On 6/20/2015 7:28 PM, (( \/\/|||"'""/'")) ((\"""" )) (( ))\\\"\\"\ wrote:
1. I have found conditions on custom IMAP command to get thousands of
envelopes in one FETCH where callback function tried to allocate huge
amounts of memory, more than response size, making Callback return -1,
and curl_easy_perform return something like "cannot write file" or
similar. Can't remember exact error...
2. When issuing "select inbox" + "search unseen", on 1 mail inbox the
data returned in body/header is ALWAYS wrong. Happens consistently on
1 inbox has probably 9 or 10k unseen mails. It's a MAJOR error here
and makes libcurl custom command responses 100% unreliable. I attached
some pictures to better describe and show libcurl incorrect response &
OpenSSL correct response. The response should be many thousands of
UID's and libcurl cuts it down to several hundred and concats a UID.
3. I found a way to make libcurl do an unhandled exception crash on
setting a custom command with a 300 byte string, although inconsistent
happens when sending/recieving many commands back to back. I spent a
few hours debugging it to try to do an exploit but I couldn't get
control of RIP so I don't think it's exploitable, but at best it's a
denial of service. Crash happens on curl_easy_setopt(CUSTOM_COMMAND,
"\x41 * 300") - dies when calling curl_easy_perform(). I have my
clients code in there and it's a lot so I can't send source but when I
have more free time, if needed, I could send you a binary to show the
crash. It's definitely in libcurl though.
Point 2 is definitely a serious bug [1] and it is listed in known bugs
[2]. I don't know of a good (or even a not-so-good) way to fix it.
Points 1 & 3 are either bugs or user error there isn't enough
information to tell. You'd need to provide a self contained source
example with the minimum amount of code needed to reproduce, no binary.
[1]: http://sourceforge.net/p/curl/bugs/1366/
[2]: http://curl.haxx.se/docs/knownbugs.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
