conncache: prevent theoretical overflow in maxconnects calculation #19271
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
icing
approved these changes
Oct 30, 2025
vszakats
added a commit
to vszakats/curl
that referenced
this pull request
Nov 5, 2025
A false positive that appeared after a recent patch for no reason.
Seen in curl-for-win native Linux builds on debian:testing and
debian:trixie with gcc 14.3.0 and 14.2.0 respectively:
```
-- curl version=[8.17.1-DEV]
-- The C compiler identification is GNU 14.2.0
-- Cross-compiling: Linux/x86_64 -> Linux/riscv64
[...]
/home/runner/work/curl-for-win/curl-for-win/curl/lib/conncache.c: In function 'Curl_cpool_conn_now_idle':
/home/runner/work/curl-for-win/curl-for-win/curl/lib/conncache.c:539:11: error: null pointer dereference [-Werror=null-dereference]
539 | if(!data->multi->maxconnects) {
| ~~~~^~~~~~~
cc1: all warnings being treated as errors
```
Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512969#step:3:5788
```
-- The C compiler identification is GNU 14.3.0
```
Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512899#step:3:5801
Patch confirmed silencing it:
https://github.com/curl/curl-for-win/actions/runs/19112580362/job/54613288202
Follow-up to fbc4d59 curl#19271
vszakats
added a commit
that referenced
this pull request
Nov 6, 2025
A false positive that appeared after a recent patch for no reason.
Seen in curl-for-win unity native Linux builds on debian:testing and
debian:trixie with gcc 14.3.0 and 14.2.0 respectively:
```
-- curl version=[8.17.1-DEV]
-- The C compiler identification is GNU 14.2.0
-- Cross-compiling: Linux/x86_64 -> Linux/riscv64
[...]
lib/conncache.c: In function 'Curl_cpool_conn_now_idle':
lib/conncache.c:539:11: error: null pointer dereference [-Werror=null-dereference]
539 | if(!data->multi->maxconnects) {
| ~~~~^~~~~~~
```
Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512969#step:3:5788
```
-- The C compiler identification is GNU 14.3.0
```
Ref: https://github.com/curl/curl-for-win/actions/runs/19111497271/job/54609512899#step:3:5801
Patch confirmed silencing:
https://github.com/curl/curl-for-win/actions/runs/19112580362/job/54613288202
Follow-up to fbc4d59 #19271
Closes #19378
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When no explicit maxconnects is set, the connection pool limit is calculated as 4 times the number of running transfers.
The multiplication
running * 4could theoretically overflow if the number of running transfers exceeds UINT_MAX/4.While this scenario is highly unlikely in practice due to system resource limitations, this fix is minimal and follows defensive programming principles to ensure robustness in theoretical edge cases.