| Age | Commit message (Collapse) | Author |
|---|
|
To avoid division by zero - or other issues.
Reported-by: Daniel Marjamäki
Closes #4818
|
|
This enables Link Time Optimization. LTO is a proven technique for
optimizing across compilation units.
Closes #4799
|
|
It was not intended nor documented!
Added test 1176 to verify.
Reported-by: vshmuk on hackerone
Closes #4812
|
|
As it was just unnecessary duplicated information already stored in the
'per_transfer' struct and that's around mostly anyway.
The duplicated pointer caused problems when the code flow was aborted
before the dupe was filled in and could cause a NULL pointer access.
Reported-by: Brian Carpenter
Fixes #4807
Closes #4810
|
|
Follow-up to: 4027bd72d9
|
|
- When creating a directory hierarchy do not error when mkdir fails due
to error EACCESS (13) "access denied".
Some file systems allow for directory traversal; in this case that it
should be possible to create child directories when permission to the
parent directory is restricted.
This is a regression caused by me in f16bed0 (precedes curl-7_61_1).
Basically I had assumed that if a directory already existed it would
fail only with error EEXIST, and not error EACCES. The latter may
happen if the directory exists but has certain restricted permissions.
Reported-by: mbeifuss@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/4796
Closes https://github.com/curl/curl/pull/4797
|
|
Previously it would end up with an uninitialized memory buffer that
would lead to a crash or junk getting output.
Added test 1271 to verify.
Reported-by: Brian Carpenter
Closes #4786
|
|
Closes #4785
|
|
... as it could otherwise leak memory when a transfer failed.
Added test 1293 to verify.
Reported-by: Brian Carpenter
Fixes #4781
Closes #4782
|
|
... to fix memory leak in error path.
Fixes #4772
Closes #4780
Reported-by: Brian Carpenter
|
|
These are read-only.
Closes https://github.com/curl/curl/pull/4771
|
|
Found by fuzzing the config file.
Reported-by: Geeknik Labs
Fixes https://github.com/curl/curl/issues/4767
|
|
Reported-by: bxac on github
Fixes #4730
Closes #4731
|
|
When looping, first trying '.curlrc' and then '_curlrc', the function
would not free the first string.
Closes #4731
|
|
Detected by torture tests
Closes #4706
|
|
Memory leak found by torture test 58
Closes #4705
|
|
Change series of error outputs to use errorf().
Only errors that are due to mistakes in command line option usage should
use helpf(), other types of errors in the tool should rather use
errorf().
Closes #4691
|
|
The fseek()s were unnecessary and caused Coverity warning CID 1456554
Closes #4681
|
|
Add support for CURLSSLOPT_NO_PARTIALCHAIN in CURLOPT_PROXY_SSL_OPTIONS
and OS400 package spec.
Also I added the option to the NameValue list in the tool even though it
isn't exposed as a command-line option (...yet?). (NameValue stringizes
the option name for the curl cmd -> libcurl source generator)
Follow-up to 564d88a which added CURLSSLOPT_NO_PARTIALCHAIN.
Ref: https://github.com/curl/curl/pull/4655
|
|
Fixes #4669
Closes #4678
|
|
Reported-by: Vlastimil Ovčáčík
Fixes #4644
Closes #4665
|
|
Follow-up to 9c1806ae
|
|
- Disable warning C4127 "conditional expression is constant" globally
in curl_setup.h for when building with Microsoft's compiler.
This mainly affects building with the Visual Studio project files found
in the projects dir.
Prior to this change the cmake and winbuild build systems already
disabled 4127 globally for when building with Microsoft's compiler.
Also, 4127 was already disabled for all build systems in the limited
circumstance of the WHILE_FALSE macro which disabled the warning
specifically for while(0). This commit removes the WHILE_FALSE macro and
all other cruft in favor of disabling globally in curl_setup.
Background:
We have various macros that cause 0 or 1 to be evaluated, which would
cause warning C4127 in Visual Studio. For example this causes it:
#define Curl_resolver_asynch() 1
Full behavior is not clearly defined and inconsistent across versions.
However it is documented that since VS 2015 Update 3 Microsoft has
addressed this somewhat but not entirely, not warning on while(true) for
example.
