|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48774 SIGSEGVs when using curl_copy_handle()
Submitted: 2009-07-02 13:20 UTC Modified: 2009-07-22 14:15 UTC
From: Assigned: srinatar
Status: Closed Package: cURL related
PHP Version: 5.3CVS-2009-07-02 (CVS) OS: Linux
Private report: No CVE-ID:
 [2009-07-02 13:20 UTC]


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-07-09 16:31 UTC] daniel at haxx dot se
I think it would help the devs if you'd also specify what libcurl version you use (preferably with curl -V or similar to give all the details).
 [2009-07-11 10:12 UTC] sriram dot natarajan at gmail dot com
i was able to reproduce this on rhel 5 which ships with curl 7.15.5.

and this below patch seems to fix this problem
--- ext/curl/interface.c.ORIG   2009-07-09 15:24:00.000000000 -0700
+++ ext/curl/interface.c        2009-07-11 03:08:56.000000000 -0700
@@ -1444,9 +1444,13 @@
        zend_llist_copy(&dupch->to_free.str, &ch->to_free.str);
        /* Don't try to free copied strings, they're free'd when the original handle is destroyed */
        dupch->to_free.str.dtor = NULL;
        zend_llist_copy(&dupch->to_free.slist, &ch->to_free.slist);
+       dupch->to_free.slist.dtor = NULL;
        zend_llist_copy(&dupch->, &ch->;
+       dupch-> = NULL;
        ZEND_REGISTER_RESOURCE(return_value, dupch, le_curl);
        dupch->id = Z_LVAL_P(return_value);

need to investigate and possibly add couple of test cases
 [2009-07-11 10:54 UTC] sriram dot natarajan at gmail dot com
here is a better way to read the patches..
 [2009-07-14 09:40 UTC] sriram dot natarajan at gmail dot com
 though the above patch does fix the crash reported by the developer, on further investigation this patch is not the right fix. 

the issue that is happening is when the form input data is a array, the constructed form data is not available when executing curl_exec on the cloned handle.
 [2009-07-18 07:10 UTC]
while looking into this bug, i also realized that this below test case is also broken

less curl_copy_handle_basic_002.phpt 
  curl_setopt($ch, CURLOPT_POSTFIELDS, "Hello=World&Foo=Bar&Person=John%20Doe");
  curl_setopt($ch, CURLOPT_URL, $url); //set the url we want to use
  $copy = curl_copy_handle($ch);

(currently, marked as expected failure..) so, i have filed a separate bug : 48965 to track this separately
 [2009-07-20 14:54 UTC]
See also bug #48965
 [2009-07-21 20:32 UTC]
Automatic comment from SVN on behalf of srinatar
Log: - Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()).
 [2009-07-21 22:57 UTC]
Automatic comment from SVN on behalf of jani
Log: - Fix badly applied patch (bug #48774)
 [2009-07-22 13:47 UTC]
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Sat Nov 28 16:01:31 2015 UTC