diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2008-02-21 17:52:16 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2008-02-21 17:52:16 +0000 |
| commit | e9bb7b771287026596d03b75c3767a64b0cf3952 (patch) | |
| tree | 6079c410953df44bfae02721ed6ba3aae3ce999e | |
| parent | 5e9c564883512130d356a81f6dcb3057572f1690 (diff) | |
- Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
happened if you set the connection cache size to 1 and for example failed to
login to an FTP site. Bug report #1896698
(http://curl.haxx.se/bug/view.cgi?id=1896698)
| -rw-r--r-- | CHANGES | 6 | ||||
| -rw-r--r-- | RELEASE-NOTES | 3 | ||||
| -rw-r--r-- | lib/transfer.c | 8 |
3 files changed, 14 insertions, 3 deletions
@@ -6,6 +6,12 @@ Changelog +Daniel S (21 Feb 2008) +- Zmey Petroff found a crash when libcurl accessed a NULL pointer, which + happened if you set the connection cache size to 1 and for example failed to + login to an FTP site. Bug report #1896698 + (http://curl.haxx.se/bug/view.cgi?id=1896698) + Daniel S (20 Feb 2008) - Fixed test case 405 to not fail when libcurl is built with GnuTLS diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 4993be1fd..5b3ed07c1 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -29,6 +29,7 @@ This release includes the following bugfixes: a transfer going on, the connection is now closed by force o bad re-use of SSL connections in non-complete state o test case 405 failures with GnuTLS builds + o crash when connection cache size is 1 and Curl_do() failed This release includes the following known bugs: @@ -47,6 +48,6 @@ advice from friends like these: Michal Marek, Dmitry Kurochkin, Niklas Angebrand, Günter Knauf, Yang Tse, Dan Fandrich, Mike Hommey, Pooyan McSporran, Jerome Muffat-Meridol, - Kaspar Brand, Gautam Kachroo + Kaspar Brand, Gautam Kachroo, Zmey Petroff Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/transfer.c b/lib/transfer.c index 86dcfe24f..6288cec44 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -2389,8 +2389,12 @@ CURLcode Curl_perform(struct SessionHandle *data) if(CURLE_OK == res) res = res2; } - else - /* Curl_do() failed, clean up left-overs in the done-call */ + else if(conn) + /* Curl_do() failed, clean up left-overs in the done-call, but note + that at some cases the conn pointer is NULL when Curl_do() failed + and the connection cache is very small so only call Curl_done() if + conn is still "alive". + */ res2 = Curl_done(&conn, res, FALSE); /* |