Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
Segfault in imap_done when calling curl_multi_remove_handle() #1953
I did this
I expected the following
Not to hit a segfault...
Verbose logs add on some context:
The issue appears to be calling this code:
kali + ubuntu.
In stack frame
The monster condition looks like:
So which of these was set to make the code execute this block? I'm trying to reproduce this with a test case but I don't quite understand the setup yet.
If you need more, let me know.
In case it's relevant:
curl_mime_addpart calls this code:
(there's a bug here, but that's separate).
When imap_done() got called before a connection is setup, it would try to "finish up" and dereffed a NULL pointer. Test case 1153 managed to reproduce. I had to actually use a host name to try to resolve to slow it down, as using the normal local server IP will make libcurl get a connection in the first curl_multi_perform() loop and then the bug doesn't trigger. Fixes #1953 Assisted-by: Max Dymond