openbsd-ports/math/R/patches/patch-src_modules_internet_libcurl_c

$OpenBSD: patch-src_modules_internet_libcurl_c,v 1.1 2019/02/21 20:04:34 tb Exp $

Avoid use-after-free.  Upstream SVN commit #76143.

Index: src/modules/internet/libcurl.c
--- src/modules/internet/libcurl.c.orig
+++ src/modules/internet/libcurl.c
@@ -641,12 +641,12 @@ in_do_curlDownload(SEXP call, SEXP op, SEXP args, SEXP
 
     n_err += curlMultiCheckerrs(mhnd);
 
+    long status = 0L;
     for (int i = 0; i < nurls; i++) {
 	if (out[i]) {
 	    fclose(out[i]);
 	    double dl;
 	    curl_easy_getinfo(hnd[i], CURLINFO_SIZE_DOWNLOAD, &dl);
-	    long status;
 	    curl_easy_getinfo(hnd[i], CURLINFO_RESPONSE_CODE, &status);
 	    // should we do something about incomplete transfers?
 	    if (status != 200 && dl == 0. && strchr(mode, 'w'))
@@ -655,10 +655,6 @@ in_do_curlDownload(SEXP call, SEXP op, SEXP args, SEXP
 	curl_multi_remove_handle(mhnd, hnd[i]);
 	curl_easy_cleanup(hnd[i]);
     }
-    // This can show an invalid read: can it be improved?
-    long status = 0L;
-    if(nurls == 1)
-	curl_easy_getinfo(hnd[0], CURLINFO_RESPONSE_CODE, &status);
     curl_multi_cleanup(mhnd);
     if (!cacheOK) curl_slist_free_all(slist1);