Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Describe the bug
mpd crashes when stopping a stream. Steps to reproduce:
mpc add https://listen.moe/stream; mpc play; sleep 1; mpc stop
mpd stops playing without crashing.
Despite this being only reproducible with curl 7.67.0, I don't see any evidence in stack traces that it's actually curl's fault. I think the new shared object has merely pushed some things around in memory enough to trigger a use-after-free in mpd code.
At this point
And if I compile with ASAN, it points to a heap use-after-free in MPD code at the same object:
I guess I've misappropriated the ASAN complaint. It's not complaining about reading crap from the same object, but if I try to print the address of the CURLMsg* that it points to (Global.cxx:214), then I get an address such as 0x62300000fd68 (seems legit given the stack frame addresses?), and then ASAN fails elsewhere, such as:
So, I'm still unconvinced this is a curl problem.
From a first glance, this looks like a CURL bug, but I'll investigate.
curl/curl@59041f0 introduces a new bug.
Not a MPD bug.