aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2018-01-22http: prevent custom Authorization headers in redirectsDaniel Stenberg
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how curl already handles Authorization headers created internally. Note: this changes behavior slightly, for the sake of reducing mistakes. Added test 317 and 318 to verify. Reported-by: Craig de Stigter Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
2018-01-22curl: progress bar refresh, get width using ioctl()Daniel Stenberg
Get screen width from the environment variable COLUMNS first, if set. If not, use ioctl(). If nether works, assume 79. Closes #2242 The "refresh" is for the -# output when no total transfer size is known. It will now only use a single updated line even for this case: The "-=O=-" ship moves when data is transferred. The four flying "hashes" move (on a sine wave) on each refresh, independent of data.
2018-01-18test558: fix for multissl buildsDaniel Stenberg
vtls.c:multissl_init() might do a curl_free() call so strip that out to make this work with more builds. We just want to verify that memorytracking works so skipping one line is no harm.
2018-01-17unit1307: test many wildcards tooDaniel Stenberg
2018-01-17ftp-wildcard: fix matching an empty string with "*[^a]"Daniel Stenberg
.... and avoid advancing the pointer to trigger an out of buffer read. Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251 Assisted-by: Max Dymond
2018-01-14mime: clone mime tree upon easy handle duplication.Patrick Monnerat
A mime tree attached to an easy handle using CURLOPT_MIMEPOST is strongly bound to the handle: there is a pointer to the easy handle in each item of the mime tree and following the parent pointer list of mime items ends in a dummy part stored within the handle. Because of this binding, a mime tree cannot be shared between different easy handles, thus it needs to be cloned upon easy handle duplication. There is no way for the caller to get the duplicated mime tree handle: it is then set to be automatically destroyed upon freeing the new easy handle. New test 654 checks proper mime structure duplication/release. Add a warning note in curl_mime_data_cb() documentation about sharing user data between duplicated handles. Closes #2235
2018-01-13test395: HTTP with overflow Content-Length valueDaniel Stenberg
2018-01-13test394: verify abort of rubbish in Content-Length: valueDaniel Stenberg
2018-01-13test393: verify --max-filesize with excessive Content-LengthDaniel Stenberg
2018-01-13HTTP: bail out on negative Content-Length: valuesDaniel Stenberg
... and make the max filesize check trigger if the value is too big. Updates test 178. Reported-by: Brad Spencer Fixes #2212 Closes #2223
2018-01-07scripts: allow all perl scripts to be run directlyJay Satiro
- Enable execute permission (chmod +x) - Change interpreter to /usr/bin/env perl Closes https://github.com/curl/curl/pull/2222
2018-01-05build: remove HAVE_LIMITS_H checkJay Satiro
.. because limits.h presence isn't optional, it's required by C89. Ref: http://port70.net/~nsz/c/c89/c89-draft.html#2.2.4.2 Closes https://github.com/curl/curl/pull/2215
2017-12-30test1554: improve the error handlingMichael Kaufmann
2017-12-30test1554: add global initialization and cleanupMichael Kaufmann
2017-12-27brotli: data at the end of content can be lostMikalai Ananenka
Decoding loop implementation did not concern the case when all received data is consumed by Brotli decoder and the size of decoded data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE. For content with unencoded length greater than CURL_MAX_WRITE_SIZE this can result in the loss of data at the end of content. Closes #2194
2017-12-20curl_easy_reset: release mime-related data.Patrick Monnerat
Move curl_mime_initpart() and curl_mime_cleanpart() calls to lower-level functions dealing with UserDefined structure contents. This avoids memory leakages on curl-generated part mime headers. New test 2073 checks this using the cli tool --next option: it triggers a valgrind error if bug is present. Bug: https://curl.haxx.se/mail/lib-2017-12/0060.html Reported-by: Martin Galvan
2017-12-20content_encoding: rework zlib_inflatePatrick Monnerat
- When zlib version is < 1.2.0.4, process gzip trailer before considering extra data as an error. - Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data and minimize corrupt data output. - Do not try to restart deflate decompression in raw mode if output has started or if the leading data is not available anymore. - New test 232 checks inflating raw-deflated content. Closes #2068
2017-12-11Revert "curl: don't set CURLOPT_INTERLEAVEDATA"Daniel Stenberg
This reverts commit 9ffad8eb1329bb35c8988115ac7ed85cf91ef955. It was actually added rather recently in 8e8afa82cbb629 due to a crash that would otherwise happen in the RTSP code. As I don't think we've fixed that behavior yet, we better keep this work-around until we have fixed it better.
