Commit Graph

100 Commits

Author SHA1 Message Date
Jay Satiro
4fc80f3e75 tool_doswin: Support for literal path prefix \\?\
For example something like --output \\?\C:\foo
2016-02-09 03:28:58 -05:00
Jay Satiro
a6208704e7 unit1604: Fix unit setup return code 2016-02-05 13:37:39 -05:00
Jay Satiro
4520534e6d tool_doswin: Improve sanitization processing
- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.


Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
2016-02-05 01:44:27 -05:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
41ae9f717a dotdot: allow an empty input string too
It isn't used by the code in current conditions but for safety it seems
sensible to at least not crash on such input.

Extended unit test 1395 to verify this too as well as a plain "/" input.
2016-02-02 22:43:54 +01:00
dfandrich
eb3703f052 unit1603: Demote hash mismatch failure to a warning
The hashes can vary between architectures (e.g. Sparc differs from x86_64).
This is not a fatal problem but just reduces the coverage of these white-box
tests, as the assumptions about into which hash bucket each key falls are no
longer valid.
2015-11-12 23:50:18 +01:00
dfandrich
d7e352402c unit1603: Added unit tests for hash functions 2015-11-12 22:49:32 +01:00
dfandrich
278ea24a7a unit1602: Fixed failure in torture test 2015-11-12 22:47:37 +01:00
Dan Fandrich
3fde8a4971 test1601: fix compilation with --enable-debug and --disable-crypto-auth 2015-10-16 23:04:54 +02:00
Anthony Avina
4883f7019d hostip: fix unintended destruction of hash table
.. and added unit1602 for hash.c
2015-05-18 11:15:43 +02:00
Daniel Stenberg
b419e7ae0c hostcache: made all host caches use structs, not pointers
This avoids unnecessary dynamic allocs and as this also removed the last
users of *hash_alloc() and *hash_destroy(), those two functions are now
removed.
2015-05-12 09:46:53 +02:00
Kamil Dudka
27ace9893c tests/unit/.gitignore: hide unit1601 and above, too 2015-04-22 14:20:20 +02:00
Stefan Bühler
0db831976e fix refreshing of obsolete dns cache entries
- cache entries must be also refreshed when they are in use
- have the cache count as inuse reference too, freeing timestamp == 0 special
  value
- use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
- remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
- fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
  reference anymore, and it would also release non CURLOPT_RESOLVE references
- fix locking in Curl_hostcache_clean
- fix unit1305.c: hash now keeps a reference, need to set inuse = 1
2015-04-03 16:46:14 +02:00
Markus Elfring
29c655c0a6 Bug #149: Deletion of unnecessary checks before calls of the function "free"
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first

This issue was fixed by using the software Coccinelle 1.0.0-rc24.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-16 12:13:56 +01:00
Daniel Stenberg
709cf76f6b openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.
2015-03-05 10:57:52 +01:00
Dan Fandrich
d37b58274d unit1600: Fix compilation when NTLM is disabled 2015-02-04 22:59:14 +01:00
Daniel Stenberg
b3cbf4500d unit1601: MD5 unit tests 2015-02-03 23:05:55 +01:00
Daniel Stenberg
83bb07027d unit1600: unit test for Curl_ntlm_core_mk_nt_hash 2015-02-03 21:03:11 +01:00
Daniel Stenberg
6b68aa989c unit1600: NTLM unit test 2015-02-03 20:37:44 +01:00
Patrick Monnerat
265b9a2e49 vtls: remove QsoSSL 2014-10-13 16:33:47 +02:00
Daniel Stenberg
e1b13eba75 Curl_base64url_encode: unit-tested in 1302 2014-07-25 08:38:16 +02:00
Dan Fandrich
45c93dad1d Fixed some "statement not reached" warnings 2014-07-12 01:45:26 +02:00
Daniel Stenberg
84bd19ffd4 timers: fix timer regression involving redirects / reconnects
In commit 0b3750b5c2 (released in 7.36.0) we fixed a timeout issue
but instead broke the timings.

