summaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* mprintf: Fix stack overflowsTobias Stoeckmann2020-07-271-0/+11
| | | | | | | | | | | | | | | | | | | | | Stack overflows can occur with precisions for integers and floats. Proof of concepts: - curl_mprintf("%d, %.*1$d", 500, 1); - curl_mprintf("%d, %+0500.*1$f", 500, 1); Ideally, compile with -fsanitize=address which makes this undefined behavior a bit more defined for debug purposes. The format strings are valid. The overflows occur due to invalid arguments. If these arguments are variables with contents controlled by an attacker, the function's stack can be corrupted. Also see CVE-2016-9586 which partially fixed the float aspect. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Closes https://github.com/curl/curl/pull/5722
* util: silence conversion warningsMarcel Raad2020-07-192-2/+2
| | | | | | | | | | timeval::tv_usec might be a 32-bit integer and timespec::tv_nsec might be a 64-bit integer. This is the case when building for recent macOS versions, for example. Just treat tv_usec as an int, which should hopefully always be sufficient on systems with `HAVE_CLOCK_GETTIME_MONOTONIC`. Closes https://github.com/curl/curl/pull/5695
* test1139: make it display the difference on test failuresbagder/test1119Daniel Stenberg2020-07-142-3/+9
|
* test1119: verify stdout in the testDaniel Stenberg2020-07-142-0/+9
| | | | | | | So that failures will be displayed in the terminal, as it makes test failures visually displayed easier and faster. Closes #5644
* curl: add %{method} to the -w variablesDaniel Stenberg2020-07-143-2/+90
| | | | | | Gets the CURLINFO_EFFECTIVE_METHOD from libcurl. Added test 1197 to verify.
* content_encoding: add zstd decoding supportGilles Vollant2020-07-124-1/+406
| | | | | | | | | include zstd curl patch for Makefile.m32 from vszakats and include Add CMake support for zstd from Peter Wu Helped-by: Viktor Szakats Helped-by: Peter Wu Closes #5453
* transfer: fix memory-leak with CURLOPT_CURLU in a duped handleDaniel Stenberg2020-07-124-2/+144
| | | | | | | | Added test case 674 to reproduce and verify the bug report. Fixes #5665 Reported-by: NobodyXu on github Closes #5673
* ftpserver: don't verify SMTP MAIL FROM namesDaniel Stenberg2020-07-034-7/+11
| | | | | | | Rely on tests asking the names to get refused instead - test servers should be as dumb as possible. Edited test 914, 955 and 959 accordingly. Closes #5639
* terminology: call them null-terminated stringsDaniel Stenberg2020-06-283-5/+5
| | | | | | | | | | | Updated terminology in docs, comments and phrases to refer to C strings as "null-terminated". Done to unify with how most other C oriented docs refer of them and what users in general seem to prefer (based on a single highly unscientific poll on twitter). Reported-by: coinhubs on github Fixes #5598 Closes #5608
* http: fix proxy auth with blank passwordDaniel Stenberg2020-06-282-1/+61
| | | | | | | | | | Regression in 7.71.0 Added test case 346 to verify. Reported-by: Kristoffer Gleditsch Fixes #5613 Closes #5616
* test1539: do a HTTP 1.0 POST without a set size (fails)Daniel Stenberg2020-06-264-8/+58
| | | | | | | Attempt to reproduce #5593. Test case 1514 is very similar but uses HTTP/1.1 and thus switches to chunked. Closes #5595
* tests: verify newline in username and password for HTTPDaniel Stenberg2020-06-255-2/+178
| | | | | | test 1296 is a simply command line test test 1910 is a libcurl test including a redirect
* test543: extended to verify zero length inputDaniel Stenberg2020-06-252-2/+14
| | | | As was reported in #5601
* test1460: verify that -Ji is not okDaniel Stenberg2020-06-222-1/+65
|
* test1179: verify error message for non-existing cmdline optionDaniel Stenberg2020-06-182-1/+44
|
* FILEFORMAT: describe verify/stderrDaniel Stenberg2020-06-181-0/+9
|
* altsvc: remove the num field from the altsvc structDaniel Stenberg2020-06-121-8/+8
| | | | | | | | It was superfluous since we have the list.size alredy Reported-by: Jay Satiro Fixes #5553 Closes #5563
* test1560: avoid possibly negative association in wordingMartin V2020-06-121-14/+14
| | | | Closes #5549
