New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
curl_fuzzer: http2.c:1182: Assertion `0' failed. #2894
Labels
Comments
bagder
added a commit
that referenced
this issue
Aug 17, 2018
Instead of passing the easy handle directly to nghttp2 to map from stream_id to our structs, we create an 'easymap' node (for each new stream) and add to a per-connection linked list. The easymap struct itself contains a pointer to the easy handle and the stream id. This node *MUST* remain in the list until the 'on_stream_close' callback comes. This node can survive the easy handle. If we want to remove the association between a stream and an easy handle before the stream end callback from nghtp2, we now call disassociate_easymap() which "soft removes" the association in the easymap struct only. This is necesary since when nghttp2_submit_request() is called, the stream<=>easy association isn't immediately done by nghttp2 and if we then try to clear the assication at once (using nghttp2_session_set_stream_user_data), that clearing fails and we risk having the (by now) old assication getting done by nghttp2 and then risk subsequently fetching a stale pointer to already freed data. Fixes #2688 Fixes #2894
bagder
added a commit
that referenced
this issue
Aug 20, 2018
... before the stream is started, we have it set to -1. Fixes #2894
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I did this
This is a repost of a curl-fuzzer bug 9943. (closed for the public another 30 days)
The assert was added in ac86eab to help out debugging the HTTP/2 issues in #2688.
curl/libcurl version
current 7.61.1-DEV git master
operating system
Linux, but not important
The text was updated successfully, but these errors were encountered: