delayed easy handle kill caused double Curl_close() call
Hauke Duden provided an example program that made the multi interface crash. His example simply used the multi interface and did first one FTP transfer and after completion it used a second easy handle and did another FTP transfer on the same FTP server. This triggered a bug in the "delayed easy handle kill" system that curl uses: when an FTP connection is left alive it must keep an easy handle around internally - only for the purpose of having an easy handle when it later disconnects it. The code assumed that when the easy handle was removed and an internal reference was made, that version could be killed later on when a new easy handle came using the same connection. This was wrong as Hauke's example showed that the removed handle wasn't killed for real until later. This caused a double close attempt => segfault.
This commit is contained in:
Daniel Stenberg
@@ -36,6 +36,7 @@ This release includes the following bugfixes:
|
||||
o TFTP fixed TSIZE handling for uploads
|
||||
o SSL possible double free when reusing curl handle
|
||||
o alarm()-based DNS timeout bug
|
||||
o re-used FTP connection multi interface crash
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
@@ -47,6 +48,6 @@ advice from friends like these:
|
||||
Steven M. Schweda, Yang Tse, Jack Zhang, Tom Donovan, Martin Hager,
|
||||
Daniel Fandrich, Patrick Monnerat, Pat Ray, Wesley Miaw, Ben Greear,
|
||||
Ryan Chan, Markus Duft, Andrei Benea, Jacob Moshenko, Daniel Johnson,
|
||||
Constantine Sapuntzakis, Douglas Steinwand, Thomas Lopatic
|
||||
Constantine Sapuntzakis, Douglas Steinwand, Thomas Lopatic, Hauke Duden
|
||||
|
||||
Thanks! (and sorry if I forgot to mention someone)
|
||||
|
||||
Reference in New Issue
Block a user