Package: libcurl3-gnutls
Version: 7.18.2-8lenny2

Hello!
 I'm using libcurl-7.18.2 with GNU-TLS, with curl_multi_* interface.
I'm not using share handles. When i start my program on server with
high bandwidth rate, with a large amount of network streams, libcurl
causes memory corruption.
 I've wrote simple testcase(libcurl_bug_testcase.c), that reproduces
programs behaviour. Don't worry about irrational usage of
curl_easy_setopt, this is done to duplicate behaviour of my
apllication, which is much more complex then this testcase. Also i'm
attaching links set, with which bug appears(links.txt).
 When i run testcase under valgrind, in 80 network streams, there is
memory corruption in libcurl. There is invalid write of 4 bytes in
multi_runsingle (multi.c:907), which causes magic behaviour. You can
see it in attachment(valgrind_error_log.txt). If i run testcase
without valgrind, memory corruption results in segmentation fault.
 I checked this testcase with libcurl-7.19.5 and it seems, that bug is
fixed in it(i configured it with folowing options:
--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --without-ssl
--with-gnutls --without-libssh2).

 My system info:
    uname -a
        Linux * 2.6.26-2-686 #1 SMP Thu Mar 26 01:08:11 UTC 2009 i686 GNU/Linux

    aptitude show libcurl3-gnutls
        Package: libcurl3-gnutls
        State: installed
        Automatically installed: yes
        Version: 7.18.2-8lenny2
        Priority: optional
        Section: libs
        Maintainer: Domenico Andreoli <ca...@debian.org>
        Uncompressed Size: 418k
        Depends: libc6 (>= 2.7-1), libgnutls26 (>= 2.4.0-0), libidn11
(>= 0.5.18), libkrb53 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7),
zlib1g (>= 1:1.1.4), ca-certificates
        Conflicts: libcurl4-gnutls
        Replaces: libcurl4-gnutls
        Description: Multi-protocol file transfer library (GnuTLS)
         libcurl is designed to be a solid, usable, reliable and
portable multi-protocol file transfer library.

         SSL support is provided by GnuTLS.

         This is the shared version of libcurl.
        Homepage: http://curl.haxx.se

    gcc -v
        Using built-in specs.
        Target: i486-linux-gnu
        Configured with: ../src/configure -v --with-pkgversion='Debian
4.3.2-1.1' --with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs
--enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr
--enable-shared --with-system-zlib --libexecdir=/usr/lib
--without-included-gettext --enable-threads=posix --enable-nls
--with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3
--enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc
--enable-mpfr --enable-targets=all --enable-cld
--enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu
--target=i486-linux-gnu
        Thread model: posix
        gcc version 4.3.2 (Debian 4.3.2-1.1)

 Attachments:
    libcurl_bug_testcase.c - testcase, that reproduces memory corruption.
    links.txt - file with links, that should be passed to testcase.
    valgrind_error_log.txt - valgrind output on my server/desktop.


 With best regards, Piter Smith.

Attachment: attachments.tar.gz
Description: GNU Zip compressed data

Reply via email to