Download
Browse source Changelog
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code Style Contribute Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

libcurl Version 7.66 crashes when uploading a file using https

From: Arun Jaganath via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 27 Nov 2019 20:44:32 +0530

Hi,

While upgrading from libcurl version 7.56.1 to 7.66, I am facing a crash.
This is while i am trying to upload a file in chunks using https protocol.
I have set the read callback function using

 curl_easy_setopt(m_curl_upload_resume, CURLOPT_READFUNCTION,
upload_resume_read_callback);

/* which file to upload */
curl_easy_setopt(m_curl_upload_resume, CURLOPT_READDATA, (void *)&hd);

I have modified CURL_MAX_WRITE_SIZE from 16384 to 1048608 in order to read
1MB. I have recompiled the libcurl Version 7.66 and observed the libcurl
crash while uploading. Following is the crash dump.
* read function returned funny value

*** Error in `./dtf_co: double free or corruption (!prev):
0x00007f0d58126cd0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7908b)[0x7f0d6097a08b]
/lib/x86_64-linux-gnu/libc.so.6(+0x82c3a)[0x7f0d60983c3a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f0d60987d2c]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(+0x42e09)[0x7f0d619b4e09]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(+0x45ad9)[0x7f0d619b7ad9]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(curl_multi_perform+0xd8)[0x7f0d619b811d]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(+0x3a7ff)[0x7f0d619ac7ff]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(+0x3aa6d)[0x7f0d619aca6d]
/app/staging/pr_1awcore/native/release/ad/usr/local/lib/libcurl.so.4(curl_easy_perform+0x1d)[0x7f0d619acadb]
/home/ubuntu/Version_10/staging/pr_1awcore/native/release/ad/usr/1aw/lib/libopen_auth_client.so(_ZN16Open_auth_client24https_upload_file_resumeENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES5_S5_S5_S5_S5_S5_S5_S5_S5_S5_mmmRmiS5_RS5_S7_+0x81d)[0x7f0d6255c49d]
./dtf_agent_comm(+0x15f55)[0x55f81536bf55]
./dtf_agent_comm(+0x1ea1d)[0x55f815374a1d]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76da)[0x7f0d6126e6da]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x5f)[0x7f0d60a09d7f]

What puzzles me is the same code works on the libcurl version 7.56.1 with
the CURL_MAX_WRITE_SIZE set to 1048608.

Any help is highly appreciated. 

-- 
*Thanks and Regards,*
*Arun J*

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-11-27