aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-01-11http2: fix incorrect trailer buffer sizeZhouyihai Ding
Prior to this change the stored byte count of each trailer was miscalculated and 1 less than required. It appears any trailer after the first that was passed to Curl_client_write would be truncated or corrupted as well as the size. Potentially the size of some subsequent trailer could be erroneously extracted from the contents of that trailer, and since that size is used by client write an out-of-bounds read could occur and cause a crash or be otherwise processed by client write. The bug appears to have been born in 0761a51 (precedes 7.49.0). Closes https://github.com/curl/curl/pull/2231
2018-01-09easy: fix connection ownership in curl_easy_pauseBasuke Suzuki
Before calling Curl_client_chop_write(), change the owner of connection to the current Curl_easy handle. This will fix the issue #2217. Fixes https://github.com/curl/curl/issues/2217 Closes https://github.com/curl/curl/pull/2221
2018-01-09system.h: Additionally check __LONG_MAX__ for defining curl_off_tDimitrios Apostolou
__SIZEOF_LONG__ was introduced in GCC 4.4, __LONG_MAX__ was introduced in GCC 3.3. Closes #2216
2018-01-09COPYING: it's 2018!Daniel Stenberg
2018-01-08progress: calculate transfer speed on milliseconds if possibleDaniel Stenberg
to increase accuracy for quick transfers Fixes #2200 Closes #2206
2018-01-07scripts: allow all perl scripts to be run directlyJay Satiro
- Enable execute permission (chmod +x) - Change interpreter to /usr/bin/env perl Closes https://github.com/curl/curl/pull/2222
2018-01-07mail-rcpt.d: fix short-text descriptionJay Satiro
2018-01-05build: remove HAVE_LIMITS_H checkJay Satiro
.. because limits.h presence isn't optional, it's required by C89. Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2 Closes https://github.com/curl/curl/pull/2215
2018-01-03openssl: fix memory leak of SSLKEYLOGFILE filenameJay Satiro
- Free the copy of SSLKEYLOGFILE env returned by curl_getenv during ossl initialization. Caught by ASAN.
2018-01-02Revert "curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UX"Jay Satiro
This reverts commit c97648b55080343bb371522bf4233e94a2a13a99. SIZEOF_LONG should not be checked in system.h since that macro is only defined when building libcurl. Ref: https://github.com/curl/curl/pull/2186#issuecomment-354767080 Ref: https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html
2017-12-30test1554: improve the error handlingMichael Kaufmann
2017-12-30test1554: add global initialization and cleanupMichael Kaufmann
2017-12-29curl_version_info.3: call the argument 'age'Daniel Stenberg
Reported-by: Pete Lomax Bug: https://curl.haxx.se/mail/lib-2017-12/0074.html
2017-12-27brotli: data at the end of content can be lostMikalai Ananenka
Decoding loop implementation did not concern the case when all received data is consumed by Brotli decoder and the size of decoded data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE. For content with unencoded length greater than CURL_MAX_WRITE_SIZE this can result in the loss of data at the end of content. Closes #2194
2017-12-26examples/cacertinmem: ignore cert-already-exists errorJay Satiro
- Ignore X509_R_CERT_ALREADY_IN_HASH_TABLE errors in the CTX callback since it's possible the cert may have already been loaded by libcurl. - Remove the EXAMPLE code in the CURLOPT_SSL_CTX_FUNCTION.3 doc. Instead have it direct the reader to this cacertinmem.c example. - Fix the CA certificate to use the right CA for example.com, Digicert. Bug: https://curl.haxx.se/mail/lib-2017-12/0057.html Reported-by: Thomas van Hesteren Closes https://github.com/curl/curl/pull/2182
2017-12-26tool_getparam: Support size modifiers for --max-filesizeGisle Vanem
- Move the size modifier detection code from limit-rate to its own function so that it can also be used with max-filesize. Size modifiers are the suffixes such as G (gigabyte), M (megabyte) etc. For example --max-filesize 1G Ref: https://curl.haxx.se/mail/archive-2017-12/0000.html Closes https://github.com/curl/curl/pull/2179
2017-12-22build: Fixed incorrect script termination from commit ad1dc10e61Steve Holme
2017-12-22Makefile.vc: Added our standard copyright headerSteve Holme
2017-12-22winbuild: Added support for VC15Steve Holme
2017-12-22build: Added Visual Studio 2017 project filesSteve Holme
2017-12-22build-wolfssl.bat: Added support for VC15Steve Holme
2017-12-22build-openssl.bat: Added support for VC15Steve Holme
2017-12-22curl/system.h: fix compilation with gcc on AIX PPC and IA64 HP-UXDimitrios Apostolou
Closes https://github.com/curl/curl/pull/2186
2017-12-22examples/rtsp: fix error handling macrosMattias Fornander
Closes https://github.com/curl/curl/pull/2185
2017-12-20curl_easy_reset: release mime-related data.Patrick Monnerat
Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level functions dealing with UserDefined structure contents. This avoids memory leakages on curl-generated part mime headers. New test 2073 checks this using the cli tool --next option: it triggers a valgrind error if bug is present. Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html Reported-by: Martin Galvan
2017-12-20content_encoding: rework zlib_inflatePatrick Monnerat
- When zlib version is < 1.2.0.4, process gzip trailer before considering extra data as an error. - Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data and minimize corrupt data output. - Do not try to restart deflate decompression in raw mode if output has started or if the leading data is not available anymore. - New test 232 checks inflating raw-deflated content. Closes #2068
2017-12-20brotli: allow compiling with version 0.6.0.Patrick Monnerat
Some error codes were not yet defined in brotli 0.6.0: do not issue code for them in this case.
