summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* appveyor: upgrade VS2017 to VS2019Daniel Stenberg2019-09-211-8/+13
| | | | Closes #4383
* FTP: FTPFILE_NOCWD: avoid redundant CWDsZenju2019-09-212-59/+62
| | | | Closes #4382
* cookie: pass in the correct cookie amount to qsort()Daniel Stenberg2019-09-211-6/+6
| | | | | | | | | As the loop discards cookies without domain set. This bug would lead to qsort() trying to sort uninitialized pointers. We have however not found it a security problem. Reported-by: Paul Dreik Closes #4386
* urlapi: avoid index underflow for short ipv6 hostnamesPaul Dreik2019-09-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the input hostname is "[", hlen will underflow to max of size_t when it is subtracted with 2. hostname[hlen] will then cause a warning by ubsanitizer: runtime error: addition of unsigned offset to 0x<snip> overflowed to 0x<snip> I think that in practice, the generated code will work, and the output of hostname[hlen] will be the first character "[". This can be demonstrated by the following program (tested in both clang and gcc, with -O3) int main() { char* hostname=strdup("["); size_t hlen = strlen(hostname); hlen-=2; hostname++; printf("character is %d\n",+hostname[hlen]); free(hostname-1); } I found this through fuzzing, and even if it seems harmless, the proper thing is to return early with an error. Closes #4389
* ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23Tatsuhiro Tsujikawa2019-09-211-14/+13
| | | | Closes #4392
* THANKS-filter: deal with my typos 'Jat' => 'Jay'Daniel Stenberg2019-09-201-1/+1
|
* travis: use go masterDaniel Stenberg2019-09-201-2/+5
| | | | | | | ... as the boringssl builds needs a very recent version Co-authored-by: Jat Satiro Closes #4361
* tool_operate: removed unused variable 'done'Daniel Stenberg2019-09-201-2/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* tool_operate: Expression 'config->resume_from' is always trueDaniel Stenberg2019-09-201-2/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* tool_getparam: remove duplicate switch caseDaniel Stenberg2019-09-201-5/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* libssh2: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: Expression 'storep' is always trueDaniel Stenberg2019-09-201-1/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: 'scheme' is always trueDaniel Stenberg2019-09-201-16/+15
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* urlapi: part of conditional expression is always true: (relurl[0] == '/')Daniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* setopt: store CURLOPT_RTSP_SERVER_CSEQ correctlyDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes bug detected by PVS-Studio Fixes #4374
* mime: make Curl_mime_duppart() assert if called without valid dstDaniel Stenberg2019-09-201-6/+6
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* http_proxy: part of conditional expression is always true: !errorDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* imap: merged two case-branches performing the same actionDaniel Stenberg2019-09-201-4/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* multi: value '2L' is assigned to a booleanDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* easy: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-3/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* netrc: part of conditional expression is always true: !doneDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* version: Expression 'left > 1' is always trueDaniel Stenberg2019-09-201-7/+5
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* url: remove dead codeDaniel Stenberg2019-09-201-7/+0
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* url: part of expression is always true: (bundle->multiuse == 0)Daniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: the conditional expression is always trueDaniel Stenberg2019-09-201-4/+2
| | | | | | | ... both !result and (ftp->transfer != FTPTRANSFER_BODY)! Fixes warning detected by PVS-Studio Fixes #4374
* ftp: Expression 'ftpc->wait_data_conn' is always falseDaniel Stenberg2019-09-201-7/+2
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: Expression 'ftpc->wait_data_conn' is always trueDaniel Stenberg2019-09-201-6/+5
