From dbc6fe3e84a592bf69f140311a79c9116e561ad8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 15 Nov 2008 23:47:01 +0000
Subject: my recent changes

---
 CHANGES | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index 8bc8ee142..99cd29ceb 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,19 @@
 
                                   Changelog
 
+Daniel Stenberg (16 Nov 2008)
+- Added check for NULL returns from strdup() in src/main.c and lib/formdata.c
+  - reported by Jim Meyering also prevent buffer overflow on MSDOS when you do
+  for example -O on a url with a file name part longer than PATH_MAX letters
+
+- lib/nss.c fixes based on the report by Jim Meyering: I went over and added
+  checks for return codes for all calls to malloc and strdup that were
+  missing. I also changed a few malloc(13) to use arrays on the stack and a
+  few malloc(PATH_MAX) to instead use aprintf() to lower memory use.
+
+- I fixed a memory leak in Curl_nss_connect() when CURLOPT_ISSUERCERT is
+  in use.
+
 Daniel Fandrich (14 Nov 2008)
 - Added .xml as one of the few common file extensions known by the multipart
   form generator.
-- 
cgit v1.2.3