Package: libcurl3-gnutls Version: 7.18.2-8lenny2 Hello! I'm using libcurl-7.18.2 with GNU-TLS, with curl_multi_* interface. I'm not using share handles. When i start my program on server with high bandwidth rate, with a large amount of network streams, libcurl causes memory corruption. I've wrote simple testcase(libcurl_bug_testcase.c), that reproduces programs behaviour. Don't worry about irrational usage of curl_easy_setopt, this is done to duplicate behaviour of my apllication, which is much more complex then this testcase. Also i'm attaching links set, with which bug appears(links.txt). When i run testcase under valgrind, in 80 network streams, there is memory corruption in libcurl. There is invalid write of 4 bytes in multi_runsingle (multi.c:907), which causes magic behaviour. You can see it in attachment(valgrind_error_log.txt). If i run testcase without valgrind, memory corruption results in segmentation fault. I checked this testcase with libcurl-7.19.5 and it seems, that bug is fixed in it(i configured it with folowing options: --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --without-ssl --with-gnutls --without-libssh2).
My system info: uname -a Linux * 2.6.26-2-686 #1 SMP Thu Mar 26 01:08:11 UTC 2009 i686 GNU/Linux aptitude show libcurl3-gnutls Package: libcurl3-gnutls State: installed Automatically installed: yes Version: 7.18.2-8lenny2 Priority: optional Section: libs Maintainer: Domenico Andreoli <ca...@debian.org> Uncompressed Size: 418k Depends: libc6 (>= 2.7-1), libgnutls26 (>= 2.4.0-0), libidn11 (>= 0.5.18), libkrb53 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7), zlib1g (>= 1:1.1.4), ca-certificates Conflicts: libcurl4-gnutls Replaces: libcurl4-gnutls Description: Multi-protocol file transfer library (GnuTLS) libcurl is designed to be a solid, usable, reliable and portable multi-protocol file transfer library. SSL support is provided by GnuTLS. This is the shared version of libcurl. Homepage: http://curl.haxx.se gcc -v Using built-in specs. Target: i486-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Debian 4.3.2-1.1' --with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs --enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-targets=all --enable-cld --enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu --target=i486-linux-gnu Thread model: posix gcc version 4.3.2 (Debian 4.3.2-1.1) Attachments: libcurl_bug_testcase.c - testcase, that reproduces memory corruption. links.txt - file with links, that should be passed to testcase. valgrind_error_log.txt - valgrind output on my server/desktop. With best regards, Piter Smith.
attachments.tar.gz
Description: GNU Zip compressed data