Commit Graph

17977 Commits

Author SHA1 Message Date
Daniel Stenberg
386ed2d590 gtls: fix NULL pointer dereference
gnutls_x509_crt_import() must not be called with a NULL certificate

Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
2014-04-22 23:24:31 +02:00
Daniel Stenberg
5b463e97fa curl_global_init_mem: bump initialized even if already initialized
As this makes curl_global_init_mem() behave the same way as
curl_global_init() already does in that aspect - the same number of
curl_global_cleanup() calls is then required to again decrease the
counter and then eventually do the cleanup.

Bug: http://curl.haxx.se/bug/view.cgi?id=1362
Reported-by: Tristan
2014-04-22 23:08:14 +02:00
Kamil Dudka
8868a226cd nss: implement non-blocking SSL handshake 2014-04-22 22:56:14 +02:00
Kamil Dudka
a43bba3a34 nss: split Curl_nss_connect() into 4 functions 2014-04-22 22:56:14 +02:00
Dan Fandrich
c1d6158789 tests: Fixed torture test for tests 1526 & 1527 2014-04-22 22:43:57 +02:00
Marc Hoersken
42c04eb1d1 sockfilt.c: clean up threaded approach and add documentation 2014-04-22 17:22:42 +02:00
Marc Hoersken
6fd97fca88 sockfilt.c: zero initialize variable 2014-04-22 17:22:42 +02:00
Marc Hoersken
6a03f6368f sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe 2014-04-22 17:22:41 +02:00
Daniel Stenberg
a5d7ec1848 configure: use the nghttp2 path correctly with pkg-config
When --with-nghttp2 was used (without a given path), the
PKG_CONFIG_LIBDIR varialbe could get clobbered and ruin a proper
detection of the library.

