Pausing non-HTTP transfers trigger segfault #7079
Description
Try to download a file via FTP using libcurl compiled with nghttp2
* Trying 10.52.59.74:21...
* Connected to 10.52.59.74 (10.52.59.74) port 21 (#0)
< 220 (vsFTPd 3.0.3)
> USER ftpuser
< 331 Please specify the password.
> PASS *****
< 230 Login successful.
> PWD
< 257 "/home/ftpuser" is the current directory
* Entry path is '/home/ftpuser'
> CWD backups
* ftp_perform ends with SECONDARY: 0
< 250 Directory successfully changed.
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||10150|)
* Trying 10.52.59.74:10150...
* Connecting to 10.52.59.74 (10.52.59.74) port 10150
* Connected to 10.52.59.74 (10.52.59.74) port 21 (#0)
> TYPE I
< 200 Switching to Binary mode.
> SIZE example.tar
< 213 137231344
* Instructs server to resume from offset 126745584
> REST 126745584
< 350 Restart position accepted (126745584).
> RETR example.tar
< 150 Opening BINARY mode data connection for example.tar (137231344 bytes).
* Maxdownload = -1
* Getting file with size: 10485760
A program fails with the error
Program received signal SIGSEGV, Segmentation fault.
0x000000000063a3a2 in nghttp2_session_set_local_window_size ()
(gdb) bt
#0 0x000000000063a3a2 in nghttp2_session_set_local_window_size ()
#1 0x00000000005e7d5a in Curl_http2_stream_pause ()
#2 0x00000000005f2beb in pausewrite ()
#3 0x00000000005fde11 in Curl_readwrite ()
#4 0x00000000005ef924 in multi_runsingle ()
#5 0x00000000005f0ede in curl_multi_perform ()
I expected the following
The file is downloaded successfully.
curl/libcurl version
7.76.1
operating system
any (Unix, Windows)
Possible fix
--- a/lib/http2.c Mon Apr 12 14:31:13 2021
+++ b/lib/http2.c Thu May 13 13:54:02 2021
@@ -2332,7 +2332,7 @@
DEBUGASSERT(data);
DEBUGASSERT(data->conn);
/* if it isn't HTTP/2, we're done */
- if(!data->conn->proto.httpc.h2)
+ if(!(data->conn->handler->protocol & PROTO_FAMILY_HTTP) || !data->conn->proto.httpc.h2)
return CURLE_OK;
#ifdef NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE
else {