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* ftp: part of conditional expression is always true: !resultDaniel Stenberg2019-09-201-1/+1
| | | | | Fixes warning detected by PVS-Studio Fixes #4374
* http: fix Expression 'http->postdata' is always falseDaniel Stenberg2019-09-201-2/+1
| | | | | | Fixes warning detected by PVS-Studio Fixes #4374 Reported-by: Valerii Zapodovnikov
* doh: avoid truncating DNS QTYPE to lower octetNiall O'Reilly2019-09-191-2/+4
| | | | Closes #4381
* urlapi: CURLU_NO_AUTHORITY allows empty authority/host partJens Finkhaeuser2019-09-195-11/+57
| | | | | | | CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not "file:///") to override cURL's default demand that an authority exists. Closes #4349
* version: next release will be 7.67.0Daniel Stenberg2019-09-192-5/+5
|
* RELEASE-NOTES: syncedDaniel Stenberg2019-09-191-6/+42
|
* url: only reuse TLS connections with matching pinningDaniel Stenberg2019-09-193-1/+9
| | | | | | | | | | If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the connection should not be reused. Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html Reported-by: Sebastian Haglund Closes #4347
* README: add OSS-Fuzz badge [skip ci]Daniel Stenberg2019-09-191-0/+1
| | | | Closes #4380
* http: merge two "case" statementsMichael Kaufmann2019-09-181-3/+0
|
* FTP: remove trailing slash from path for LIST/MLSDZenju2019-09-185-13/+12
| | | | Closes #4348
* mime: when disabled, avoid C99 macroDaniel Stenberg2019-09-182-3/+10
| | | | Closes #4368
* url: cleanup dangling DOH request headers tooDaniel Stenberg2019-09-181-0/+1
| | | | | | | | | Follow-up to 9bc44ff64d9081 Credit to OSS-Fuzz Bug: https://crbug.com/oss-fuzz/17269 Closes #4372
* http2: relax verification of :authority in push promise requestsChristoph M. Becker2019-09-161-1/+3
| | | | | | | | | | If the :authority pseudo header field doesn't contain an explicit port, we assume it is valid for the default port, instead of rejecting the request for all ports. Ref: https://curl.haxx.se/mail/lib-2019-09/0041.html Closes #4365
* doh: clean up dangling DOH handles and memory on easy closeDaniel Stenberg2019-09-162-5/+12
| | | | | | | | | If you set the same URL for target as for DoH (and it isn't a DoH server), like "https://example.com" in both, the easy handles used for the DoH requests could be left "dangling" and end up not getting freed. Reported-by: Paul Dreik Closes #4366
* unit1655: make it C90 compliantDaniel Stenberg2019-09-161-52/+55
| | | | | | Unclear why this was not detected in the CI. Follow-up to b7666027296a
* smb: check for full size message before reading message detailsDaniel Stenberg2019-09-161-1/+2
| | | | | | | | To avoid reading of uninitialized data. Assisted-by: Max Dymond Bug: https://crbug.com/oss-fuzz/16907 Closes #4363
* quiche: persist connection detailsDaniel Stenberg2019-09-161-3/+3
| | | | | | | | | ... like we do for other protocols at connect time. This makes "curl -I" and other things work. Reported-by: George Liu Fixes #4358 Closes #4360
* openssl: fix warning with boringssl and SSL_CTX_set_min_proto_versionDaniel Stenberg2019-09-161-4/+9
| | | | | Follow-up to ffe34b7b59 Closes #4359
* doh: fix undefined behaviour and open up for gcc and clang optimizationPaul Dreik2019-09-151-2/+8
| | | | | | | | | | | | The undefined behaviour is annoying when running fuzzing with sanitizers. The codegen is the same, but the meaning is now not up for dispute. See https://cppinsights.io/s/516a2ff4 By incrementing the pointer first, both gcc and clang recognize this as a bswap and optimizes it to a single instruction. See https://godbolt.org/z/994Zpx Closes #4350
* doh: fix (harmless) buffer overrunPaul Dreik2019-09-157-5/+163
| | | | | | | | Added unit test case 1655 to verify. Close #4352 the code correctly finds the flaws in the old code, if one temporarily restores doh.c to the old version.
* docs: remove trailing ':' from section names in CURLOPT_TRAILER* manAlessandro Ghedini2019-09-152-13/+13
|
* docs: fix typo in CURLOPT_HTTP_VERSION manAlessandro Ghedini2019-09-151-1/+1
|
* CI: inintial github action jobDaniel Stenberg2019-09-141-0/+17
| | | First shot at a CI build on github actions