www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno (session=0x0) at session.c:1219 (Daniel Stenberg)

Re:Re:Re: Segmentation fault libssh2_session_last_errno (session=0x0) at session.c:1219 (Daniel Stenberg)

From: balloon <e_balloon_at_163.com>
Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)

>This shows that the problem is in libcurl when sends a NULL to libssh2 so that
>it crashes.

>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups
>there. I'd like you to rebuild libcurl with debug symbols left so that the
>stack trace becomes usable.

>It shouldn't matter that it is Java, but it can very well be a problem that
>occurs only with that specific server implementation.
I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include <iostream>
#include <curl.h>

size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
{

    size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
    return len;
}

int main(int argc, char**argv)
{
char host[100];
if(argc < 2)
{
std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
return 1;
}
strcpy(host,argv[1]);
std::string sftp_url="sftp://";
sftp_url+=host;
sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str()); CURL *curl = curl_easy_init();
    if (!curl)
    {
        std::cout<<"Fail to initialize curl."<<std::endl;
        return 1;
    }
    curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
    curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
    FILE *fd = fopen("tmp.txt", "w");
    
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);

    // specify downloading file size
    curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
    CURLcode res = CURL_LAST;

    res = curl_easy_perform(curl);

    if (CURLE_OK == res)
    {
         std::cout<<"succeed."<<std::endl;
        curl_easy_cleanup(curl);
        return 0;
    }
    else
    {
        std::cout<<"fail."<<std::endl;
        curl_easy_cleanup(curl);
        return 1;
    }
}

Here is the result, pls let me know what can I do next. Thanks.
Starting program: /root/a.out 9.111.23.100
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
[Thread debugging using libthread_db enabled]
sftp url: sftp://9.111.23.100/a.txt
* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000)
* About to connect() to 9.111.23.100 port 22 (#0)
* Trying 9.111.23.100...
* Adding handle: conn: 0x877cf8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* 0x865828 is at send pipe head!
* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0)
* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0)

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00000000005c4a20 in DES_SPtrans ()
#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6
#3 0x0000000000000014 in ?? ()
#4 0x0000000000885778 in ?? ()
#5 0x0000000000887437 in ?? ()
#6 0x0000000000886780 in ?? ()
#7 0x00000000008869c0 in ?? ()
#8 0x0000000000886980 in ?? ()
#9 0xc3e557dbb4ac6000 in ?? ()
#10 0x22f09ddde873b1bc in ?? ()
#11 0x000000005c053c02 in ?? ()
#12 0x000000000088649c in ?? ()
#13 0x00007fffffffce30 in ?? ()
#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
)
    at hostkey.c:329
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2013-07-08

the libssh2 team