Bugs item #3572331, was opened at 2012-09-27 00:26
Message generated for change (Tracker Item Submitted) made by
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3572331&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: SSL/TLS
Group: crash
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: https://www.google.com/accounts ()
Assigned to: Daniel Stenberg (bagder)
Summary: HTTPs + long URL = segfault

Initial Comment:
When you generate ultra long URL and try to curl HTTPs domain, some memory dump occurs. Test log is attached. Can be tested with following bash script:

#!/bin/bash

num=2048
something_long=$(for i in `seq 1 $num`; do printf "a${i}=${i}"; done)
url="https://google.com/?q=${something_long}"

curl -v -g "${url}"

My system:

michal_at_localhost:~/tmp$ uname -a
Linux localhost 3.2.0-sabayon #1 SMP Sat Feb 11 08:52:29 UTC 2012 x86_64 Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz GenuineIntel GNU/Linux
michal_at_localhost:~/tmp$ curl -V
curl 7.24.0 (x86_64-pc-linux-gnu) libcurl/7.24.0 OpenSSL/1.0.0j zlib/1.2.6
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3572331&group_id=976
Received on 2012-09-27