Menu
▾
▴
#1463 libCurl crashes the program by throwing SSL read: error:00000000:lib(0):func(0):reason(0), errno 110".
closed-out-of-date
5
2015-03-17
2014-12-09
No
libcurl version - 7.38.0
platform - openwrt arm7
protocol - https
program code snippet
if (curl) {
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_easy_setopt(curl, CURLOPT_TIMEOUT, 30);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, read_data);
//url_easy_setopt(curl, CURLOPT_WRITEDATA, client);
curl_easy_setopt(curl, CURLOPT_URL, "https://***.com:1027/page");
curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost);
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 0);
printf("sending perform request\n");
try{
res = curl_easy_perform(curl); // Perform the request, res will get the return code
printf("%s",curl_easy_strerror(res));
}catch(int e){
printf("catch the error\n");
fflush(stdout);
}
printf("perform done");
if (res != CURLE_OK) { / Check for errors /
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
printf(" Uploading failed \n");
fflush(stdout);
result = 0;
}
And i tried with this as well
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 2);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, true);
curl_easy_setopt(curl, CURLOPT_CAINFO, "/server.cer");
Output
sending perform request
POST /send_log HTTP/1.1
Host: cloud.securifi.com:1027
Accept: /
Content-Length: 1028775
Expect: 100-continue
Content-Type: multipart/form-data; boundary=----------------------------d7460292fcc7
< HTTP/1.1 100 Continue
* SSL read: error:00000000:lib(0):func(0):reason(0), errno 110
"crash" means it doesn't return normally, but surely it did?
This is libcurl not being able to figure out an error that OpenSSL returns. What OpenSSL version is this?
What happens if you try the same OpenSSL and curl versions on a x86 linux? Does it happen with other OpenSSL versions? Does it happen against any publicly accessible URLs so that we can try to reproduce?
Yeah i tried Signal's and try catch to handle this but no luck in catching this error. process exit immediately after receiving this error.
my openSSL version is 1.0.1i on openwrt platform
I run my code on x86 linux where it stuck for long time process doesn't came out of it.
on x86 my curl version is 7.35.0 and openSSL version is 1.0.1f
I tried to dig up more in this issue and i got more precise step to reproduce it.
1.run curl command (form post) with verbose enabled (version->7.38.0,paltform->openwrt arm)
2.when it comes to Http/1.1 100 continue unplug your internet wire.
i will try to reproduce this issue on other platform as well and give you the result.
Can you run gdb on your target?
If so, that could help you determine exactly where it stops.
If not, I guess adding some logging to libcurl at some places could be useful to narrow down exactly which exact code that crashes.
I run the same code on mipsel platform with same curl and openSSl version and followed the same steps but there libcurl returning fine by proper error code : Failure when receiving data from peer.
Last edit: kritpal singh 2014-12-10
Sorry its not possible to run with gdb. Yeah but if you tell me where i have to add logging in curl that i can do.
Note:Its crashing with curl bin as well on openwrt.
If your target is using glibc and this is caused by a segfault, you can run your program with the environment variable LD_PRELOAD=/lib/libSegFault.so and that will catch the segfault and print a backtrace. But you haven't given any indication it's a segfault that's ending the program, so maybe it's calling exit at some point. Running the program with strace -i will tell you if that's the case and tell you where the exit call is coming from.
It is glibc but its not segfault otherwise my SignalHandler will caught it.
Its not possible to put strace on that platform because on openwrt platform because it doesn't have enough memory.
I think you are right somewhere it calling exit so that's why my code doesn't get any signal or exception.
Ok, so you can't debug it and we can't repeat it. That's a deadlock.
Nothing further, closing.