The crash itself is fixed by gtls: fix NULL pointer dereference / 386ed2d5904566cbc455a50ee7a57d70385e1f02. Released in 7.37.0 http://curl.haxx.se/changes.html)
I applied the patch gtls: fix NULL onto 7.35.0-1ubuntu2. The test program is now returning 'curl_easy_perform() failed: SSL connect error'. Using 7.37.1 (on archlinux) the test program returning the website as expected. #1348564 should fix this bug -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1310636 Title: Segmentation fault with self signed certificate Status in “curl” package in Ubuntu: Confirmed Bug description: When requesting an HTTPS url hxxps://harrowmedia.com/ (WARNING! known to host malware), disabling options CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST, libcurl3-gnutls produces a segmentation fault: (gdb) run Starting program: /home/wiredrat/src/curl_poc/curl_gnutls https://harrowmedia.com/ [Depuración de hilo usando libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [Nuevo Thread 0x7ffff2c2b700 (LWP 25858)] [Thread 0x7ffff2c2b700 (LWP 25858) terminado] Program received signal SIGSEGV, Segmentation fault. 0x00007ffff6e9db19 in gnutls_x509_crt_import () from /usr/lib/x86_64-linux-gnu/libgnutls.so.26 (gdb) bt #0 0x00007ffff6e9db19 in gnutls_x509_crt_import () from /usr/lib/x86_64-linux-gnu/libgnutls.so.26 #1 0x00007ffff7bc1ec9 in gtls_connect_step3 (conn=conn@entry=0x65aa50, sockindex=sockindex@entry=0) at vtls/gtls.c:708 #2 0x00007ffff7bc2a7a in gtls_connect_common (conn=conn@entry=0x65aa50, sockindex=sockindex@entry=0, nonblocking=nonblocking@entry=true, done=done@entry=0x7fffffffdde5) at vtls/gtls.c:918 #3 0x00007ffff7bc2e0d in Curl_gtls_connect_nonblocking (conn=conn@entry=0x65aa50, sockindex=sockindex@entry=0, done=done@entry=0x7fffffffdde5) at vtls/gtls.c:933 #4 0x00007ffff7bc3540 in Curl_ssl_connect_nonblocking (conn=conn@entry=0x65aa50, sockindex=sockindex@entry=0, done=0x7fffffffdde5) at vtls/vtls.c:293 #5 0x00007ffff7b86ffe in https_connecting (conn=0x65aa50, done=<optimized out>) at http.c:1354 #6 0x00007ffff7ba9571 in multi_runsingle (multi=multi@entry=0x6514f0, now=..., data=data@entry=0x648750) at multi.c:1195 #7 0x00007ffff7baa1c1 in curl_multi_perform (multi_handle=multi_handle@entry=0x6514f0, running_handles=running_handles@entry=0x7fffffffdea4) at multi.c:1752 #8 0x00007ffff7ba1923 in easy_transfer (multi=0x6514f0) at easy.c:705 #9 easy_perform (events=false, data=0x648750) at easy.c:784 #10 curl_easy_perform (easy=0x648750) at easy.c:803 #11 0x0000000000400b06 in main () Attached PoC can reproduce the issue against this url. The problem do not appear when linking against libcurl3-openssl. I suspect the problem is related to malformed certificate. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1310636/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