Reported-by: Dilyan Palauzov
Bug: http://curl.haxx.se/mail/lib-2014-04/0159.html
2014-04-22 00:24:44 +02:00
Dilyan Palauzov
11ce2f2182 configure: fix wrong comment
copy and paste error
2014-04-21 20:12:20 +02:00
Steve Holme
4b87029113 build: Fixed output name for Release builds in VC10 and VC11 2014-04-21 17:40:50 +01:00
Marc Hoersken
8ce852a279 sockfilt.c: properly handle disk files, pipes and character input 2014-04-20 22:15:36 +02:00
Marc Hoersken
fe1c0176c1 sockfilt.c: ignore non-key-events and continue waiting for input 2014-04-20 18:26:24 +02:00
Marc Hoersken
eb01947e1d sockfilt.c: free memory in case of memory allocation errors 2014-04-20 18:22:28 +02:00
Marc Hoersken
ee6791128f multi.c: fix possible invalid memory access in case nfds overflows
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
2014-04-19 16:02:14 +02:00
Marc Hoersken
549b4a659a netrc.c: fix multiple possible dereferences of null pointers 2014-04-19 16:00:43 +02:00
Marc Hoersken
9146f37973 parsedate.c: check sscanf result before passing it to strlen 2014-04-19 15:47:07 +02:00
Marc Hoersken
662fc62517 telnet.c: check sscanf results before passing them to snprintf 2014-04-19 15:23:04 +02:00
Marc Hoersken
f9ffbfce90 telnet.c: fix possible use of uninitialized variable 2014-04-19 15:18:19 +02:00
Marc Hoersken
aa0fbe3537 telnet.c: fix possible use of non-null-terminated strings 2014-04-19 14:26:02 +02:00
Marc Hoersken
c48b996cf2 url.c: fix possible use of non-null-terminated string with strlen
Follow up on b0e742544b
2014-04-19 14:25:32 +02:00
Marc Hoersken
89390f35f8 tool_writeout.c: initialize string pointer variable 2014-04-19 00:24:25 +02:00
Marc Hoersken
da900ca970 tool_formparse.c: fix possible use of non-null-terminated strings 2014-04-19 00:17:47 +02:00
Marc Hoersken
b0e742544b url.c: fix possible use of non-null-terminated string with strlen 2014-04-19 00:17:21 +02:00
Marc Hoersken
7296fc9e7e connect.c: fix multiple possible dereferences of null pointers
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
2014-04-18 23:56:54 +02:00
Marc Hoersken
3f74e149f8 tftp.c: fix possible dereference of null pointer 2014-04-18 23:53:48 +02:00
Marc Hoersken
667d133dab tool_urlglob.c: added some comments to clarify for loop conditions
I was tempted to change those to >= 0 until I saw that this is
actually a for loop that terminates once i underflows.
2014-04-18 23:28:26 +02:00
Marc Hoersken
e81bdab13e socks_sspi.c: added pointer guards to FreeContextBuffer calls
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
2014-04-18 23:24:41 +02:00
Marc Hoersken
54df616729 md5.c: fix use of uninitialized variable 2014-04-18 22:59:25 +02:00
Marc Hoersken
6f72c2fe31 curl_schannel.c: added explicit cast of structure pointers 2014-04-18 22:38:42 +02:00
Marc Hoersken
a703914e60 curl_schannel.c: fix possible dereference of null pointer 2014-04-18 22:36:12 +02:00
Steve Holme
0115ec2f13 RELEASE-NOTES: Synced with 33e0cba8f1 2014-04-18 20:35:01 +01:00
Steve Holme
33e0cba8f1 curl_easy_setopt: Updated CURLOPT_URL to include IMAP PARTIAL FETCH example 2014-04-18 20:23:45 +01:00
Steve Holme
d7ed8da43e imap: Extended FETCH support to include PARTIAL URL specifier 2014-04-18 20:14:09 +01:00
Steve Holme
e2c14bde22 url.c: Fixed typo in comment 2014-04-18 17:51:26 +01:00
Steve Holme
0d4af92aeb curl_easy_setopt: Updated CURLOPT_URL to include IMAP query string examples 2014-04-18 17:51:24 +01:00
Steve Holme
4c8c3da6e2 test810: Updated to use new IMAP URL query string functionality 2014-04-18 16:51:50 +01:00
Steve Holme
84c0aabe65 imap: Expanded mailbox SEARCH support to use URL query strings 2014-04-18 16:51:48 +01:00
Steve Holme
ca63d4feba imap: Added support for parsing URL query strings
Added support for parsing query strings from the URL as defined by
RFC-5092.
2014-04-18 16:43:57 +01:00
Steve Holme
f804378d16 imap: Introduced the SEARCH state 2014-04-18 15:32:13 +01:00
Steve Holme
2c6b41e98a imap: Fixed untagged response detection when no data after command
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
2014-04-18 15:01:57 +01:00
Steve Holme
0160cb2e19 build: Added Visual Studio 2012 (VC11) project files
Carrying on from commit 11025613b9 added VC11 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-18 10:28:11 +01:00
Steve Holme
cd1f746b86 build: Corrected Visual Studio solutions for DLL Release x64 2014-04-17 21:04:19 +01:00
Daniel Stenberg
b166117c60 README.http2: mention some alt-svc thoughts 2014-04-17 19:23:39 +02:00
Steve Holme
5a23aeb00d Makefile.am: Missed separator in commit fbaa2f8660 2014-04-16 23:50:17 +01:00
Steve Holme
fbaa2f8660 build: Added Visual Studio 2010 (VC10) project files
Carrying on from commit 11025613b9 added VC10 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-16 21:24:33 +01:00
Dan Fandrich
263ed02da6 url: only use if_nametoindex() if IFNAMSIZ is available 2014-04-14 08:02:06 +02:00
Dan Fandrich
b2e9c17a19 symbian: fixed typo in comment 2014-04-09 22:12:47 +02:00
Steve Holme
78e3844a4a build: Added Visual Studio 2008 (VC9) project files
Carrying on from commit 11025613b9, added VC9 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-09 00:20:44 +01:00
Steve Holme
b574e83079 sas: Added DIGEST-MD5 qop-option validation in native challange handling
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
2014-04-08 21:24:34 +01:00