aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2012-09-28 13:56:03 +0200
committerDaniel Stenberg <daniel@haxx.se>2012-09-28 13:57:41 +0200
commit628c4e7af1a28ea2d8463a29d59a58d30eb1f710 (patch)
treeebd8f980c391f3dbb5f127b386f38b9b7ed7d4c1
parent4ea7a65af725d0530a173b080acb6cb6db5432b3 (diff)
Curl_reconnect_request: clear pointer on failure
The Curl_reconnect_request() function could end up returning a pointer to a free()d struct when Curl_done() failed inside. Clearing the pointer unconditionally after Curl_done() avoids this risk. Reported by: Ho-chi Chen Bug: http://curl.haxx.se/mail/lib-2012-09/0188.html
-rw-r--r--lib/transfer.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/transfer.c b/lib/transfer.c
index 73456ec3e..2ad5fad46 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1985,7 +1985,9 @@ Curl_reconnect_request(struct connectdata **connp)
conn->bits.close = TRUE; /* enforce close of this connection */
result = Curl_done(&conn, result, FALSE); /* we are so done with this */
- /* conn may no longer be a good pointer */
+ /* conn may no longer be a good pointer, clear it to avoid mistakes by
+ parent functions */
+ *connp = NULL;
/*
* According to bug report #1330310. We need to check for CURLE_SEND_ERROR