#3919 Segfault with tclhttpd and TLS

obsolete: 8.4.17
Erik Leunissen

I experienced a segfault with Tcl8.4.17, when running tclhttpd (under Linux; I'm unsure whether the OS matters).

Reproducing the segfault involves tclhttpd (3.5.1) and probably tls1.5 as follows:

- Launch tclhttpd and make it listen at a https port, using TLS. I'm using libtls1.5.so, and configured tclhttpd to use TLSv1 only, using the standard configuration file settings. Although libtls1.5.so doesn't show up in the backtrace below, I can't get the segfault to occur when using regular (non-TLS) channels.

- From a http client, send a request with a malformed header. Receiving the malformed header is what triggers the server. I'm using the Tcl http client package, like this:

http::register https $httpsPort [list ::tls::socket \ -request 1 -require 1 -ssl2 0 -ssl3 0 -tls1 1 \ -cafile [file join $Dir(cert) cacert.pem]]
http::geturl https://$host:$port -headers [list {garbage 1}]

(You may need to retry submitting several times before the server crashes)

A full backtrace from the core dump has been attached.


  • Erik Leunissen
    Erik Leunissen

    full back trace

    • assigned_to: nobody --> andreas_kupries
    • labels: --> 25. Channel System
    • milestone: --> obsolete: 8.4.17
    • priority: 5 --> 7
  • Hmm, tls package not in stack trace...