Package: libcurl3-gnutls Version: 7.18.2-8lenny2 Hello! I'm using libcurl-7.18.2 with GNU-TLS, with curl_multi_* interface. I'm not using share handles. When i start my program on server with high bandwidth rate, with a large amount of network streams, libcurl causes memory corruption. I've wrote simple testcase(libcurl_bug_testcase.c), that reproduces programs behaviour. Don't worry about irrational usage of curl_easy_setopt, this is done to duplicate behaviour of my apllication, which is much more complex then this testcase. Also i'm attaching links set, with which bug appears(links.txt). When i run testcase under valgrind, in 80 network streams, there is memory corruption in libcurl. There is invalid write of 4 bytes in multi_runsingle (multi.c:907), which causes magic behaviour. You can see it in attachment(valgrind_error_log.txt). If i run testcase without valgrind, memory corruption results in segmentation fault. I checked this testcase with libcurl-7.19.5 and it seems, that bug is fixed in it(i configured it with folowing options: --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --without-ssl --with-gnutls --without-libssh2).
My system info:
uname -a
Linux * 2.6.26-2-686 #1 SMP Thu Mar 26 01:08:11 UTC 2009 i686 GNU/Linux
aptitude show libcurl3-gnutls
Package: libcurl3-gnutls
State: installed
Automatically installed: yes
Version: 7.18.2-8lenny2
Priority: optional
Section: libs
Maintainer: Domenico Andreoli <ca...@debian.org>
Uncompressed Size: 418k
Depends: libc6 (>= 2.7-1), libgnutls26 (>= 2.4.0-0), libidn11
(>= 0.5.18), libkrb53 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7),
zlib1g (>= 1:1.1.4), ca-certificates
Conflicts: libcurl4-gnutls
Replaces: libcurl4-gnutls
Description: Multi-protocol file transfer library (GnuTLS)
libcurl is designed to be a solid, usable, reliable and
portable multi-protocol file transfer library.
SSL support is provided by GnuTLS.
This is the shared version of libcurl.
Homepage: http://curl.haxx.se
gcc -v
Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
4.3.2-1.1' --with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs
--enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr
--enable-shared --with-system-zlib --libexecdir=/usr/lib
--without-included-gettext --enable-threads=posix --enable-nls
--with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3
--enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc
--enable-mpfr --enable-targets=all --enable-cld
--enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu
--target=i486-linux-gnu
Thread model: posix
gcc version 4.3.2 (Debian 4.3.2-1.1)
Attachments:
libcurl_bug_testcase.c - testcase, that reproduces memory corruption.
links.txt - file with links, that should be passed to testcase.
valgrind_error_log.txt - valgrind output on my server/desktop.
With best regards, Piter Smith.
attachments.tar.gz
Description: GNU Zip compressed data
