Download
Browse source Changelog
Documentation
Project   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Book: Everything curl Report a bug Mail Etiquette
Development
Autobuilds Code Style Contribute Internals Release Notes Release Procedure Roadmap Run Tests Security Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail

curl-library

segfault in Curl_conncache_remove_conn with 7.49.1

From: Eric Ridge via curl-library <curl-library_at_cool.haxx.se>
Date: Fri, 17 Nov 2017 12:58:47 -0700

I'm using libcurl in a C-based project and I ran across a crash the other day that I'm not able to re-create.

This is with curl 7.49.1 on MacOS High Sierra (Darwin emacpro28.lan 17.0.0 Darwin Kernel Version 17.0.0). I've custom-compiled curl with these options:
        '--disable-static' '--enable-hidden-symbols' '--disable-threaded-resolver' '--with-gssapi' '--with-darwinssl' '--without-libssh2'

Here's the backtrace:

    frame #0: 0x00007fff60b7bfce libsystem_kernel.dylib`__pthread_kill + 10
    frame #1: 0x00007fff60cb9150 libsystem_pthread.dylib`pthread_kill + 333
    frame #2: 0x00007fff60ad832a libsystem_c.dylib`abort + 127
    frame #3: 0x00007fff60be0b28 libsystem_malloc.dylib`szone_error + 596
    frame #4: 0x00007fff60bd676b libsystem_malloc.dylib`tiny_free_list_remove_ptr + 298
    frame #5: 0x00007fff60beb690 libsystem_malloc.dylib`tiny_free_no_lock + 370
    frame #6: 0x00007fff60bec254 libsystem_malloc.dylib`free_tiny + 628
    frame #7: 0x00007fff5f343bd5 libcurl.4.dylib`Curl_llist_remove + 124
    frame #8: 0x00007fff5f357dff libcurl.4.dylib`Curl_conncache_remove_conn + 64
    frame #9: 0x00007fff5f330b85 libcurl.4.dylib`Curl_disconnect + 168
    frame #10: 0x00007fff5f344b18 libcurl.4.dylib`multi_done + 407
    frame #11: 0x00007fff5f346195 libcurl.4.dylib`multi_runsingle + 2734
    frame #12: 0x00007fff5f3455ed libcurl.4.dylib`curl_multi_perform + 114
    frame #13: 0x00007fff5f33e741 libcurl.4.dylib`curl_easy_perform + 362
    frame #14: 0x0000000103943c51 zombodb.so`rest_call + 769 <-- this is my code

I guess I'm wondering what might cause this? My app is single-threaded and my usage pattern is that I init curl once on startup (and set non-request-specific CURLOPTs at this time) and just re-use it throughout the lifetime of the app.

I did notice a little bug in my code where I was setting CURLOPT_ERRORBUFFER to an allocated char * that happened to get free'd later on, so that's no good, but I can't decide if that would cause this crash in libcurl.

I haven't been able to re-produce this for the past few days (even with the above bug in my code still around), so it's kinda hard to figure out if I've fixed it or not. :)

Does anyone have any insight into what might cause libcurl to segfault here?

Thanks for your time!

eric

ps, I'm a new subscriber here and signed up for digest -- I'd appreciate a CC if you reply.
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-11-17