Age | Commit message (Collapse) | Author |
|
|
|
... filter early instead of risking "funny values" having to be dealt
with elsewhere.
|
|
... that are multiplied by 1000 when stored.
For 32 bit long systems, the max value accepted (2147483 seconds) is >
596 hours which is unlikely to ever be set by a legitimate application -
and previously it didn't work either, it just caused undefined behavior.
Also updated the man pages for these timeout options to mention the
return code.
Closes #1938
|
|
Allow to ovverride certain build tools, making it possible to
use LLVM/Clang to build curl. The default behavior is unchanged.
To build with clang (as offered by MSYS2), these settings can
be used:
CURL_CC=clang
CURL_AR=llvm-ar
CURL_RANLIB=llvm-ranlib
Closes https://github.com/curl/curl/pull/1993
|
|
Use memset() to initialize a structure to avoid LLVM/Clang warning:
ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers]
Closes https://github.com/curl/curl/pull/1992
|
|
NOTE: it makes them terribly slow. I recommend only using valgrind for
specific torture tests or using lots of patience.
|
|
... to allow them to be included in torture tests too.
closes #1980
|
|
... we used it only for the fuzzer, which we now have in a separate git
repo.
Closes #1990
|
|
|
|
|
|
Reported-by: Jeroen Ooms
Closes #1988
|
|
Include test cases in 554, 587, 650.
Fixes https://github.com/curl/curl/issues/1986
|
|
Closes PR https://github.com/curl/curl/pull/1985
|
|
If stdin is not a regular file, its content is memory-buffered to enable
a possible data "rewind".
In all cases, stdin data size is determined before real use to avoid
having an unknown part's size.
--libcurl generated code is left as an unbuffered stdin fread/fseek callback
part with unknown data size.
Buffering is not supported in deprecated curl_formadd() API.
|
|
|
|
following the new github "standard"
|
|
|
|
Now VERIFYHOST, VERIFYPEER and VERIFYSTATUS options change during active
connection updates the current connection's (i.e.'connectdata'
structure) appropriate ssl_config (and ssl_proxy_config) structures
variables, making these options effective for ongoing connection.
This functionality was available before and was broken by the
following change:
"proxy: Support HTTPS proxy and SOCKS+HTTP(s)"
CommitId: cb4e2be7c6d42ca0780f8e0a747cecf9ba45f151.
Bug: https://github.com/curl/curl/issues/1941
Closes https://github.com/curl/curl/pull/1951
|
|
Those were temporary things we'd add and remove for our own convenience
long ago. The last few stayed around for too long as an oversight but
have since been removed. These days we have a running
BORINGSSL_API_VERSION counter which is bumped when we find it
convenient, but 2015-11-19 was quite some time ago, so just check
OPENSSL_IS_BORINGSSL.
Closes #1979
|
|
|
|
|
|
... as otherwise it could leak that memory.
Detected by OSS-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3600
Assisted-by: Max Dymond
Closes #1977
|
|
Reported-by: Zenju on github
Test 244 added to verify
Fixes #1974
Closes #1976
|
|
Ref: #1974
|
|
|
|
|
|
|
|
Enable PKCS12 for all non-boringssl builds without relying on configure
or cmake checks.
Bug: https://curl.haxx.se/mail/lib-2017-10/0007.html
Reported-by: Christian Schmitz
Closes #1948
|
|
Test 1422 updated to verify.
Closes #1964
|
|
This allows freeing a mime structure bound to the easy handle before
curl_easy_cleanup().
Fixes #1970.
|
|
... like a very large non-existing RTSP version number.
Added test 577 to verify.
Detected by OSS-fuzz.
Closes #1969
|
|
|
|
|
|
Reported-by: Alexey Melnichuk
Fixes #1962
|
|
|
|
Also avoid dangling pointers in referencing parts.
|
|
|
|
|
|
|
|
|
|
This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe.
Caused memory leaks in the fuzzer, needs to be done differently.
Disable test 1553 for now too, as it causes memory leaks without this
commit!
|
|
Closes #1960
|
|
... as we must clean up memory.
|
|
When imap_done() got called before a connection is setup, it would try
to "finish up" and dereffed a NULL pointer.
Test case 1553 managed to reproduce. I had to actually use a host name
to try to resolve to slow it down, as using the normal local server IP
will make libcurl get a connection in the first curl_multi_perform()
loop and then the bug doesn't trigger.
Fixes #1953
Assisted-by: Max Dymond
|
|
These are around 5% flaky in my Linux x86 autobuilds.
|
|
When CURL_DISABLE_CRYPTO_AUTH is defined, Curl_none_md5sum's parameters
are not used.
|
|
... fixes a memory leak with at least IMAP when remove_handle is never
called and the transfer is abruptly just abandoned early.
Test 1552 added to verify
Detected by OSS-fuzz
Assisted-by: Max Dymond
Closes #1954
|
|
Fixes #1950: curlx_strtoofft() doesn't fully protect against null 'str'
argument.
Closes #1952
|
|
Reported-by: Javier Sixto
Fixes #1955
Closes #1956
|
|
The source code is now prepared to handle the case when both
Win32 Crypto and OpenSSL/NSS crypto backends are enabled
at the same time, making it now possible to enable `USE_WIN32_CRYPTO`
whenever the targeted Windows version supports it. Since this
matches the minimum Windows version supported by curl
(Windows 2000), enable it unconditionally for the Win32 platform.
This in turn enables SMB (and SMBS) protocol support whenever
Win32 Crypto is available, regardless of what other crypto backends
are enabled.
Ref: https://github.com/curl/curl/pull/1840#issuecomment-325682052
Closes https://github.com/curl/curl/pull/1943
|