diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/KNOWN_BUGS | 10 | ||||
| -rw-r--r-- | docs/TODO | 3 |
2 files changed, 13 insertions, 0 deletions
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 1177b37e2..1bfe25bc2 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -3,6 +3,16 @@ join in and help us correct one or more of these! Also be sure to check the changelog of the current development status, as one or more of these problems may have been fixed since this was written! +* FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 <user>, + <password>, and <fpath> components, encoded as "%00". The problem is that + curl_unescape does not detect this, but instead returns a shortened C + string. From a strict FTP protocol standpoint, NUL is a valid character + within RFC 959 <string>, so the way to handle this correctly in curl would + be to use a data structure other than a plain C string, one that can handle + embedded NUL characters. From a practical standpoint, most FTP servers + would not meaningfully support NUL characters within RFC 959 <string>, + anyway (e.g., UNIX pathnames may not contain NUL). + * Test case 241 fails on all systems that support IPv6 but that don't have the host name 'ip6-localhost' in /etc/hosts (or similar) since the test case uses that host name to test the IPv6 name to address resolver. @@ -65,6 +65,9 @@ TODO FTP + * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in + the process to avoid doing a resolve and connect in vain. + * Code overhaul to make it more state-machine like and to _never_ block on waiting for server responses when used with the multi interface. |