- 06 3月, 2023 2 次提交
-
-
由 Patrick Monnerat 提交于
Test 418 verifies Closes #10492 CVE-2023-23916 Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>
-
由 Josh Brobst 提交于
The unencoding stack is added to as Transfer-Encoding and Content-Encoding fields are encountered with no distinction between the two, meaning the stack will be incorrect if, e.g., the message has both fields and a non-chunked Transfer-Encoding comes first. This commit fixes this by ordering the stack with transfer encodings first. Reviewed-by: Patrick Monnerat Closes #10187 CVE-2023-23916 Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>
-
- 27 2月, 2023 1 次提交
-
-
由 openharmony_ci 提交于
回退 'Pull Request !109 : 【monthly_20221018】【漏洞】打补丁解决curl组件存在CVE漏洞 (CVE-2023-23914、CVE-2023-23915、CVE-2023-23916)'
-
- 22 2月, 2023 2 次提交
-
-
由 Patrick Monnerat 提交于
Test 418 verifies Closes #10492 CVE-2023-23916 Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>
-
由 Josh Brobst 提交于
The unencoding stack is added to as Transfer-Encoding and Content-Encoding fields are encountered with no distinction between the two, meaning the stack will be incorrect if, e.g., the message has both fields and a non-chunked Transfer-Encoding comes first. This commit fixes this by ordering the stack with transfer encodings first. Reviewed-by: Patrick Monnerat Closes #10187 CVE-2023-23916 Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>
-
- 06 7月, 2022 1 次提交
-
-
由 Daniel Stenberg 提交于
Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>
-
- 29 4月, 2021 1 次提交
-
-
由 Jacob Hoffman-Andrews 提交于
Closes #6954
-
- 22 4月, 2021 1 次提交
-
-
由 Daniel Stenberg 提交于
... remove '== NULL' and '!= 0' Closes #6912
-
- 11 3月, 2021 1 次提交
-
-
由 mamingshuai 提交于
-
- 25 1月, 2021 1 次提交
-
-
由 Patrick Monnerat 提交于
Closes #6499
-
- 21 1月, 2021 1 次提交
-
-
由 Daniel Stenberg 提交于
... by anchoring more functions on Curl_easy instead of connectdata Closes #6498
-
- 18 1月, 2021 1 次提交
-
-
由 Daniel Stenberg 提交于
... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
-
- 05 11月, 2020 1 次提交
-
-
由 Daniel Stenberg 提交于
Closes #6172
-
- 22 9月, 2020 1 次提交
-
-
由 Daniel Stenberg 提交于
The OS is deprecated. I see no traces of anyone having actually built curl for Symbian after 2012. The public headers are unmodified. Closes #5989
-
- 09 9月, 2020 1 次提交
-
-
由 wenjun 提交于
-
- 13 7月, 2020 1 次提交
-
-
由 Gilles Vollant 提交于
include zstd curl patch for Makefile.m32 from vszakats and include Add CMake support for zstd from Peter Wu Helped-by: Viktor Szakats Helped-by: Peter Wu Closes #5453
-
- 15 5月, 2020 1 次提交
-
-
由 Daniel Stenberg 提交于
- Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338
-
- 13 7月, 2018 1 次提交
-
-
由 Patrick Monnerat 提交于
Some servers issue raw deflate data that may be followed by an undocumented trailer. This commit makes curl tolerate such a trailer of up to 4 bytes before considering the data is in error. Reported-by: clbr on github Fixes #2719
-
- 11 6月, 2018 1 次提交
-
-
由 Marian Klymov 提交于
- Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
-
- 25 5月, 2018 1 次提交
-
-
由 Alejandro R. Sedeño 提交于
Fallback on Z_SYNC_FLUSH when Z_BLOCK is not available. Fixes #2606 Closes #2608
-
- 15 4月, 2018 1 次提交
-
-
由 Daniel Gustafsson 提交于
When a zeroed out allocation is required, use calloc() rather than malloc() followed by an explicit memset(). The result will be the same, but using calloc() everywhere increases consistency in the codebase and avoids the risk of subtle bugs when code is injected between malloc and memset by accident. Closes https://github.com/curl/curl/pull/2497