* wording: avoid blacklist/whitelist stereotypesDaniel Stenberg2020-06-104-24/+24
| | | | | | | | Instead of discussing if there's value or meaning (implied or not) in the colors, let's use words without the same possibly negative associations. Closes #5546
* Curl_addrinfo: use one malloc instead of threeDaniel Stenberg2020-06-081-13/+8
| | | | | | | | To reduce the amount of allocations needed for creating a Curl_addrinfo struct, make a single larger malloc instead of three separate smaller ones. Closes #5533
* tests: add two simple tests for --login-optionsDaniel Stenberg2020-06-083-6/+94
| | | | | | Test 895 and 896 - as a follow-up to a3e972313b Closes #5539
* server/util: fix logmsg format using curl_off_t argumentDaniel Stenberg2020-06-061-1/+1
| | | | | | | | | ... this caused segfaults on armv7. Regression added in dd0365d560aea5a (7.70.0) Reviewed-by: Jay Satiro Closes #5529
* urldata: let the HTTP method be in the set.* structDaniel Stenberg2020-06-022-1/+98
| | | | | | | | | | | | When the method is updated inside libcurl we must still not change the method as set by the user as then repeated transfers with that same handle might not execute the same operation anymore! This fixes the libcurl part of #5462 Test 1633 added to verify. Closes #5499
* test970: make it require proxy supportDaniel Stenberg2020-06-021-0/+1
| | | | | | | | | | | This test verifies the -w %json output and the test case includes a full generated "blob". If there's no proxy support built into libcurl, it will return an error for proxy related info variables and they will not be included in the json, thus causing a mismatch and this test fails. Reported-by: Marc Hörsken Fixes #5501 Closes #5502
* build: disable more code/data when built without proxy supportDaniel Stenberg2020-05-305-3/+9
| | | | | | Added build to travis to verify Closes #5466
* url: alloc the download buffer at transfer startDaniel Stenberg2020-05-302-52/+16
| | | | | | | | | | | ... and free it as soon as the transfer is done. It removes the extra alloc when a new size is set with setopt() and reduces memory for unused easy handles. In addition: the closure_handle now doesn't use an allocated buffer at all but the smallest supported size as a stack based one. Closes #5472
* unit1604.c: fix implicit conv from 'SANITIZEcode' to 'CURLcode'Marc Hoersken2020-05-301-3/+4
| | | | | | | | | | | | | GCC 10 warns about this with warning: implicit conversion from 'SANITIZEcode' to 'CURLcode' [-Wenum-conversion] Since 'expected_result' is not really of type 'CURLcode' and it is not exposed in any way, we can just use 'SANITIZEcode'. Reviewed-by: Daniel Stenberg Reviewed-by: Marcel Raad Closes #5476
* tests/libtest: fix undefined reference to 'curlx_win32_fopen'Marc Hoersken2020-05-301-19/+22
| | | | | | | | | | | | | Since curl_setup.h now makes use of curlx_win32_fopen for Win32 builds with USE_WIN32_LARGE_FILES or USE_WIN32_SMALL_FILES defined, we need to include the relevant files for tests using fopen, because the libtest sources are also including curl_setup.h Reviewed-by: Marcel Raad Reviewed-by: Daniel Stenberg Follow up to #3784 (ffdddb45d9) Closes #5475
* server/sws: fix asan warning on use of uninitialized variableDaniel Stenberg2020-05-291-1/+5
|
* mk-lib1521: generate code for testing BLOB options as wellDaniel Stenberg2020-05-291-0/+5
| | | | | | Follow-up to cac5374298b3 Closes #5478
* FILEFORMAT: add more features that tests can depend onDaniel Stenberg2020-05-271-0/+10
|
* url: accept "any length" credentials for proxy authDaniel Stenberg2020-05-252-0/+56
| | | | | | | | | | | They're only limited to the maximum string input restrictions, not to 256 bytes. Added test 1178 to verify Reported-by: Will Roberts Fixes #5448 Closes #5449
* test1167: fixes in badsymbols.plMaksim Stsepanenka2020-05-251-3/+3
| | | | Closes #5442
* altsvc: fix parser for lines ending with CRLFDaniel Stenberg2020-05-251-9/+12
| | | | | | | | | | | | | Fixed the alt-svc parser to treat a newline as end of line. The unit tests in test 1654 were done without CRLF and thus didn't quite match the real world. Now they use CRLF as well. Reported-by: Peter Wu Assisted-by: Peter Wu Assisted-by: Jay Satiro Fixes #5445 Closes #5446
