curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Crash in nw_in_read when client drives SSL sockets

From: Ray Satiro via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 22 Jan 2024 17:22:56 -0500

On 1/22/2024 3:46 PM, Dmitry Karpov via curl-library wrote:
> I can confirm that the checks for null data below prevent the crashes
> that I observed when client drives SSL sockets and steps on read/write
> errors.
> Should I create a PR with these changes?
>
> ---
> lib/cf-socket.c | 16 ++++++++++------
> 1 file changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/lib/cf-socket.c b/lib/cf-socket.c
> index e42b4a87b..98bca9f17 100644
> --- a/lib/cf-socket.c
> +++ b/lib/cf-socket.c
> _at__at_ -863,9 +863,11 _at__at_ static ssize_t nw_in_read(void *reader_ctx,
> else {
> char buffer[STRERROR_LEN];
>
> - failf(rctx->data, "Recv failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - rctx->data->state.os_errno = sockerr;
> + if(rctx->data) {
> + failf(rctx->data, "Recv failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + rctx->data->state.os_errno = sockerr;
> + }
> *err = CURLE_RECV_ERROR;
> nread = -1;
> }
> _at__at_ -1329,9 +1331,11 _at__at_ static ssize_t cf_socket_send(struct Curl_cfilter
> *cf, struct Curl_easy *data,
> }
> else {
> char buffer[STRERROR_LEN];
> - failf(data, "Send failure: %s",
> - Curl_strerror(sockerr, buffer, sizeof(buffer)));
> - data->state.os_errno = sockerr;
> + if(data) {
> + failf(data, "Send failure: %s",
> + Curl_strerror(sockerr, buffer, sizeof(buffer)));
> + data->state.os_errno = sockerr;
> + }
> *err = CURLE_SEND_ERROR;
> }
> }
> --


Yes, please open a PR for further discussion. data is supposed to be !=
NULL even in those cases from what I remember, so there might be a
bigger problem. OTOH I'm not entirely up on the changes Stefan has made
so maybe this is ok. cc _at_icing in the PR


-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html
Received on 2024-01-22