Bugs item #1192828, was opened at 2005-04-30 06:13
Message generated for change (Comment added) made by zaa
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1192828&group_id=976
Category: ftp
Group: crash
Status: Open
Resolution: None
Priority: 8
Submitted By: zhuravlev alexander (zaa)
Assigned to: Daniel Stenberg (bagder)
Summary: SIGSEGV during binding to invalid IP while connecting to FTP
Initial Comment:
[kernel:...curl-7.13.2/src]>uname -mrs
FreeBSD 5.4-STABLE i386
[kernel:...curl-7.13.2/src]>env -i ./curl -V
curl 7.13.2 (i386-unknown-freebsd5.4) libcurl/7.13.2
OpenSSL/0.9.7e zlib/1.2.1
Protocols: ftp gopher telnet dict ldap http file https ftps
Features: Debug Largefile NTLM SSL libz
[kernel:...curl-7.13.2/src]>env -i ./curl -v -iIL
--interface 62.76.34.99
ftp://ftp.dti.ad.jp/pub/lang/gcc/releases/gcc-4.0.0/gcc-4.0.0.tar.bz2
* About to connect() to ftp.dti.ad.jp port 21
* Trying 202.216.228.228... * We bind local end to
62.76.34.99
* Can't assign requested address
Segmentation fault (core dumped)
[kernel:...curl-7.13.2/src]>gdb ./curl ./curl.core
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public
License, and you are
welcome to change it and/or distribute copies of it
under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show
warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...
Core was generated by `curl'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libssl.so.3...done.
Loaded symbols for /usr/lib/libssl.so.3
Reading symbols from /lib/libcrypto.so.3...done.
Loaded symbols for /lib/libcrypto.so.3
Reading symbols from /lib/libz.so.2...done.
Loaded symbols for /lib/libz.so.2
Reading symbols from /lib/libc.so.5...done.
Loaded symbols for /lib/libc.so.5
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0 0x0807b4f2 in ftp_parse_url_path (conn=0x809d804)
at ftp.c:3652
3652 ftp->ctl_valid = FALSE;
(gdb) list
3647 char *cur_pos = conn->path; /* current
position in path. point at the begin
3648 of next path
component */
3649
3650 /* the ftp struct is already inited in
ftp_connect() */
3651 ftp = conn->proto.ftp;
3652 ftp->ctl_valid = FALSE;
3653
3654 ftp->dirdepth = 0;
3655 ftp->diralloc = 5; /* default dir depth to
allocate */
3656 ftp->dirs = (char **)calloc(ftp->diralloc,
sizeof(ftp->dirs[0]));
(gdb) bt
#0 0x0807b4f2 in ftp_parse_url_path (conn=0x809d804)
at ftp.c:3652
#1 0x0807a8c6 in Curl_ftp (conn=0x809d804,
done=0xbfbfe856 "") at ftp.c:3184
#2 0x08063203 in Curl_do (connp=0xbfbfe85c,
done=0xbfbfe856 "") at url.c:3682
#3 0x0806c048 in Curl_perform (data=0x80a8004) at
transfer.c:2153
#4 0x08058be8 in curl_easy_perform (curl=0x80a8004) at
easy.c:474
#5 0x080518ae in operate (config=0xbfbfeca8, argc=6,
argv=0xbfbfee88) at main.c:3703
#6 0x080520a6 in main (argc=6, argv=0xbfbfee88) at
main.c:3992
Thank you.
----------------------------------------------------------------------
>Comment By: zhuravlev alexander (zaa)
Date: 2005-04-30 17:54
Message:
Logged In: YES
user_id=384490
> so the 'ftp' pointer is bad when this happens?
I think so.
I was able to reproduce this problem on FreeBSD 4.11,
FreeBSD 5.3 and Gentoo Linux. Also using different versions
of curl (7.13.1 and 7.12.3).
I have not tried to prepare a patch yet.
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2005-04-30 16:25
Message:
Logged In: YES
user_id=1110
so the 'ftp' pointer is bad when this happens?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1192828&group_id=976
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-tracker
Received on 2005-04-30