aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2006-03-07 23:11:41 +0000
committerDaniel Stenberg <daniel@haxx.se>2006-03-07 23:11:41 +0000
commitcffebd7fd6b7d9f24793f94fbae2a62c05c46eb0 (patch)
treeb5bc836753d12082ef851fc65580d91f90e3a3a6
parentb8c8e7349fef49e9027080632e9581f0c76d974b (diff)
Markus Koetter filed debian bug report #355715 which identified a problem
with the multi interface and multi-part formposts. The fix from February 22nd could make the Curl_done() function get called twice on the same connection and it was not designed for that and thus tried to call free() on an already freed memory area!
-rw-r--r--CHANGES6
-rw-r--r--RELEASE-NOTES4
-rw-r--r--lib/url.c6
-rw-r--r--lib/urldata.h4
4 files changed, 19 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index bb1c24d25..95a9c2a49 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,12 @@
Changelog
Daniel (7 March 2006)
+- Markus Koetter filed debian bug report #355715 which identified a problem
+ with the multi interface and multi-part formposts. The fix from February
+ 22nd could make the Curl_done() function get called twice on the same
+ connection and it was not designed for that and thus tried to call free() on
+ an already freed memory area!
+
- Peter Heuchert made sure the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL
is used properly.
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index a54f8d9dd..4de87c211 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -15,6 +15,7 @@ This release includes the following changes:
This release includes the following bugfixes:
+ o multi-part formpost with multi interface crash
o the CURLFTPSSL_CONTROL setting for CURLOPT_FTP_SSL is acknowledged
o "SSL: couldn't set callback" is now a less serious problem
o Interix build fix
@@ -28,6 +29,7 @@ Other curl-related news since the previous public release:
This release would not have looked like this without help, code, reports and
advice from friends like these:
- Gisle Vanem, Dan Fandrich, Thomas Klausner, Todd Vierling, Peter Heuchert
+ Gisle Vanem, Dan Fandrich, Thomas Klausner, Todd Vierling, Peter Heuchert,
+ Markus Koetter
Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/url.c b/lib/url.c
index 4eeb1dc9a..9a715c9f0 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3982,6 +3982,11 @@ CURLcode Curl_done(struct connectdata **connp,
struct connectdata *conn = *connp;
struct SessionHandle *data=conn->data;
+ if(conn->bits.done)
+ return CURLE_OK; /* Curl_done() has already been called */
+
+ conn->bits.done = TRUE; /* called just now! */
+
/* cleanups done even if the connection is re-used */
if(conn->bits.rangestringalloc) {
free(conn->range);
@@ -4047,6 +4052,7 @@ CURLcode Curl_do(struct connectdata **connp, bool *done)
struct connectdata *conn = *connp;
struct SessionHandle *data=conn->data;
+ conn->bits.done = FALSE; /* Curl_done() is not called yet */
conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to use */
if(conn->curl_do) {
diff --git a/lib/urldata.h b/lib/urldata.h
index a3802b7c3..6cb3729b9 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -432,6 +432,10 @@ struct ConnectBits {
bool trailerHdrPresent; /* Set when Trailer: header found in HTTP response.
Required to determine whether to look for trailers
in case of Transfer-Encoding: chunking */
+ bool done; /* set to FALSE when Curl_do() is called and set to TRUE
+ when Curl_done() is called, to prevent Curl_done() to
+ get invoked twice when the multi interface is
+ used. */
};
struct hostname {