Your message dated Sun, 28 Jun 2026 23:06:05 +0000
with message-id <[email protected]>
and subject line Bug#1140793: fixed in curl 8.21.0-2
has caused the Debian Bug report #1140793,
regarding curl: test_05_04_unclean_tls_shutdown fails on i386 due to
mod_curltest type promotion
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1140793: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1140793
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: curl
Version: 8.21.0-1
Severity: important
Tags: patch upstream
User: [email protected]
Usertags: autopkgtest
Dear Maintainer,
During recent autopkgtest runs triggered by the vsftpd migration (as shown in
the migration excuses page: https://qa.debian.org/excuses.php?package=vsftpd),
we observed consistent failures on 32-bit architectures (specifically i386) in
the following test case:
test_05_errors.py::TestErrors::test_05_04_unclean_tls_shutdown[http/1.0]
The test fails with exit code 8 (CURLE_WEIRD_SERVER_REPLY) instead of the
expected exit code 56 (CURLE_RECV_ERROR). The curl verbose log shows:
* Invalid Content-Length: value
* closing connection #0
Upon further investigation in a local unstable-i386 chroot, we found that the
Apache test server (mod_curltest) is actually sending an invalid
"Content-Length: -1" header.
The root cause lies in a signed/unsigned type promotion bug in the Apache test
module:
tests/http/testenv/mod_curltest/mod_curltest.c
Line 409 of mod_curltest.c contains the following ternary assignment:
r->clength = with_cl ? (chunks * chunk_size) : -1;
Where the variables are declared as:
int chunks;
size_t chunk_size;
apr_off_t clength; /* signed 64-bit integer */
On a 32-bit architecture (i386):
1. `chunks * chunk_size` evaluates to `unsigned int` (32-bit unsigned).
2. Due to Usual Arithmetic Conversions in C, the signed `-1` (int) operand of
the ternary operator is promoted to `unsigned int`, yielding `4294967295`
(0xFFFFFFFF).
3. The ternary operator returns `4294967295` as an `unsigned int`.
4. This unsigned value is then assigned to `r->clength` (apr_off_t, 64-bit
signed). Since the source is unsigned, it is zero-extended, resulting in
`r->clength` becoming `+4294967295`.
5. The subsequently executed check `if(r->clength >= 0)` evaluates to true.
6. Inside the block, `apr_ltoa(r->pool, (long)r->clength)` casts it to a 32-bit
signed `long` (on 32-bit platforms), which truncates it back to `-1`,
formatting it as "-1" and sending the "Content-Length: -1" header.
On a 64-bit architecture (amd64), `size_t` is 64-bit, and `-1` (32-bit int) is
promoted to `unsigned long` (64-bit), yielding `18446744073709551615`. When
assigned to `r->clength` (64-bit signed), it wraps back to `-1`, which
correctly skips the Content-Length generation.
This type promotion mismatch can be safely fixed by avoiding the
signed/unsigned mixture in the ternary operator.
Please find the attached patch which resolves this issue by explicitly
assigning the values using a standard if-else block.
Thanks,
Keng-Yu Lin
---
diff --git a/tests/http/testenv/mod_curltest/mod_curltest.c
b/tests/http/testenv/mod_curltest/mod_curltest.c
index 585c57b..308bf3b 100644
--- a/tests/http/testenv/mod_curltest/mod_curltest.c
+++ b/tests/http/testenv/mod_curltest/mod_curltest.c
@@ -406,8 +406,12 @@ static int curltest_tweak_handler(request_rec *r)
ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, "error_handler: processing "
"request, %s", r->args? r->args : "(no args)");
r->status = http_status;
- r->clength = with_cl ? (chunks * chunk_size) : -1;
+ if(with_cl) {
+ r->clength = (apr_off_t)chunks * chunk_size;
+ }
+ else {
+ r->clength = -1;
+ }
r->chunked = (r->proto_num >= HTTP_VERSION(1, 1)) && !with_cl;
apr_table_setn(r->headers_out, "request-id", request_id);
--- End Message ---
--- Begin Message ---
Source: curl
Source-Version: 8.21.0-2
Done: Carlos Henrique Lima Melara <[email protected]>
We believe that the bug you reported is fixed in the latest version of
curl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Carlos Henrique Lima Melara <[email protected]> (supplier of updated
curl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 28 Jun 2026 17:49:59 -0300
Source: curl
Architecture: source
Version: 8.21.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Curl Maintainers <[email protected]>
Changed-By: Carlos Henrique Lima Melara <[email protected]>
Closes: 1140793
Changes:
curl (8.21.0-2) unstable; urgency=medium
.
