_ static ssize_t cf_socket_send(struct Curl_cfilter
> *cf, struct Curl_easy *data,
> }
> else {
> char buffer[STRERROR_LEN];
> - failf(data, "Send failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - data->state.os_errno = sockerr;
> + if(data) {
> + failf(data, "Send failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + data->state.os_errno = sockerr;
> + }
> *err = CURLE_SEND_ERROR;
> }
> }
> --
Yes, please open a PR for further discussion. data is supposed to be !=
NULL even in those cases from what I remember, so there might be a
bigger problem. OTOH I'm not entirely up on the changes Stefan has made
so maybe this is ok. cc _at_icing in the PR
Date: Mon, 22 Jan 2024 17:22:56 -0500
On 1/22/2024 3:46 PM, Dmitry Karpov via curl-library wrote:
> I can confirm that the checks for null data below prevent the crashes
> that I observed when client drives SSL sockets and steps on read/write
> errors.
> Should I create a PR with these changes?
>
> ---
> lib/cf-socket.c | 16 ++++++++++------
> 1 file changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/lib/cf-socket.c b/lib/cf-socket.c
> index e42b4a87b..98bca9f17 100644
> --- a/lib/cf-socket.c
> +++ b/lib/cf-socket.c
> _at__at_ -863,9 +863,11 _at__at_ static ssize_t nw_in_read(void *reader_ctx,
> else {
> char buffer[STRERROR_LEN];
>
> - failf(rctx->data, "Recv failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - rctx->data->state.os_errno = sockerr;
> + if(rctx->data) {
> + failf(rctx->data, "Recv failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + rctx->data->state.os_errno = sockerr;
> + }
> *err = CURLE_RECV_ERROR;
> nread = -1;
> }
> _at__at_ -1329,9 +1331,11 _at__at_ static ssize_t cf_socket_send(struct Curl_cfilter
> *cf, struct Curl_easy *data,
> }
> else {
> char buffer[STRERROR_LEN];
> - failf(data, "Send failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - data->state.os_errno = sockerr;
> + if(data) {
> + failf(data, "Send failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + data->state.os_errno = sockerr;
> + }
> *err = CURLE_SEND_ERROR;
> }
> }
> --
Yes, please open a PR for further discussion. data is supposed to be !=
NULL even in those cases from what I remember, so there might be a
bigger problem. OTOH I'm not entirely up on the changes Stefan has made
so maybe this is ok. cc _at_icing in the PR
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2024-01-22