summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorDave Reisner <dreisner@archlinux.org>2011-08-11 14:19:39 +0200
committerDan McGee <dan@archlinux.org>2011-08-11 18:18:21 +0200
commitedd9ed6a3bbe0a351fdf09b3d4b33c8d2fd66899 (patch)
treef973c4b9cf436137ac793c11811ec202f31bc79a /lib
parentc4112da8c3c628570d059679abd5bd4c79286184 (diff)
downloadpacman-edd9ed6a3bbe0a351fdf09b3d4b33c8d2fd66899.tar.gz
pacman-edd9ed6a3bbe0a351fdf09b3d4b33c8d2fd66899.tar.xz
stop progress callbacks after curl_easy_perform returns
This prevents possible null dereferences in FTP transfers when the progress callback is touched during connection teardown. http://curl.haxx.se/mail/lib-2011-08/0128.html Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib')
-rw-r--r--lib/libalpm/dload.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c
index 4fd744ef..67090845 100644
--- a/lib/libalpm/dload.c
+++ b/lib/libalpm/dload.c
@@ -302,6 +302,9 @@ static int curl_download_internal(struct dload_payload *payload,
/* perform transfer */
handle->curlerr = curl_easy_perform(handle->curl);
+ /* immediately unhook the progress callback */
+ curl_easy_setopt(handle->curl, CURLOPT_NOPROGRESS, 1L);
+
/* was it a success? */
if(handle->curlerr == CURLE_ABORTED_BY_CALLBACK) {
goto cleanup;