2017-12-13CURLOPT_READFUNCTION.3: refer to argument with correct nameDaniel Stenberg
Bug: #2175 [ci skip]
2017-12-13rand: add a clang-analyzer work-aroundDaniel Stenberg
scan-build would warn on a potential access of an uninitialized buffer. I deem it a false positive and had to add this somewhat ugly work-around to silence it.
2017-12-13krb5: fix a potential access of uninitialized memoryDaniel Stenberg
A scan-build warning.
2017-12-12conncache: fix a return code [regression]Daniel Stenberg
This broke in 07cb27c98e. Make sure to return 'result' properly. Pointed out by scan-build!
2017-12-12curl: support >256 bytes warning messsagesDaniel Stenberg
Bug: #2174
2017-12-12libssh: fix a syntax error in configure.acMichael Kaufmann
Follow-up to c92d2e1 Closes #2172
2017-12-12examples/smtp-mail.c: use separate defines for options and mailDaniel Stenberg
... to make it clearer that the options want address-only, while the headers in an email can also have the real name. Assisted-by: Sean MacLennan
2017-12-12THANKS: added missing namesDaniel Stenberg
... as I reran the contrithanks script after the mailmap name fixups.
2017-12-12mailmap: added/clarified several namesDaniel Stenberg
2017-12-12setopt: less *or equal* than INT_MAX/1000 should be fineDaniel Stenberg
... for the CURLOPT_TIMEOUT, CURLOPT_CONNECTTIMEOUT and CURLOPT_SERVER_RESPONSE_TIMEOUT range checks. Reported-by: Dominik Hölzl Bug: https://curl.haxx.se/mail/lib-2017-12/0037.html Closes #2173
2017-12-12vtls: replaced getenv() with curl_getenv()dmitrykos
Fixed undefined symbol of getenv() which does not exist when compiling for Windows 10 App (CURL_WINDOWS_APP). Replaced getenv() with curl_getenv() which is aware of getenv() absence when CURL_WINDOWS_APP is defined. Closes #2171
2017-12-11RELEASE-NOTES: synced with 3b9ea70eeDaniel Stenberg
2017-12-11TODO: Expose tried IP addresses that failedDaniel Stenberg
Suggested-by: Rainer Canavan Closes #2126
2017-12-11curl.1: mention http:// and https:// as valid proxy prefixesDaniel Stenberg
2017-12-11curl.1: documented two missing valid exit codesDaniel Stenberg
2017-12-11CURLOPT_DNS_LOCAL_IP4.3: fixed the seel also to not self-referenceDaniel Stenberg
2017-12-11Revert "curl: don't set CURLOPT_INTERLEAVEDATA"Daniel Stenberg
This reverts commit 9ffad8eb1329bb35c8988115ac7ed85cf91ef955. It was actually added rather recently in 8e8afa82cbb629 due to a crash that would otherwise happen in the RTSP code. As I don't think we've fixed that behavior yet, we better keep this work-around until we have fixed it better.
2017-12-10tests: mark data files as non-executable in gitMichael Kaufmann
2017-12-10tests: update .gitignore for libtestsMichael Kaufmann
2017-12-10multi_done: prune DNS cacheDaniel Stenberg
Prune the DNS cache immediately after the dns entry is unlocked in multi_done. Timed out entries will then get discarded in a more orderly fashion. Test506 is updated Reported-by: Oleg Pudeyev Fixes #2169 Closes #2170
2017-12-10mailmap: fixup two old git Author "aliases"Daniel Stenberg
2017-12-10openssl: Disable file buffering for Win32 SSLKEYLOGFILEJay Satiro
Prior to this change SSLKEYLOGFILE used line buffering on WIN32 just like it does for other platforms. However, the Windows CRT does not actually support line buffering (_IOLBF) and will use full buffering (_IOFBF) instead. We can't use full buffering because multiple processes may be writing to the file and that could lead to corruption, and since full buffering is the only buffering available this commit disables buffering for Windows SSLKEYLOGFILE entirely (_IONBF). Ref: https://github.com/curl/curl/pull/1346#issuecomment-350530901
2017-12-10RESOLVE: output verbose text when trying to set a duplicate nameDaniel Stenberg
... to help users understand what is or isn't done!