From b6a3e2be8e1bbb183597399c0dcdaa67022b958e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 27 Dec 2010 09:55:13 +0100 Subject: [PATCH] c-ares: fix cancelled resolves When built IPv6-enabled, we could do Curl_done() with one of the two resolves having returned already, so when ares_cancel() is called the resolve callback ends up doing funny things (sometimes resulting in a segfault) since it would try to actually store the previous resolve even though we're shutting down the resolve. This bug was introduced in commit 8ab137b2bc9630ce so it hasn't been included in any public release. Bug: http://curl.haxx.se/bug/view.cgi?id=3145445 Reported by: Pedro Larroy --- lib/hostasyn.c | 20 +++++++++++++++++++- lib/hostip.h | 6 ++++++ lib/url.c | 4 ---- 3 files changed, 25 insertions(+), 5 deletions(-) diff --git a/lib/hostasyn.c b/lib/hostasyn.c index 7d35fa0e7..7a65cb1b8 100644 --- a/lib/hostasyn.c +++ b/lib/hostasyn.c @@ -72,6 +72,24 @@ **********************************************************************/ #ifdef CURLRES_ASYNCH +/* + * Cancel all possibly still on-going resolves for this connection. + */ +void Curl_async_cancel(struct connectdata *conn) +{ + /* If we have a "half" response already received, we first clear that off + so that nothing is tempted to use it */ + if(conn->async.temp_ai) { + Curl_freeaddrinfo(conn->async.temp_ai); + conn->async.temp_ai = NULL; + } + + /* for ares-using, make sure all possible outstanding requests are properly + cancelled before we proceed */ + ares_cancel(conn->data->state.areschannel); +} + + /* * Curl_addrinfo_callback() gets called by ares, gethostbyname_thread() * or getaddrinfo_thread() when we got the name resolved (or not!). @@ -82,7 +100,7 @@ * * The storage operation locks and unlocks the DNS cache. */ -CURLcode Curl_addrinfo_callback(struct connectdata * conn, +CURLcode Curl_addrinfo_callback(struct connectdata *conn, int status, struct Curl_addrinfo *ai) { diff --git a/lib/hostip.h b/lib/hostip.h index 2f8d4b56c..3f27a2b87 100644 --- a/lib/hostip.h +++ b/lib/hostip.h @@ -70,6 +70,12 @@ struct hostent; struct SessionHandle; struct connectdata; +#ifdef CURLRES_ASYNCH +void Curl_async_cancel(struct connectdata *conn); +#else +#define Curl_async_cancel(x) do {} while(0) +#endif + /* * Curl_global_host_cache_init() initializes and sets up a global DNS cache. * Global DNS cache is general badness. Do not use. This will be removed in diff --git a/lib/url.c b/lib/url.c index 95d024d52..470b4c94c 100644 --- a/lib/url.c +++ b/lib/url.c @@ -5210,10 +5210,6 @@ CURLcode Curl_done(struct connectdata **connp, data->state.tempwrite = NULL; } - /* for ares-using, make sure all possible outstanding requests are properly - cancelled before we proceed */ - ares_cancel(data->state.areschannel); - /* if data->set.reuse_forbid is TRUE, it means the libcurl client has forced us to close this no matter what we think.