From 6fdbb011948cc9fd2cadff04b230427cf02dbd7d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 23 Feb 2006 12:20:48 +0000 Subject: Lots of work and analysis by "xbx___" in bug #1431750 (http://curl.haxx.se/bug/view.cgi?id=1431750) helped me identify and fix two different but related bugs: 1) Removing an easy handle from a multi handle before the transfer is done could leave a connection in the connection cache for that handle that is in a state that isn't suitable for re-use. A subsequent re-use could then read from a NULL pointer and segfault. 2) When an easy handle was removed from the multi handle, there could be an outstanding c-ares DNS name resolve request. When the response arrived, it caused havoc since the connection struct it "belonged" to could've been freed already. Now Curl_done() is called when an easy handle is removed from a multi handle pre-maturely (that is, before the transfer was complteted). Curl_done() also makes sure to cancel all (if any) outstanding c-ares requests. --- RELEASE-NOTES | 2 ++ 1 file changed, 2 insertions(+) (limited to 'RELEASE-NOTES') diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 943b6b5ed..aeb78c4db 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -22,6 +22,8 @@ This release includes the following changes: This release includes the following bugfixes: + o two bugs concerning using curl_multi_remove_handle() before the transfer + was complete o multi-pass authentication and compressed content o minor format string mistake in the GSS/Negotiate code o cached DNS entries could remain in the cache too long -- cgit v1.2.3