summaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* wildcardmatch: fix heap buffer overflow in setcharsetDaniel Stenberg2017-11-272-1/+53
| | | | | | | | | | | | | The code would previous read beyond the end of the pattern string if the match pattern ends with an open bracket when the default pattern matching function is used. Detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161 CVE-2017-8817 Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
* test: add test for bad UNC/SMB path in file: URLMatthew Kerwin2017-11-242-1/+39
|
* test: add tests to ensure basic file: URLsMatthew Kerwin2017-11-243-1/+85
|
* test1264: verify URL with space in host name being rejectedMichael Kaufmann2017-11-222-1/+37
|
* url: reject ASCII control characters and space in host namesDaniel Stenberg2017-11-222-36/+10
| | | | | | | | | | Host names like "127.0.0.1 moo" would otherwise be accepted by some getaddrinfo() implementations. Updated test 1034 and 1035 accordingly. Fixes #2073 Closes #2092
* resolve: allow IP address within [] bracketsDaniel Stenberg2017-11-172-1/+57
| | | | | | | | | | | ... so that IPv6 addresses can be passed like they can for connect-to and how they're used in URLs. Added test 1324 to verify Reported-by: Alex Malinovich Fixes #2087 Closes #2091
* URL: return error on malformed URLs with junk after IPv6 bracketMichael Kaufmann2017-11-142-1/+38
| | | | | | Follow-up to aadb7c7. Verified by new test 1263. Closes #2072
* test1554: verify connection cache sharingDaniel Stenberg2017-11-094-2/+163
|
* HTTP: implement Brotli content encodingPatrick Monnerat2017-11-0510-7/+328
| | | | | | | | | | | | This uses the brotli external library (https://github.com/google/brotli). Brotli becomes a feature: additional curl_version_info() bit and structure fields are provided for it and CURLVERSION_NOW bumped. Tests 314 and 315 check Brotli content unencoding with correct and erroneous data. Some tests are updated to accomodate with the now configuration dependent parameters of the Accept-Encoding header.
* HTTP: support multiple Content-EncodingsPatrick Monnerat2017-11-052-1/+201
| | | | | | | | | | This is implemented as an output streaming stack of unencoders, the last calling the client write procedure. New test 230 checks this feature. Bug: https://github.com/curl/curl/pull/2002 Reported-By: Daniel Bankhead
* curl: speed up handling of many URLsDaniel Stenberg2017-11-042-1/+52
| | | | | | | | | | | | | | By properly keeping track of the last entry in the list of URLs/uploads to handle, curl now avoids many meaningless traverses of the list which speeds up many-URL handling *MASSIVELY* (several magnitudes on 100K URLs). Added test 1291, to verify that it doesn't take ages - but we don't have any detection of "too slow" command in the test suite. Reported-by: arainchik on github Fixes #1959 Closes #2052
* curl: pass through [] in URLs instead of calling globbing errorDaniel Stenberg2017-11-042-1/+49
| | | | | | | Assisted-by: Per Lundberg Fixes #2044 Closes #2046 Closes #2048
* tests: Fixed torture tests on tests 556 and 650Dan Fandrich2017-11-012-20/+41
| | | | Test cleanup after OOM wasn't being consistently performed.
* CURLOPT_MAXREDIRS: allow -1 as a valueDaniel Stenberg2017-11-011-1/+4
| | | | | | | | | | | ... which is valid according to documentation. Regression since f121575c0b5f. Verified now in test 501. Reported-by: cbartl on github Fixes #2038 Closes #2039
* runtests.pl: Fixed typo in messageDan Fandrich2017-10-301-1/+1
|
* cli tool: in -F option arg, comma is a delimiter for files onlyPatrick Monnerat2017-10-291-3/+11
| | | | | | | | Also upgrade test 1133 to cover this case and clarify man page about form data quoting. Bug: https://github.com/curl/curl/issues/2022 Reported-By: omau on github
* auth: Added test cases for RFC7616Florin2017-10-2813-1/+1094
| | | | | | | | Updated docs to include support for RFC7616 Signed-off-by: Florin <petriuc.florin@gmail.com> Closes #1934
* curl_fnmatch: return error on illegal wildcard patternDaniel Stenberg2017-10-262-1/+53
| | | | | | | | | | ... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
* time: rename Curl_tvnow to Curl_nowDaniel Stenberg2017-10-251-1/+1
| | | | | | | | | | ... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
* timediff: return timediff_t from the time diff functionsDaniel Stenberg2017-10-254-9/+109
| | | | | | | | | | | | | | | ... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
* libtest: Add required test libraries for lib1552 and lib1553Paul Howarth2017-10-241-0/+2
| | | | | | | | They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too. This fixes build failures on Fedora 13. Closes #2006
* ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg2017-10-201-6/+2
| | | | | | | | | | ... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
* test653: check reuse of easy handle after mime data changePatrick Monnerat2017-10-204-2/+161
| | | | See issue #1999
* test308: disable if MultiSSL feature enabledPatrick Monnerat2017-10-191-0/+1
| | | | | Even if OpenSSL is enabled, it might not be the default backend when multi-ssl is enabled, causing the test to fail.
