cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: abort trap: double-free bug in lib/ssluse.c:Curl_ossl_close() ???

From: Edward B. DREGER <eddy+public+spam_at_noc.everquick.net>
Date: Thu, 19 Apr 2007 14:22:47 +0000 (GMT)

DS> Date: Thu, 19 Apr 2007 09:33:45 +0200 (CEST)
DS> From: Daniel Stenberg

DS> > I've found that OpenSSL also is internally detecting a divide-by-zero
DS> > error
DS>
DS> When?

When ssluse.c:Curl_ossl_step2() invokes SSL_connect(connssl->handle).
In 7.15.5, the failf() call at ssluse.c:1458 is what catches the ossl
failure.

DS> > which causes libcurl to [attempt to] clean up, which is when the
DS> > double-free trap occurs.
DS>
DS> So this is then an OpenSSL bug rather than a libcurl one?

I'm tempted to conclude that's the case; even if the root cause is in
PHP or libcurl, I don't see why ossl is hitting a div-by-zero. (Of
course, I'm now elbow-deep in the source of three programs which I've
never before spent much time exploring... so my identification accuracy
certainly isn't 100%.)

FWIW,

curl_setopt($ch, CURLOPT_SSLVERSION, $something) ;

in PHP can reliably set the behavior to any of:

* a trap before any HTTPS response
* a trap after pulling some of the headers
* SIGSEGV
* alternating SIGBUS and SIGILL

depending entirely on PHP version and value of $something. I probably
should whip up a contrived C-based libcurl test based on what PHP is
setting.

I suppose it could be also libc-related. *shrug* I just need to keep
unraveling this mess...

At any rate:

If I find something that looks libcurl-related, I'll post again.
Unless that happens, I wanted to close the thread on a "doesn't look
like a libcurl problem after all" note.

Thanks again,
Eddy

--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc_at_brics.com -*- jfconmaapaq_at_intc.net -*- sam_at_everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.

Received on 2007-04-19

This message: [ Message body ]
Next message: Robert Iakobashvili: "Re: [PROF RFC 1/2] profiling of libcurl by curl-loader, steady state"
Previous message: Robert Iakobashvili: "Re: [PROF RFC 1/2] profiling of libcurl by curl-loader, steady state"
In reply to: Daniel Stenberg: "Re: abort trap: double-free bug in lib/ssluse.c:Curl_ossl_close() ???"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]