-
- 09 2月, 2018 1 次提交
-
-
由 Mohammad AlSaleh 提交于
Some servers return a "content-encoding" header with a non-standard "none" value. Add "none" as an alias to "identity" as a work-around, to avoid unrecognised content encoding type errors. Signed-off-by: NMohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com> Closes https://github.com/curl/curl/pull/2298
-
- 27 12月, 2017 1 次提交
-
-
由 Mikalai Ananenka 提交于
Decoding loop implementation did not concern the case when all received data is consumed by Brotli decoder and the size of decoded data internally hold by Brotli decoder is greater than CURL_MAX_WRITE_SIZE. For content with unencoded length greater than CURL_MAX_WRITE_SIZE this can result in the loss of data at the end of content. Closes #2194
-
- 20 12月, 2017 2 次提交
-
-
由 Patrick Monnerat 提交于
- When zlib version is < 1.2.0.4, process gzip trailer before considering extra data as an error. - Inflate with Z_BLOCK instead of Z_SYNC_FLUSH to maximize correct data and minimize corrupt data output. - Do not try to restart deflate decompression in raw mode if output has started or if the leading data is not available anymore. - New test 232 checks inflating raw-deflated content. Closes #2068
-
由 Patrick Monnerat 提交于
Some error codes were not yet defined in brotli 0.6.0: do not issue code for them in this case.
-
- 13 11月, 2017 1 次提交
-
-
由 Patrick Monnerat 提交于
There is a conflict on symbol 'free_func' between openssl/crypto.h and zlib.h on AIX. This is an attempt to resolve it. Bug: https://curl.haxx.se/mail/lib-2017-11/0032.html Reported-By: Michael Felt
-
- 09 11月, 2017 1 次提交
-
-
由 Jay Satiro 提交于
- Don't call zlib's inflate() when avail_in stream bytes is 0. This is a follow up to the parent commit 19e66e53. Prior to that change libcurl's inflate_stream could call zlib's inflate even when no bytes were available, causing inflate to return Z_BUF_ERROR, and then inflate_stream would treat that as a hard error and return CURLE_BAD_CONTENT_ENCODING. According to the zlib FAQ, Z_BUF_ERROR is not fatal. This bug would happen randomly since packet sizes are arbitrary. A test of 10,000 transfers had 55 fail (ie 0.55%). Ref: https://zlib.net/zlib_faq.html#faq05 Closes https://github.com/curl/curl/pull/2060
-
- 07 11月, 2017 1 次提交
-
-
由 Patrick Monnerat 提交于
-
- 05 11月, 2017 2 次提交
-
-
由 Patrick Monnerat 提交于
This uses the brotli external library (https://github.com/google/brotli). Brotli becomes a feature: additional curl_version_info() bit and structure fields are provided for it and CURLVERSION_NOW bumped. Tests 314 and 315 check Brotli content unencoding with correct and erroneous data. Some tests are updated to accomodate with the now configuration dependent parameters of the Accept-Encoding header.
-
由 Patrick Monnerat 提交于
This is implemented as an output streaming stack of unencoders, the last calling the client write procedure. New test 230 checks this feature. Bug: https://github.com/curl/curl/pull/2002 Reported-By: Daniel Bankhead
-
- 11 9月, 2017 1 次提交
-
-
由 Daniel Stenberg 提交于
-
- 14 3月, 2017 1 次提交
-
-
由 Sylvestre Ledru 提交于
... by removing the else branch after a return, break or continue. Closes #1310
-
- 29 12月, 2016 1 次提交
-
-
由 Daniel Stenberg 提交于
Failure to decompress is now a write error instead of the weird "function not found".