2017-12-10tests: mark data files as non-executable in gitMichael Kaufmann
2017-12-10tests: update .gitignore for libtestsMichael Kaufmann
2017-12-10multi_done: prune DNS cacheDaniel Stenberg
Prune the DNS cache immediately after the dns entry is unlocked in multi_done. Timed out entries will then get discarded in a more orderly fashion. Test506 is updated Reported-by: Oleg Pudeyev Fixes #2169 Closes #2170
2017-12-08curl: don't set CURLOPT_INTERLEAVEDATADaniel Stenberg
That data is only ever used by the CURLOPT_INTERLEAVEFUNCTION callback and that option isn't set or used by the curl tool! Updates the 9 tests that verify --libcurl Closes #2167
2017-12-06tests: added netinet/in6.h includes in test serversRandall S. Becker
2017-12-05conncache: fix several lock issuesDaniel Stenberg
If the lock is released before the dealings with the bundle is over, it may have changed by another thread in the mean time. Fixes #2132 Fixes #2151 Closes #2139
2017-12-05sasl_getmesssage: make sure we have a long enough string to passDaniel Stenberg
For pop3/imap/smtp, added test 891 to somewhat verify the pop3 case. For this, I enhanced the pingpong test server to be able to send back responses with LF-only instead of always using CRLF. Closes #2150
2017-12-01lib582: do not verify host for SFTPNikos Mavrogiannopoulos
This SFTP test fails with libssh back-end due to failure to verify the peer. Disable peer verification in the test as there seems to be the intention of the test. Note that the libssh back-end automatically verifies the peer's host using the default known_hosts file. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01libssh2: return CURLE_UPLOAD_FAILED on failure to uploadNikos Mavrogiannopoulos
This brings its in sync with the error code returned by the libssh backend. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2017-12-01libssh2: send the correct CURLE error code on scp file not foundNikos Mavrogiannopoulos
That also updates tests to expect the right error code libssh2 back-end returns CURLE_SSH error if the remote file is not found. Expect instead CURLE_REMOTE_FILE_NOT_FOUND which is sent by the libssh backend. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-11-27wildcardmatch: fix heap buffer overflow in setcharsetDaniel Stenberg
The code would previous read beyond the end of the pattern string if the match pattern ends with an open bracket when the default pattern matching function is used. Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161 CVE-2017-8817 Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
2017-11-24test: add test for bad UNC/SMB path in file: URLMatthew Kerwin
2017-11-24test: add tests to ensure basic file: URLsMatthew Kerwin
2017-11-22test1264: verify URL with space in host name being rejectedMichael Kaufmann
2017-11-22url: reject ASCII control characters and space in host namesDaniel Stenberg
Host names like "127.0.0.1 moo" would otherwise be accepted by some getaddrinfo() implementations. Updated test 1034 and 1035 accordingly. Fixes #2073 Closes #2092
2017-11-17resolve: allow IP address within [] bracketsDaniel Stenberg
... so that IPv6 addresses can be passed like they can for connect-to and how they're used in URLs. Added test 1324 to verify Reported-by: Alex Malinovich Fixes #2087 Closes #2091
2017-11-14URL: return error on malformed URLs with junk after IPv6 bracketMichael Kaufmann
Follow-up to aadb7c7. Verified by new test 1263. Closes #2072
2017-11-09test1554: verify connection cache sharingDaniel Stenberg
2017-11-05HTTP: implement Brotli content encodingPatrick Monnerat
This uses the brotli external library (https://github.com/google/brotli). Brotli becomes a feature: additional curl_version_info() bit and structure fields are provided for it and CURLVERSION_NOW bumped. Tests 314 and 315 check Brotli content unencoding with correct and erroneous data. Some tests are updated to accomodate with the now configuration dependent parameters of the Accept-Encoding header.
2017-11-05HTTP: support multiple Content-EncodingsPatrick Monnerat
This is implemented as an output streaming stack of unencoders, the last calling the client write procedure. New test 230 checks this feature. Bug: https://github.com/curl/curl/pull/2002 Reported-By: Daniel Bankhead
2017-11-04curl: speed up handling of many URLsDaniel Stenberg
By properly keeping track of the last entry in the list of URLs/uploads to handle, curl now avoids many meaningless traverses of the list which speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K URLs). Added test 1291, to verify that it doesn't take ages - but we don't have any detection of "too slow" command in the test suite. Reported-by: arainchik on github Fixes #1959 Closes #2052
2017-11-04curl: pass through [] in URLs instead of calling globbing errorDaniel Stenberg
Assisted-by: Per Lundberg Fixes #2044 Closes #2046 Closes #2048
2017-11-01tests: Fixed torture tests on tests 556 and 650Dan Fandrich
Test cleanup after OOM wasn't being consistently performed.
2017-11-01CURLOPT_MAXREDIRS: allow -1 as a valueDaniel Stenberg
... which is valid according to documentation. Regression since f121575c0b5f. Verified now in test 501. Reported-by: cbartl on github Fixes #2038 Closes #2039
2017-10-30runtests.pl: Fixed typo in messageDan Fandrich
2017-10-29cli tool: in -F option arg, comma is a delimiter for files onlyPatrick Monnerat
Also upgrade test 1133 to cover this case and clarify man page about form data quoting. Bug: https://github.com/curl/curl/issues/2022 Reported-By: omau on github
2017-10-28auth: Added test cases for RFC7616Florin
Updated docs to include support for RFC7616 Signed-off-by: Florin <petriuc.florin@gmail.com> Closes #1934
2017-10-26curl_fnmatch: return error on illegal wildcard patternDaniel Stenberg
... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
2017-10-25time: rename Curl_tvnow to Curl_nowDaniel Stenberg
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25timediff: return timediff_t from the time diff functionsDaniel Stenberg
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
2017-10-24libtest: Add required test libraries for lib1552 and lib1553Paul Howarth
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too. This fixes build failures on Fedora 13. Closes #2006
2017-10-20ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694