php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #10082 curl_setopt with CURLOPT_HTTPHEADER option is broken
Submitted: 2001-03-30 14:43 UTC Modified: 2001-04-24 18:13 UTC
From: rooneg at electricjellyfish dot net Assigned:
Status: Closed Package: cURL related
PHP Version: 4.0 Latest CVS (30/03/2001) OS: FreeBSD 4.3
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: rooneg at electricjellyfish dot net
New email:
PHP Version: OS:

 

 [2001-03-30 14:43 UTC] rooneg at electricjellyfish dot net
The CURLOPT_HTTPHEADER option for curl_setopt does not
currently work correctly.  in the 4.0.4pl1 release, it
didn't work at all because the constant CURLOPT_HTTPHEADER
was mistakenly defined to CURLOPT_HEADER instead of the
correct value.  That appears to have been corrected in cvs.
 The fix is not complete however.  In lines 486 and 487 of
curl.c you are mallocing memory for a curl_slist and zeroing
it out, then using curl_slist_append later to add things to
the list.  This is incorrect.  curl_slist_append should
initially be called with a null pointer as its list, and it
will correctly allocate the memory itself.  If you allocate
and zero the memory, that adds an item at the beginning of
the list which is empty.  Later, when you try to execute
with curl_exec, it will crash because it trys to do a
strncmp against a null pointer inside your list object.

simply removing lines 486 and 487 will make everything work
properly.

a patch versus the latest cvs is attached below.

appologies for any trouble applying this, as i had to cut
and paste it into the web form.


Index: curl.c
===================================================================
RCS file: /repository/php4/ext/curl/curl.c,v
retrieving revision 1.41
diff -u -r1.41 curl.c
--- curl.c      2001/03/20 21:30:42     1.41
+++ curl.c      2001/03/30 19:37:40
@@ -483,9 +483,6 @@
                                        RETURN_FALSE;
                                }

-                               header =
emalloc(sizeof(struct curl_slist));
-                               memset(header, 0,
sizeof(struct curl_slist));
-                               
                                for
(zend_hash_internal_pointer_reset(headers);
                                    
zend_hash_get_current_data(headers, (void *
*)&current) == SUCCESS;
                                        
zend_hash_move_forward(headers)) {

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-03-30 14:55 UTC] rooneg at electricjellyfish dot net
Another thing that occured to me:

The later crash could be missed if you haven't set a
User-Agent header yourself.  When i set CURLOPT_USERAGENT
and then use CURLOPT_HTTPHEADER i get the crash.  It looks
like you won't get that unless you set USERAGENT, but I
haven't tested that case.  In any event, the way it's
currently done is still wrong.
 [2001-04-02 15:26 UTC] rooneg at electricjellyfish dot net
And in a related problem, it seems that if you specify
CURLOPT_RETURNTRANSFER, in some cases you can get a
truncated response due to two off by one errors.  at the
bottom of the curl_exec function, there is a line

 ret_data[stat_sb.st_size - 1] = '\0';

this is wrong, as it sets the next to last character of the
array to null, when it should be setting the last character.
 it should be replaced with

ret_data[stat_sb.st_size] = '\0';

similarly, the return line at the end is currently

RETURN_STRINGL(ret_data, stat_sb.st_size, 0);

which has a size that is one too short, so it should really be 

RETURN_STRINGL(ret_data, stat_sb.st_size + 1, 0);

since you have allocated an array that is st_size + 1 bytes
long, and filled it completely from the tmp file.
 [2001-04-24 18:13 UTC] sterling@php.net
Changes incorporated in CVS, thanks.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Feb 25 19:01:28 2020 UTC