aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2017-10-26curl_fnmatch: return error on illegal wildcard patternDaniel Stenberg
... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
2017-10-25time: rename Curl_tvnow to Curl_nowDaniel Stenberg
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25timediff: return timediff_t from the time diff functionsDaniel Stenberg
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
2017-10-24libtest: Add required test libraries for lib1552 and lib1553Paul Howarth
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too. This fixes build failures on Fedora 13. Closes #2006
2017-10-20ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
2017-10-20test653: check reuse of easy handle after mime data changePatrick Monnerat
See issue #1999
2017-10-19test308: disable if MultiSSL feature enabledPatrick Monnerat
Even if OpenSSL is enabled, it might not be the default backend when multi-ssl is enabled, causing the test to fail.
2017-10-19runtests: support MultiSSL client featurePatrick Monnerat
2017-10-19test652: curl_mime_data + base64 encoder with large contentsPatrick Monnerat
2017-10-19mime: limit bas64-encoded lines length to 76 charactersPatrick Monnerat
2017-10-14runtests: use valgrind for torture as wellDaniel Stenberg
NOTE: it makes them terribly slow. I recommend only using valgrind for specific torture tests or using lots of patience.
2017-10-14memdebug: trace send, recv and socketDaniel Stenberg
... to allow them to be included in torture tests too. closes #1980
2017-10-13test651: curl_formadd with huge COPYCONTENTSDaniel Stenberg
2017-10-12mime: keep "text/plain" content type if user-specified.Patrick Monnerat
Include test cases in 554, 587, 650. Fixes https://github.com/curl/curl/issues/1986
2017-10-12cli tool: reimplement stdin buffering in -F option.Patrick Monnerat
If stdin is not a regular file, its content is memory-buffered to enable a possible data "rewind". In all cases, stdin data size is determined before real use to avoid having an unknown part's size. --libcurl generated code is left as an unbuffered stdin fread/fseek callback part with unknown data size. Buffering is not supported in deprecated curl_formadd() API.
2017-10-10test950; verify SMTP with custom requestDaniel Stenberg
2017-10-10ftpserver: support case insensitive commandsDaniel Stenberg
2017-10-10FTP: URL decode path for dir listing in nocwd modeDaniel Stenberg
Reported-by: Zenju on github Test 244 added to verify Fixes #1974 Closes #1976
2017-10-09test298: verify --ftp-method nowcwd with URL encoded pathDaniel Stenberg
Ref: #1974
2017-10-09curl: don't pass semicolons when parsing Content-DispositionKristiyan Tsaklev
Test 1422 updated to verify. Closes #1964
2017-10-09RTSP: avoid integer overflow on funny RTSP responseDaniel Stenberg
... like a very large non-existing RTSP version number. Added test 577 to verify. Detected by OSS-fuzz. Closes #1969
2017-10-08ftpserver: properly reset $ftptargetdir.Patrick Monnerat
2017-10-08test643: verify curl_mime_subparts() rejects cyclic additions.Patrick Monnerat
2017-10-08Revert "multi_done: wait for name resolve to finish if still ongoing"Daniel Stenberg
This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe. Caused memory leaks in the fuzzer, needs to be done differently. Disable test 1553 for now too, as it causes memory leaks without this commit!
2017-10-07pingpong: return error when trying to send without connectionDaniel Stenberg
When imap_done() got called before a connection is setup, it would try to "finish up" and dereffed a NULL pointer. Test case 1553 managed to reproduce. I had to actually use a host name to try to resolve to slow it down, as using the normal local server IP will make libcurl get a connection in the first curl_multi_perform() loop and then the bug doesn't trigger. Fixes #1953 Assisted-by: Max Dymond
2017-10-06tests: added flaky keyword to tests 587 and 644Dan Fandrich
These are around 5% flaky in my Linux x86 autobuilds.
