- Oct 27, 2017
-
-
Marcel Raad authored
This avoids warnings about unused stuff. Closes https://github.com/curl/curl/pull/2023
-
Daniel Stenberg authored
"PR-welcome" was the former name.
-
Daniel Stenberg authored
-
Martin Storsjo authored
If WINAPI_FAMILY is defined, it should be safe to try to include winapifamily.h to check what the define evaluates to. This should fix detection of CURL_WINDOWS_APP if building with _WIN32_WINNT set to 0x0600. Closes #2025
-
- Oct 26, 2017
-
-
Jay Satiro authored
- When uploading via chunked-encoding don't compare file size to bytes sent to determine whether the upload has finished. Chunked-encoding adds its own overhead which why the bytes sent is not equal to the file size. Prior to this change if a file was uploaded in chunked-encoding and its size was known it was possible that the upload could end prematurely without sending the final few chunks. That would result in a server hang waiting for the remaining data, likely followed by a disconnect. The scope of this bug is limited to some arbitrary file sizes which have not been determined. One size that triggers the bug is 475020. Bug: https://github.com/curl/curl/issues/2001 Reported-by: <moohoorama@users.noreply.github.com> Closes https://github.com/curl/curl/pull/2010
-
Daniel Stenberg authored
... by using curl_off_t for the typedef if time_t is larger than 4 bytes. Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/commit/b9d25f9a6b3ca791385b80a6a3c3fa5ae113e1e0#co mmitcomment-25205058 Closes #2019
-
Daniel Stenberg authored
... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
-
Max Dymond authored
Fixes timeouts in the fuzzing tests for non-FTP protocols. Closes #2016
-
- Oct 25, 2017
-
-
Max Dymond authored
Allow users to specify their own hash define for CURL_CONNECTION_HASH_SIZE so that both values can be overridden. Closes #1982
-
Daniel Stenberg authored
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
-
Daniel Stenberg authored
-
Max Dymond authored
When using the FTP list parser, ensure that the memory that's allocated is always freed. Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3682 Closes #2013
-
Daniel Stenberg authored
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
-
- Oct 24, 2017
-
-
Paul Howarth authored
They use $(TESTUTIL) and thus should use $(TESTUTIL_LIBS) too. This fixes build failures on Fedora 13. Closes #2006
-
Alessandro Ghedini authored
closes #2008
-
- Oct 23, 2017
-
-
Alessandro Ghedini authored
-
Daniel Stenberg authored
-
Max Dymond authored
We don't expect any steps to fail in travis. Exit the script if they do. Closes #1966
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
- Oct 22, 2017
-
-
Jon DeVree authored
Aurora is no longer used by Mozilla https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
-
Jon DeVree authored
The 'tip' is the most recent branch committed to, this should be 'default' like the URLs for the browser are. Closes #1998
-
Daniel Stenberg authored
CVE-2017-1000257 Reported-by: Brian Carpenter and 0xd34db347 Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
-
- Oct 20, 2017
-
-
Daniel Stenberg authored
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
-
Patrick Monnerat authored
See issue #1999
-
Patrick Monnerat authored
The contents might have changed: size must be recomputed. Reported-by: moteus on github Fixes #1999
-
- Oct 19, 2017
-
-
Patrick Monnerat authored
Even if OpenSSL is enabled, it might not be the default backend when multi-ssl is enabled, causing the test to fail.
-
Patrick Monnerat authored
-
Patrick Monnerat authored
On OS/400, `close' is an ASCII system macro that corrupts the code if not used in a context not targetting the close() system API.
-
Patrick Monnerat authored
Also adjust makefile to renamed files and warn about installation dirs mix-up.
-
Patrick Monnerat authored
-
Patrick Monnerat authored
-
- Oct 16, 2017
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... filter early instead of risking "funny values" having to be dealt with elsewhere.
-
Daniel Stenberg authored
... that are multiplied by 1000 when stored. For 32 bit long systems, the max value accepted (2147483 seconds) is > 596 hours which is unlikely to ever be set by a legitimate application - and previously it didn't work either, it just caused undefined behavior. Also updated the man pages for these timeout options to mention the return code. Closes #1938
-
- Oct 15, 2017
-
-
Viktor Szakats authored
Allow to ovverride certain build tools, making it possible to use LLVM/Clang to build curl. The default behavior is unchanged. To build with clang (as offered by MSYS2), these settings can be used: CURL_CC=clang CURL_AR=llvm-ar CURL_RANLIB=llvm-ranlib Closes https://github.com/curl/curl/pull/1993
-
Viktor Szakats authored
Use memset() to initialize a structure to avoid LLVM/Clang warning: ldap.c:193:39: warning: missing field 'UserLength' initializer [-Wmissing-field-initializers] Closes https://github.com/curl/curl/pull/1992
-
- Oct 14, 2017
-
-
Daniel Stenberg authored
NOTE: it makes them terribly slow. I recommend only using valgrind for specific torture tests or using lots of patience.
-
Daniel Stenberg authored
... to allow them to be included in torture tests too. closes #1980
-
Daniel Stenberg authored
... we used it only for the fuzzer, which we now have in a separate git repo. Closes #1990
-