From e9bb7b771287026596d03b75c3767a64b0cf3952 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 21 Feb 2008 17:52:16 +0000 Subject: - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which happened if you set the connection cache size to 1 and for example failed to login to an FTP site. Bug report #1896698 (http://curl.haxx.se/bug/view.cgi?id=1896698) --- lib/transfer.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/transfer.c b/lib/transfer.c index 86dcfe24f..6288cec44 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -2389,8 +2389,12 @@ CURLcode Curl_perform(struct SessionHandle *data) if(CURLE_OK == res) res = res2; } - else - /* Curl_do() failed, clean up left-overs in the done-call */ + else if(conn) + /* Curl_do() failed, clean up left-overs in the done-call, but note + that at some cases the conn pointer is NULL when Curl_do() failed + and the connection cache is very small so only call Curl_done() if + conn is still "alive". + */ res2 = Curl_done(&conn, res, FALSE); /* -- cgit v1.2.3