2017-10-06multi_cleanup: call DONE on handles that never got thatDaniel Stenberg
... fixes a memory leak with at least IMAP when remove_handle is never called and the transfer is abruptly just abandoned early. Test 1552 added to verify Detected by OSS-fuzz Assisted-by: Max Dymond Closes #1954
2017-10-04fuzzer: move to using external curl-fuzzerMax Dymond
Use the external curl-fuzzer repository for fuzzing. Closes #1923
2017-10-02test1153: verify quoted double-qoutes in PWD responseDaniel Stenberg
2017-10-02FTP: zero terminate the entry path even on bad inputDaniel Stenberg
... a single double quote could leave the entry path buffer without a zero terminating byte. CVE-2017-1000254 Test 1152 added to verify. Reported-by: Max Dymond Bug: https://curl.haxx.se/docs/adv_20171004.html
2017-09-30cookie: fix memory leak if path was set twice in headerDaniel Stenberg
... this will let the second occurance override the first. Added test 1161 to verify. Reported-by: Max Dymond Fixes #1932 Closes #1933
2017-09-30test650: Use variable replacement to set the host address and portDan Fandrich
Otherwise, the test fails when the -b test option is used to set a different test port range.
2017-09-30Set and use more necessary options when some protocols are disabledDan Fandrich
When curl and libcurl are built with some protocols disabled, they stop setting and receiving some options that don't make sense with those protocols. In particular, when HTTP is disabled many options aren't set that are used only by HTTP. However, some options that appear to be HTTP-only are actually used by other protocols as well (some despite having HTTP in the name) and should be set, but weren't. This change now causes some of these options to be set and used for more (or for all) protocols. In particular, this fixes tests 646 through 649 in an HTTP-disabled build, which use the MIME API in the mail protocols.
2017-09-29test1160: verifies cookie leak for large cookiesDaniel Stenberg
The fix done in 20ea22ff735
2017-09-28http: add custom empty headers to repeated requestsMichael Kaufmann
Closes #1920
2017-09-24tests: adjust .gitignore for new testsMichael Kaufmann
2017-09-23tests: fix a compiler warning in test 643Michael Kaufmann
2017-09-22imap: quote atoms properly when escaping charactersDaniel Stenberg
Updates test 800 to verify Fixes #1902 Closes #1903
2017-09-22tests: make the imap server not verify user+passwordDaniel Stenberg
... as the test cases themselves do that and it makes it easier to add crazy test cases. Test 800 updated to use user name + password that need quoting. Test 856 updated to trigger an auth fail differently. Ref: #1902
2017-09-22form/mime: field names are not allowed to contain zero-valued bytes.Patrick Monnerat
Also suppress length argument of curl_mime_name() (names are always zero-terminated).
2017-09-19cookies: use lock when using CURLINFO_COOKIELISTPavel P
Closes #1896
2017-09-18ossfuzz: changes before merging the generated corporaMax Dymond
Before merging in the oss-fuzz corpora from Google, there are some changes to the fuzzer. - Add a read corpus script, to display corpus files nicely. - Change the behaviour of the fuzzer so that TLV parse failures all now go down the same execution paths, which should reduce the size of the corpora. - Make unknown TLVs a failure to parse, which should decrease the size of the corpora as well. Closes #1881
2017-09-18ossfuzz: don't write out to stdoutMax Dymond
Don't make the fuzzer write out to stdout - instead write some of the contents to a memory block so we exercise the data output code but quietly. Closes #1885
2017-09-18cookies: reject oversized cookiesDaniel Stenberg
... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4096 bytes (section 6.1). This is also what browsers seem to implement. We now allow max 5000 bytes cookie header. Max 4095 bytes length per cookie name and value. Name + value together may not exceed 4096 bytes. Added test 1151 to verify Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html Reported-by: Kevin Smith Closes #1894
2017-09-15server/getpart: provide dummy function to build conversion enabledDaniel Stenberg
2017-09-15tests: add initial gssapi test using stub implementationIsaac Boukris
The stub implementation is pre-loaded using LD_PRELOAD and emulates common gssapi uses (only builds if curl is initially built with gssapi support). The initial tests are currently disabled for debug builds as LD_PRELOAD is not used then. Ref: https://github.com/curl/curl/pull/1687
2017-09-15test1150: verify same host fetch using different ports over proxyDaniel Stenberg
Closes #1889
2017-09-12code style: use space after semicolonDaniel Stenberg
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg