mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
HTTP: memory leak on multiple Location:
The HTTP parser allocated memory on each received Location: header without properly freeing old data. Starting now, the code only considers the first Location: header and will blissfully ignore subsequent ones. Bug: http://curl.haxx.se/bug/view.cgi?id=3165129 Reported by: Martin Lemke
This commit is contained in:
parent
4b837a7e15
commit
dbcaa00657
@ -3723,7 +3723,8 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
|
||||
return result;
|
||||
}
|
||||
else if((k->httpcode >= 300 && k->httpcode < 400) &&
|
||||
checkprefix("Location:", k->p)) {
|
||||
checkprefix("Location:", k->p) &&
|
||||
!data->req.location) {
|
||||
/* this is the URL that the server advises us to use instead */
|
||||
char *location = Curl_copy_header_value(k->p);
|
||||
if (!location)
|
||||
@ -3732,7 +3733,6 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
|
||||
/* ignore empty data */
|
||||
free(location);
|
||||
else {
|
||||
DEBUGASSERT(!data->req.location);
|
||||
data->req.location = location;
|
||||
|
||||
if(data->set.http_follow_location) {
|
||||
|
58
tests/data/test580
Normal file
58
tests/data/test580
Normal file
@ -0,0 +1,58 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
multi
|
||||
Duplicate-header
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
HTTP/1.1 302 eat this!
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Location: this-is-the-first.html
|
||||
Content-Length: 0
|
||||
Connection: close
|
||||
Location: and there's a second one too! / moo.html
|
||||
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
http
|
||||
</features>
|
||||
# tool is what to use instead of 'curl'
|
||||
<tool>
|
||||
lib507
|
||||
</tool>
|
||||
|
||||
<name>
|
||||
multi interface, multiple Location: headers
|
||||
</name>
|
||||
<command>
|
||||
http://%HOSTIP:%HTTPPORT/580
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /580 HTTP/1.1
|
||||
Host: %HOSTIP:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
@ -48,6 +48,7 @@ int test(char *URL)
|
||||
}
|
||||
|
||||
test_setopt(curls, CURLOPT_URL, URL);
|
||||
test_setopt(curls, CURLOPT_HEADER, 1L);
|
||||
|
||||
if ((ret = curl_multi_add_handle(multi, curls)) != CURLM_OK) {
|
||||
fprintf(stderr, "curl_multi_add_handle() failed, "
|
||||
|
Loading…
Reference in New Issue
Block a user