polipo crash with segment fault

[qianguozheng]

Hi @jech, I got polipo crashed on certain case, and compiled the polipo with -g using gdb to trace the error. found it segment fault at function httpServerContinueConditionHandler(int status, ConditionHandlerPtr chandler)

I modify the code int server.c like below:

static int
httpServerContinueConditionHandler(int status, ConditionHandlerPtr chandler)
{
    HTTPConnectionPtr connection = *(HTTPConnectionPtr*)chandler->data;

    if (connection)
    {
        if (!connection->request)
        {
            do_log(L_ERROR, "%s(%d): Null Request\n", __FUNCTION__, __LINE__);
            return 0;
        }
    }
    else
    {
        do_log(L_ERROR, "%s(%d): Null Connection\n", __FUNCTION__, __LINE__);
        return 0;
    }

    if(connection->request->flags & REQUEST_WAIT_CONTINUE)
        return 0;
    httpServerDelayedDoSide(connection);
    return 1;
}

Still, I catch the bug, it is the connection->request is NULL. print the line Null Request. But still the program got SIGABORT signal in gdb.

So, could help me with this, what should I do when NULL request found like above ?

I know normal case we should find out why the connection is NULL, not how to process it. But it's really urgent, I need to fix it, at least make sure polipo running stable. Actually, I would like to read polipo more, but there is little comment in code, it's really hard, especially the memory allocation part, Tks.

[ir193]

Hi, qianguozheng. Could you give some information about how to reproduce the bug? For example, which URL, or what kind of request?

[qianguozheng]

hi @ir193 , if I can reproduce it easily, I could have fixed it by myself. common http reqest maybe some wechat request? they are so many, and not every case can be reproduce, but a common SIGABORT. by the way, I have change the findObject() function to only cache some desired data, which should not affect the server request side.