* all: fix codespell errorsViktor Szakats2020-05-256-7/+7
| | | | | | Reviewed-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes https://github.com/curl/curl/pull/5452
* curl: remove -J "informational" written on stdoutDaniel Stenberg2020-05-232-4/+4
| | | | | | | | | | | curl would previously show "curl: Saved to filename 'name from header'" if -J was used and a name was picked from the Content-Disposition header. That output could interfer with other stdout output, such as -w. This commit removes that output line. Bug: https://curl.haxx.se/mail/archive-2020-05/0044.html Reported-by: Коваленко Анатолий Викторович Closes #5435
* tests/server/util.h: add extern to silence compiler warningDaniel Stenberg2020-05-201-0/+2
| | | | Follow-up from a3b0699d5c1
* source cleanup: remove all custom typedef structsDaniel Stenberg2020-05-156-17/+18
| | | | | | | | | | | - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
* test1632: verify FTP through HTTPS-proxy with connection re-useDaniel Stenberg2020-05-152-1/+106
|
* test1631: verify FTP download through HTTPS-proxyDaniel Stenberg2020-05-152-1/+88
|
* sws: as last resort, get test number from server cmd fileDaniel Stenberg2020-05-151-18/+52
| | | | | | | | If it can't be found in the request. Also support --cmdfile to set it to a custom file name. runtests.pl always writes this file with the test number in it since a while back.
* curl_multibyte: add to curlxMarcel Raad2020-05-141-2/+4
| | | | | | | This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784
* url: make the updated credentials URL-encoded in the URLDaniel Stenberg2020-05-142-0/+79
| | | | | | | | Found-by: Gregory Jefferis Reported-by: Jeroen Ooms Added test 1168 to verify. Bug spotted when doing a redirect. Bug: https://github.com/jeroen/curl/issues/224 Closes #5400
* tests: add https-proxy support to the test suiteDaniel Stenberg2020-05-144-29/+138
| | | | | | | Initial test 1630 added with basic HTTPS-proxy use. HTTPS-proxy is like HTTP proxy but with a full TLS connection to the proxy. Closes #5399
* checksrc: enhance the ASTERISKSPACE and update code accordinglyDaniel Stenberg2020-05-143-10/+10
| | | | | | | | Fine: "struct hello *world" Not fine: "struct hello* world" (and variations) Closes #5386
* docs/options-in-versions: which version added each cmdline optionDaniel Stenberg2020-05-134-2/+147
| | | | | | | | Added test 971 to verify that the list is in sync with the files in cmdline-opts. The check also verifies that .d-files that uses Added: specify the same version number as the options-in-versions file does. Closes #5381
* tool: Add option --retry-all-errors to retry on any errorJay Satiro2020-05-122-1/+66
| | | | | | The "sledgehammer" of retrying. Closes https://github.com/curl/curl/pull/5185
* CMake: fix runtests.pl with CMake, add new test targetsPeter Wu2020-05-123-15/+48
| | | | | | | | | | | | | | | | | | | * runtests.pl: - Fix out-of-tree build under CMake when srcdir is not set. Default srcdir to the location of runtests.pl. - Add a hack to allow CMake to use the TFLAGS option as documented in tests/README and used in scripts/travis/script.sh. * Bump CMake version to 3.2 for USES_TERMINAL, dropping Debian Jessie support (no one should care, it is already EOL.). * Remove CTest since it defines its own 'test' target with no tests since all unittests are already broken and not built by default. * Add new test targets based on the options from Makefile.am. Since new test targets are rarely added, I opted for duplicating the runtests.pl options as opposed to creating a new Makefile.inc file. Use top-level target names (test-x) instead of x-test since that is used by CI and others. Closes #5358
* CMake: do not build test programs by defaultPeter Wu2020-05-124-4/+9
| | | | | | | | The default target should only build libcurl and curl. Add a dedicated 'testdeps' target which will be used later when running tests. Note that unittests are currently broken in CMake and already excluded. Closes #5368
* FILEFORMAT: moved up the variables section and further polishedDaniel Stenberg2020-05-121-68/+73
|
View Lorry Controller Status