-
- 14 12月, 2016 1 次提交
-
-
由 Daniel Stenberg 提交于
In order to make the code style more uniform everywhere
-
- 11 11月, 2016 1 次提交
-
-
由 Daniel Stenberg 提交于
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
-
- 22 6月, 2016 1 次提交
-
-
由 Daniel Stenberg 提交于
-
- 03 2月, 2016 1 次提交
-
-
由 Daniel Stenberg 提交于
-
- 09 1月, 2013 1 次提交
-
-
由 Yang Tse 提交于
This commit renames lib/setup.h to lib/curl_setup.h and renames lib/setup_once.h to lib/curl_setup_once.h. Removes the need and usage of a header inclusion guard foreign to libcurl. [1] Removes the need and presence of an alarming notice we carried in old setup_once.h [2] ---------------------------------------- 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H, this single inclusion guard is enough to ensure that inclusion of lib/setup_once.h done from lib/setup.h is only done once. Additionally lib/setup.h has always used __SETUP_ONCE_H macro to protect inclusion of setup_once.h even after commit ec691ca3, this was to avoid a circular header inclusion triggered when building a c-ares enabled version with c-ares sources available which also has a setup_once.h header. Commit ec691ca3 exposes the real nature of __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard foreign to libcurl belonging to c-ares's setup_once.h The renaming this commit does, fixes the circular header inclusion, and as such removes the need and usage of a header inclusion guard foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl. 2 - Due to the circular interdependency of old lib/setup_once.h and the c-ares setup_once.h header, old file lib/setup_once.h has carried back from 2006 up to now days an alarming and prominent notice about the need of keeping libcurl's and c-ares's setup_once.h in sync. Given that this commit fixes the circular interdependency, the need and presence of mentioned notice is removed. All mentioned interdependencies come back from now old days when the c-ares project lived inside a curl subdirectory. This commit removes last traces of such fact.
-
- 07 1月, 2013 1 次提交
-
-
由 Yang Tse 提交于
This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de00... build: make use of 76 lib/*.h renamed files ffd8e127... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374c... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bbf... build: make use of 93 lib/*.c renamed files 5b6e7927... build: rename 93 lib/*.c files 7d83dfff... build: commit 13606bbf follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
-
- 03 1月, 2013 1 次提交
-
-
由 Yang Tse 提交于
93 lib/*.c source files renamed to use our standard naming scheme. This commit only does the file renaming. ---------------------------------------- renamed: lib/amigaos.c -> lib/curl_amigaos.c renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c renamed: lib/axtls.c -> lib/curl_axtls.c renamed: lib/base64.c -> lib/curl_base64.c renamed: lib/bundles.c -> lib/curl_bundles.c renamed: lib/conncache.c -> lib/curl_conncache.c renamed: lib/connect.c -> lib/curl_connect.c renamed: lib/content_encoding.c -> lib/curl_content_encoding.c renamed: lib/cookie.c -> lib/curl_cookie.c renamed: lib/cyassl.c -> lib/curl_cyassl.c renamed: lib/dict.c -> lib/curl_dict.c renamed: lib/easy.c -> lib/curl_easy.c renamed: lib/escape.c -> lib/curl_escape.c renamed: lib/file.c -> lib/curl_file.c renamed: lib/fileinfo.c -> lib/curl_fileinfo.c renamed: lib/formdata.c -> lib/curl_formdata.c renamed: lib/ftp.c -> lib/curl_ftp.c renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c renamed: lib/getenv.c -> lib/curl_getenv.c renamed: lib/getinfo.c -> lib/curl_getinfo.c renamed: lib/gopher.c -> lib/curl_gopher.c renamed: lib/gtls.c -> lib/curl_gtls.c renamed: lib/hash.c -> lib/curl_hash.c renamed: lib/hmac.c -> lib/curl_hmac.c renamed: lib/hostasyn.c -> lib/curl_hostasyn.c renamed: lib/hostcheck.c -> lib/curl_hostcheck.c renamed: lib/hostip.c -> lib/curl_hostip.c renamed: lib/hostip4.c -> lib/curl_hostip4.c renamed: lib/hostip6.c -> lib/curl_hostip6.c renamed: lib/hostsyn.c -> lib/curl_hostsyn.c renamed: lib/http.c -> lib/curl_http.c renamed: lib/http_chunks.c -> lib/curl_http_chunks.c renamed: lib/http_digest.c -> lib/curl_http_digest.c renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c renamed: lib/http_proxy.c -> lib/curl_http_proxy.c renamed: lib/idn_win32.c -> lib/curl_idn_win32.c renamed: lib/if2ip.c -> lib/curl_if2ip.c renamed: lib/imap.c -> lib/curl_imap.c renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c renamed: lib/inet_pton.c -> lib/curl_inet_pton.c renamed: lib/krb4.c -> lib/curl_krb4.c renamed: lib/krb5.c -> lib/curl_krb5.c renamed: lib/ldap.c -> lib/curl_ldap.c renamed: lib/llist.c -> lib/curl_llist.c renamed: lib/md4.c -> lib/curl_md4.c renamed: lib/md5.c -> lib/curl_md5.c renamed: lib/memdebug.c -> lib/curl_memdebug.c renamed: lib/mprintf.c -> lib/curl_mprintf.c renamed: lib/multi.c -> lib/curl_multi.c renamed: lib/netrc.c -> lib/curl_netrc.c renamed: lib/non-ascii.c -> lib/curl_non_ascii.c renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h renamed: lib/nonblock.c -> lib/curl_nonblock.c renamed: lib/nss.c -> lib/curl_nss.c renamed: lib/nwlib.c -> lib/curl_nwlib.c renamed: lib/nwos.c -> lib/curl_nwos.c renamed: lib/openldap.c -> lib/curl_openldap.c renamed: lib/parsedate.c -> lib/curl_parsedate.c renamed: lib/pingpong.c -> lib/curl_pingpong.c renamed: lib/polarssl.c -> lib/curl_polarssl.c renamed: lib/pop3.c -> lib/curl_pop3.c renamed: lib/progress.c -> lib/curl_progress.c renamed: lib/qssl.c -> lib/curl_qssl.c renamed: lib/rawstr.c -> lib/curl_rawstr.c renamed: lib/rtsp.c -> lib/curl_rtsp.c renamed: lib/security.c -> lib/curl_security.c renamed: lib/select.c -> lib/curl_select.c renamed: lib/sendf.c -> lib/curl_sendf.c renamed: lib/share.c -> lib/curl_share.c renamed: lib/slist.c -> lib/curl_slist.c renamed: lib/smtp.c -> lib/curl_smtp.c renamed: lib/socks.c -> lib/curl_socks.c renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c renamed: lib/speedcheck.c -> lib/curl_speedcheck.c renamed: lib/splay.c -> lib/curl_splay.c renamed: lib/ssh.c -> lib/curl_ssh.c renamed: lib/sslgen.c -> lib/curl_sslgen.c renamed: lib/ssluse.c -> lib/curl_ssluse.c renamed: lib/strdup.c -> lib/curl_strdup.c renamed: lib/strequal.c -> lib/curl_strequal.c renamed: lib/strerror.c -> lib/curl_strerror.c renamed: lib/strtok.c -> lib/curl_strtok.c renamed: lib/strtoofft.c -> lib/curl_strtoofft.c renamed: lib/telnet.c -> lib/curl_telnet.c renamed: lib/tftp.c -> lib/curl_tftp.c renamed: lib/timeval.c -> lib/curl_timeval.c renamed: lib/transfer.c -> lib/curl_transfer.c renamed: lib/url.c -> lib/curl_url.c renamed: lib/version.c -> lib/curl_version.c renamed: lib/warnless.c -> lib/curl_warnless.c renamed: lib/wildcard.c -> lib/curl_wildcard.c ----------------------------------------
-