On Thu, 13 Jul 2023, Abhinav Singhal via curl-library wrote:
I understand that 7.80 is an old release, but it's shipped with one of our (older) releases and we're increasingly getting reports of crashes from the field. I was able to find why/where it's happening, and I'd like to run it by the curl team once so that they can confirm that this could indeed be an issue.
If it frees the same pointer twice, it is a double free. Otherwise it isn't. How can it be a potential double free?
7.80.0 was released about 1765 bugfixes ago. If there was such a problem back then, chances are we fixed it now. I don't recognize this exact one though so I'm not entirely sure. If you can reproduce with a current version I would be very interested.
There are some details in your report that makes it unlikely to be a/the issue: Curl_safefree() is a macro that both frees the pointer *and assigns it to NULL*. Thus, calling Curl_safefree() on the same pointer instance twice is perfectly fine - assuming you follow the threading guidelines.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