Prior to this change some C4127 warnings occurred when I built with
Visual Studio using the generated projects in the projects dir.
Closes https://github.com/curl/curl/pull/4658
|
|
--etag-compare and --etag-save
Suggested-by: Paul Hoffman
Fixes #4277
Closes #4543
|
|
Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION.
When uploading from stdin in non-blocking mode, a delay in reading
the stream (EAGAIN) causes curl to pause sending data
(CURL_READFUNC_PAUSE). Prior to this change, a busy read was
detected and unpaused only in the CURLOPT_WRITEFUNCTION handler.
This change performs the same busy read handling in a
CURLOPT_XFERINFOFUNCTION handler.
Fixes #2051
Closes #4599
Reported-by: bdry on github
|
|
Starting with this change when doing parallel transfers, without this
option set, curl will prefer to create new transfers multiplexed on an
existing connection rather than creating a brand new one.
--parallel-immediate can be set to tell curl to prefer to use new
connections rather than to wait and try to multiplex.
libcurl-wise, this means that curl will set CURLOPT_PIPEWAIT by default
on parallel transfers.
Suggested-by: Tom van der Woerdt
Closes #4500
|
|
Regression from e59371a4936f8 (7.67.0)
Added test 490, 491 and 492 to verify the functionality.
Reported-by: Kamil Dudka
Reported-by: Anderson Sasaki
Fixes #4588
Closes #4591
|
|
.. because checksrc's copyright year check stopped working.
Ref: https://github.com/curl/curl/pull/4547
Closes https://github.com/curl/curl/pull/4549
|
|
- If server header Retry-After is being used for retry sleep time then
show that value to the user instead of the normal retry sleep time.
This is a follow-up to 640b973 (7.66.0) which changed curl tool so that
the value from Retry-After header overrides other retry timing options.
Closes https://github.com/curl/curl/pull/4498
|
|
Follow-up to 93373a960c3bb4
Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
|
|
New option that allows a user to ONLY switch off curl's progress meter
and leave everything else in "talkative" mode.
Reported-by: Piotr Komborski
Fixes #4422
Closes #4470
|
|
This completes #3794.
Also make sure the new tests from #4195 are enabled
Closes #4465
|
|
Closes #4011
|
|
|
|
This should again enable crazy-large download ranges of the style
[1-10000000] that otherwise easily ran out of memory starting in 7.66.0
when this new handle allocating scheme was introduced.
Reported-by: Peter Sumatra
Fixes #4393
Closes #4438
|
|
When looping around the ranges and given URLs to create transfers, all
errors should exit the loop and return. Previously it would keep
looping.
Reported-by: SumatraPeter on github
Bug: #4393
Closes #4396
|
|
Fixes warning detected by PVS-Studio
Fixes #4374
|
|
Fixes warning detected by PVS-Studio
Fixes #4374
|
|
Fixes warning detected by PVS-Studio
Fixes #4374
|
|
This commit fixes a regression introduced by curl-7_65_3-5-gb88940850.
Detected by tests 2005, 2008, 2009, 2010, 2011, and 2012 with valgrind
and libmetalink enabled.
Closes #4326
|
|
... by using a more efficient realloc scheme.
Bug: https://curl.haxx.se/mail/lib-2019-09/0045.html
Closes #4336
|
|
The logic could erroneously break the loop too early before all
transfers had been transferred.
Reported-by: Tom van der Woerdt
Fixes #4316
Closes #4317
|
|
Reported-by: codesniffer13 on github
Fixes #4302
Closes #4305
|
|
|
|
Follow-up to f9c7ba9096ec
The use of DOT_CHAR for ".ssh" was probably a mistake and is removed
now.
Pointed-out-by: Gisle Vanem
Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638
Closes #4247
|
|
Closes #4243
|
|
Fall-back to _curlrc if the dot-version is missing.
Co-Authored-By: Steve Holme
Closes #4230
|
|
Leftovers from the function rename back in 76b63489495
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/f3e0f071b14fcb46a453f69bdf4e062bcaacf362#com
mitcomment-34601751
Closes #4203
|
|
Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.
CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.
Updated the curl tool accordingly to use "--http3".
Closes #4197
|
|
If a Retry-After: header was used in the response, that value overrides
other retry timing options.
Fixes #3794
Closes #4195
|