* d/p/tests-fix-type-promotion-on-32-bit-arches.patch: add patch.
(Closes: #1140793)
Checksums-Sha1:
0fd0a6ec72371515b3ae04f78d06fbbb30cab5f1 3545 curl_8.21.0-2.dsc
ec47cbca16e28c4c8b49da7668dc2a350fcfcd7d 65312 curl_8.21.0-2.debian.tar.xz
3e65ef16d5f56ef79541f4cfc8b1d1f5244e1e67 12277 curl_8.21.0-2_amd64.buildinfo
Checksums-Sha256:
86a8e0ce106d0bc28c3995f65fe73ac1b43f6660d3667477adda4e0affb8c6f4 3545
curl_8.21.0-2.dsc
f767d84fa9827ccfa1fe1df68ca4cfc5b87f18d90631c0bb9d072eddda655922 65312
curl_8.21.0-2.debian.tar.xz
1fafeef0c0fb3a8693ee0bb351b93738ac1dcda9b8dec3f0bd6c740c82991cd6 12277
curl_8.21.0-2_amd64.buildinfo
Files:
38c83144cb5ce3bccc6a291ada90022e 3545 web optional curl_8.21.0-2.dsc
ca1243fd0d5504c93af1127839370a03 65312 web optional curl_8.21.0-2.debian.tar.xz
c74e8727b372d96f182777bdea183713 12277 web optional
curl_8.21.0-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJNBAEBCgA3FiEECgzx8d8+AINglLHJt4M9ggJ8mQsFAmpBoBEZHGNoYXJsZXNt
ZWxhcmFAcmlzZXVwLm5ldAAKCRC3gz2CAnyZC8V3D/9CSuy6uqd1c86YHHCnhHqA
Z2gfp+N4sHBpyq6L3wBbTFgc/XPgc9vBYiyF4xdU3VJsguhk3sJAJ3FBW/iGmfUT
1ZO+FDu6QeTniHuZmFKcFjZTHWd5MktDldcunKayua4ay9VmgY9nMgchAXAKe/gY
SoY5D5Ii2gK7zF+5d1deBKCrYcrDYVeSQIXhAbfJjzm1PoJuWHE3Gey6lQO2EXyq
djbSVp61JreeLKGqYv5rQ+Z60GO+xlIsC7fb9/9ALMawWhh9V2dA+LlKuclK676v
9FaK58hGXMeHo+o9/7AATb6z333pITlEiSCX/0hb/aVu4GUKmyaxrlM1L1AcMPqw
mO2jCDBnsaDJQtT0kh/CuGNnTaBbkY6hV0jJep2EONaZixMbMFYN0RVPB9tMvuu6
Yn+ZyUxsYXruGp6Q5exk4oh0zUW3PmVb0JzdarQseJKRb9b8NWfIltLXB+6ecdkv
og/1ofSHTwhd+i63PEwTvmd5NQiA8LD9TD9aGBJYoPmyAVfs3HCuPPPbntNuE7vH
XPXk+S6bgAtBZsnMLiEK5oybOsd8WGuzE2PZs8t0sfl/TUAqVJ//w0Q7HZEn3Dnj
xydur9YGyOkxcHUYKKmJ8LvjUI5CHNV6MXRAHU9uRehbm96Nkz/ZUih7D/Zam67Z
pwTxSo4yvmQz18UJNmG7NQ==
=otG7
-----END PGP SIGNATURE-----
pgpeV2MMSJang.pgp
Description: PGP signature
--- End Message ---