New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

reuse_conn(): free old_conn->options #2790

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
2 participants
@rouault
Contributor

rouault commented Jul 25, 2018

This fixes a memory leak when CURLOPT_LOGIN_OPTIONS is used, together with
connection reuse.

I found this with oss-fuzz on GDAL and curl master:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
I couldn't reproduce with the oss-fuzz original test case, but looking
at curl source code pointed to this well reproducable leak.

reuse_conn(): free old_conn->options
This fixes a memory leak when CURLOPT_LOGIN_OPTIONS is used, together with
connection reuse.

I found this with oss-fuzz on GDAL and curl master:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
I couldn't reproduce with the oss-fuzz original test case, but looking
at curl source code pointed to this well reproducable leak.
@bagder

bagder approved these changes Jul 25, 2018

@bagder bagder added the memory-leak label Jul 25, 2018

@bagder

This comment has been minimized.

Member

bagder commented Jul 26, 2018

Thanks!

@bagder bagder closed this in a7091ba Jul 26, 2018

xquery added a commit to xquery/curl that referenced this pull request Aug 9, 2018

reuse_conn(): free old_conn->options
This fixes a memory leak when CURLOPT_LOGIN_OPTIONS is used, together with
connection reuse.

I found this with oss-fuzz on GDAL and curl master:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
I couldn't reproduce with the oss-fuzz original test case, but looking
at curl source code pointed to this well reproducable leak.

Closes curl#2790

falconindy added a commit to falconindy/curl that referenced this pull request Sep 10, 2018

reuse_conn(): free old_conn->options
This fixes a memory leak when CURLOPT_LOGIN_OPTIONS is used, together with
connection reuse.

I found this with oss-fuzz on GDAL and curl master:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9582
I couldn't reproduce with the oss-fuzz original test case, but looking
at curl source code pointed to this well reproducable leak.

Closes curl#2790

@lock lock bot locked as resolved and limited conversation to collaborators Oct 24, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.