To fix this, I introduce a new timestamp to use for the timeouts and
restored the previous timestamp and timestamp position so that the old
timer functionality is restored.

In addition to that, that change also broke connection timeouts for when
more than one connect was used (as it would then count the total time
from the first connect and not for the most recent one). Now
Curl_timeleft() has been modified so that it checks against different
start times depending on which timeout it checks.

Test 1303 is updated accordingly.

Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html
Reported-by: Ryan Braud
2014-05-15 21:28:19 +02:00
Daniel Stenberg
812da4190f mprintf: allow %.s with data not being zero terminated
If the precision is indeed shorter than the string, don't strlen() to
find the end because that's not how the precision operator works.

I also added a unit test for curl_msnprintf to make sure this works and
that the fix doesn't a few other basic use cases. I found a POSIX
compliance problem that I marked TODO in the unit test, and I figure we
need to add more tests in the future.

Reported-by: Török Edwin
2014-05-04 23:39:52 +02:00
Steve Holme
78ca3c6830 copyright: Updated following recent edits 2014-04-28 23:20:52 +01:00
Dan Fandrich
ef1322df67 Added a few more const where possible 2014-04-29 00:05:19 +02:00
Dan Fandrich
970ce28c12 unit1395: Fixed null pointer dereference on torture test 2014-04-28 17:14:46 +02:00
Dan Fandrich
7cb763cf57 test1397: Fixed compilation with some SSL backends
The test is only valid when one of four SSL backends is in use,
and must otherwise return success.
2014-03-26 22:08:53 +01:00
Richard J. Moore
4d06b27921 test1397: unit test for certificate name wildcard handling 2014-03-25 23:01:37 +01:00
Dan Fandrich
f00899d73e unit1304: make the test pass the OOM torture tests 2014-01-28 23:47:20 +01:00
Dan Fandrich
00b1e52823 unit1396: make the test pass the OOM torture tests 2014-01-28 23:27:22 +01:00
Marc Hoersken
d28b70d152 unittests: do not include curl_memory.h
memdebug.h already contains all required definitions and including
curl_memory.h causes errors like the following:

tests/unit/unit1394.c:119: undefined reference to `Curl_cfree'
tests/unit/unit1394.c:120: undefined reference to `Curl_cfree'
2014-01-03 12:30:23 +01:00
Steve Holme
c92c30edbd base64: Extended validation to look for invalid characters
Extended the basic validation in commit e17c1b25bc to return a
failure when invalid base64 characters are included.
2013-12-01 11:12:23 +00:00
Steve Holme
e17c1b25bc base64: Added basic validation to base64 input string when decoding
A base64 string should be a multiple of 4 characters in length, not
contain any more than 2 padding characters and only contain padding
characters at the end of string. For example: Y3VybA==

Strings such as the following are considered invalid:

Y=   - Invalid length
Y==  - Invalid length
Y=== - More than two padding characters
Y=x= - Padding character contained within string
2013-10-30 07:31:22 +00:00
Daniel Stenberg
d737aa19c8 unit1304: include memdebug and free everything correctly 2013-08-29 12:50:15 +02:00
Jonathan Nieder
36585b5395 netrc: handle longer username and password
libcurl truncates usernames and passwords it reads from .netrc to
LOGINSIZE and PASSWORDSIZE (64) characters without any indication to
the user, to ensure the values returned from Curl_parsenetrc fit in a
caller-provided buffer.

Fix the interface by passing back dynamically allocated buffers
allocated to fit the user's input.  The parser still relies on a
256-character buffer to read each line, though.

So now you can include an ~246-character password in your .netrc,
instead of the previous limit of 63 characters.

Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Daniel Stenberg
7877619f85 dotdot: introducing dot file path cleanup
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
2013-06-22 14:15:07 +02:00
Daniel Stenberg
0de7249bb3 unit1396: unit tests to verify curl_easy_(un)escape 2013-06-22 11:21:35 +02:00
Daniel Stenberg
8dac7be438 build: fixed unit1394 for debug and metlink builds 2013-05-06 23:28:04 +02:00
Kamil Dudka
bcf1b9dec1 unit1394.c: plug the curl tool unit test in 2013-05-06 15:03:13 +02:00
Jared Jennings
b045d079f8 unit1394.c: basis of a unit test for parse_cert_parameter() 2013-05-06 15:03:13 +02:00
Kamil Dudka
683f2b8323 src/Makefile.am: build static lib for unit tests if enabled 2013-05-06 15:03:12 +02:00
Yang Tse
8ce915c7a4 unit1330.c: fix date 2013-03-15 20:05:03 +01:00
Yang Tse
1700668d78 tests: add #96 #558 and #1330
These verfy that the 'memory tracking' subsystem is actually doing its
job when using curl tool (#96), a test in libtest (#558) and also a unit
test (#1330), in order to prevent regressions in this functionallity.
2013-03-15 19:59:51 +01:00
Yang Tse
83a42ee20e curl.h: stricter CURL_EXTERN linkage decorations logic
No API change involved.

Info: http://curl.haxx.se/mail/lib-2013-02/0234.html
2013-03-12 00:27:47 +01:00
Yang Tse
63605d281f Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables 2013-01-20 04:20:02 +01:00
Yang Tse
4b401b2d99 build: use per-target '_CPPFLAGS' for those currently using default
Automake documents that doing this will make it choose a different name
for intermediate object files even when sharing source files across
targets of same Makefile.am.

Up to automake 1.13.1 target's intermediate object files were placed
in the build subdirectory of the target. We depended on this, probably
undocumented behavior, to achieve same behavior as if a per-target flag
had been specified when building targets that actually belong to
different Makefile.am files.

It seems automake 1.13.2 is going to break behavior mentioned above.

So, lets use a documented behavior in order to achieve same purpose,
across automake versions, no matter where automake wishes to place
intermediate object files.

Our build targets that already were using a per-target '_CFLAGS' or
'_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only
Makefile.am or Makefile.in files in libcurl's source tree touched by
this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc.
2013-01-15 16:31:50 +01:00
Yang Tse
5a053ffe80 build: fix circular header inclusion with other packages
This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.

Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]

Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]

----------------------------------------

1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
    up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
    this single inclusion guard is enough to ensure that inclusion of
    lib/setup_once.h done from lib/setup.h is only done once.

    Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
    protect inclusion of setup_once.h even after commit ec691ca3, this
    was to avoid a circular header inclusion triggered when building a
    c-ares enabled version with c-ares sources available which also has
    a setup_once.h header. Commit ec691ca3 exposes the real nature of
    __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
    foreign to libcurl belonging to c-ares's setup_once.h

    The renaming this commit does, fixes the circular header inclusion,
    and as such removes the need and usage of a header inclusion guard
    foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.

2 - Due to the circular interdependency of old lib/setup_once.h and the
    c-ares setup_once.h header, old file lib/setup_once.h has carried
    back from 2006 up to now days an alarming and prominent notice about
    the need of keeping libcurl's and c-ares's setup_once.h in sync.

    Given that this commit fixes the circular interdependency, the need
    and presence of mentioned notice is removed.

    All mentioned interdependencies come back from now old days when
    the c-ares project lived inside a curl subdirectory. This commit
    removes last traces of such fact.
2013-01-09 00:49:50 +01:00
Yang Tse
4a5aa6682d Revert changes relative to lib/*.[ch] recent renaming
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

  f871de0... build: make use of 76 lib/*.h renamed files
  ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

  c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

  13606bb... build: make use of 93 lib/*.c renamed files
  5b6e792... build: rename 93 lib/*.c files
  7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

  http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

  http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

  http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

  lib/curl_imap.h
  lib/curl_smtp.h
2013-01-06 18:20:27 +01:00
Yang Tse
f871de0064 build: make use of 76 lib/*.h renamed files
76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.
2012-12-28 19:37:11 +01:00