* runtests: support MultiSSL client featurePatrick Monnerat2017-10-191-0/+15
|
* test652: curl_mime_data + base64 encoder with large contentsPatrick Monnerat2017-10-194-1/+491
|
* mime: limit bas64-encoded lines length to 76 charactersPatrick Monnerat2017-10-191-2/+2
|
* runtests: use valgrind for torture as wellDaniel Stenberg2017-10-141-8/+34
| | | | | NOTE: it makes them terribly slow. I recommend only using valgrind for specific torture tests or using lots of patience.
* memdebug: trace send, recv and socketDaniel Stenberg2017-10-142-14/+30
| | | | | | ... to allow them to be included in torture tests too. closes #1980
* test651: curl_formadd with huge COPYCONTENTSDaniel Stenberg2017-10-134-2/+172
|
* mime: keep "text/plain" content type if user-specified.Patrick Monnerat2017-10-125-18/+23
| | | | | | Include test cases in 554, 587, 650. Fixes https://github.com/curl/curl/issues/1986
* cli tool: reimplement stdin buffering in -F option.Patrick Monnerat2017-10-121-6/+1
| | | | | | | | | | | | If stdin is not a regular file, its content is memory-buffered to enable a possible data "rewind". In all cases, stdin data size is determined before real use to avoid having an unknown part's size. --libcurl generated code is left as an unbuffered stdin fread/fseek callback part with unknown data size. Buffering is not supported in deprecated curl_formadd() API.
* test950; verify SMTP with custom requestDaniel Stenberg2017-10-102-1/+44
|
* ftpserver: support case insensitive commandsDaniel Stenberg2017-10-101-1/+1
|
* FTP: URL decode path for dir listing in nocwd modeDaniel Stenberg2017-10-102-1/+55
| | | | | | | | Reported-by: Zenju on github Test 244 added to verify Fixes #1974 Closes #1976
* test298: verify --ftp-method nowcwd with URL encoded pathDaniel Stenberg2017-10-091-1/+1
| | | | Ref: #1974
* curl: don't pass semicolons when parsing Content-DispositionKristiyan Tsaklev2017-10-091-1/+1
| | | | | | Test 1422 updated to verify. Closes #1964
* RTSP: avoid integer overflow on funny RTSP responseDaniel Stenberg2017-10-092-1/+56
| | | | | | | | | ... like a very large non-existing RTSP version number. Added test 577 to verify. Detected by OSS-fuzz. Closes #1969
* ftpserver: properly reset $ftptargetdir.Patrick Monnerat2017-10-081-1/+1
|
* test643: verify curl_mime_subparts() rejects cyclic additions.Patrick Monnerat2017-10-081-0/+27
|
* Revert "multi_done: wait for name resolve to finish if still ongoing"Daniel Stenberg2017-10-081-0/+2
| | | | | | | | | This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe. Caused memory leaks in the fuzzer, needs to be done differently. Disable test 1553 for now too, as it causes memory leaks without this commit!
* pingpong: return error when trying to send without connectionDaniel Stenberg2017-10-074-2/+166
| | | | | | | | | | | | | When imap_done() got called before a connection is setup, it would try to "finish up" and dereffed a NULL pointer. Test case 1553 managed to reproduce. I had to actually use a host name to try to resolve to slow it down, as using the normal local server IP will make libcurl get a connection in the first curl_multi_perform() loop and then the bug doesn't trigger. Fixes #1953 Assisted-by: Max Dymond
* tests: added flaky keyword to tests 587 and 644Dan Fandrich2017-10-062-0/+2
| | | | These are around 5% flaky in my Linux x86 autobuilds.
* multi_cleanup: call DONE on handles that never got thatDaniel Stenberg2017-10-064-2/+150
| | | | | | | | | | | ... fixes a memory leak with at least IMAP when remove_handle is never called and the transfer is abruptly just abandoned early. Test 1552 added to verify Detected by OSS-fuzz Assisted-by: Max Dymond Closes #1954
* fuzzer: move to using external curl-fuzzerMax Dymond2017-10-0429-1130/+12
| | | | | | Use the external curl-fuzzer repository for fuzzing. Closes #1923
* test1153: verify quoted double-qoutes in PWD responseDaniel Stenberg2017-10-022-1/+62
|
* FTP: zero terminate the entry path even on bad inputDaniel Stenberg2017-10-022-0/+62
| | | | | | | | | | ... a single double quote could leave the entry path buffer without a zero terminating byte. CVE-2017-1000254 Test 1152 added to verify. Reported-by: Max Dymond Bug: https://curl.haxx.se/docs/adv_20171004.html
* cookie: fix memory leak if path was set twice in headerDaniel Stenberg2017-09-302-1/+55
| | | | | | | | | | ... this will let the second occurance override the first. Added test 1161 to verify. Reported-by: Max Dymond Fixes #1932 Closes #1933
* test650: Use variable replacement to set the host address and portDan Fandrich2017-09-301-1/+1
| | | | | Otherwise, the test fails when the -b test option is used to set a different test port range.
* Set and use more necessary options when some protocols are disabledDan Fandrich2017-09-301-2/+2
| | | | | | | | | | | | When curl and libcurl are built with some protocols disabled, they stop setting and receiving some options that don't make sense with those protocols. In particular, when HTTP is disabled many options aren't set that are used only by HTTP. However, some options that appear to be HTTP-only are actually used by other protocols as well (some despite having HTTP in the name) and should be set, but weren't. This change now causes some of these options to be set and used for more (or for all) protocols. In particular, this fixes tests 646 through 649 in an HTTP-disabled build, which use the MIME API in the mail protocols.
View Lorry Controller Status