- Oct 04, 2014
-
-
Daniel Stenberg authored
Coverity CID 1241950. The pointer is never NULL but it might point to NULL.
-
Daniel Stenberg authored
Coverity CID 1241947. Since if sscanf() fails, the previously set value remains set.
-
Daniel Stenberg authored
Coverity pointed out several of these.
-
- Oct 03, 2014
-
-
Daniel Stenberg authored
Coverity CID 982331.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Coverify CID 1157776. Removed a superfluous if() that always evaluated true (and an else clause that never ran), and then re-indented the function accordingly.
-
Daniel Stenberg authored
Coverity CID 1215284. The server name is extracted with Curl_copy_header_value() and passed in to this function, and copy_header_value can actually can fail and return NULL.
-
Daniel Stenberg authored
-
Jeremy Lin authored
For private keys, use the first match from: user-specified key file (if provided), ~/.ssh/id_rsa, ~/.ssh/id_dsa, ./id_rsa, ./id_dsa Note that the previous code only looked for id_dsa files. id_rsa is now generally preferred, as it supports larger key sizes. For public keys, use the user-specified key file, if provided. Otherwise, try to extract the public key from the private key file. This means that passing --pubkey is typically no longer required, and makes the key-handling behavior more like OpenSSH.
-
Daniel Stenberg authored
-
- Oct 02, 2014
-
-
Daniel Stenberg authored
Coverity CID 1202836. If the proxy environment variable returned an empty string, it would be leaked. While an empty string is not really a proxy, other logic in this function already allows a blank string to be returned so allow that here to avoid the leak.
-
Daniel Stenberg authored
Coverity CID 1202837. There's a potential risk that 'newurl' gets overwritten when it was already pointing to allocated memory.
-
Daniel Stenberg authored
Coverity CID 1215287. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
-
Daniel Stenberg authored
Coverity CID 1215296. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
-
Daniel Stenberg authored
Coverity detected this. CID 1241954. When Curl_poll() returns a negative value 'mcode' was uninitialized. Pretty harmless since this is debug code only and would at worst cause an error to _not_ be returned...
-
- Oct 01, 2014
-
-
Daniel Stenberg authored
and separate the example URLs with newlines
-
- Sep 30, 2014
-
-
Bill Nagel authored
This patch fixes the "SSL3_WRITE_PENDING: bad write retry" error that sometimes occurs when sending an email over SMTPS with OpenSSL. OpenSSL appears to require the same pointer on a write that follows a retry (CURLE_AGAIN) as discussed here: http://stackoverflow.com/questions/2997218/why-am-i-getting-error1409f07fssl-routinesssl3-write-pending-bad-write-retr
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Mostly because we use C strings and they end at a binary zero so we know we can't open a file name using an embedded binary zero. Reported-by: <research@g0blin.co.uk>
-
- Sep 26, 2014
-
-
Dan Fandrich authored
-
- Sep 25, 2014
-
-
Yousuke Kimoto authored
-
Michael Wallner authored
-
- Sep 23, 2014
-
-
Daniel Stenberg authored
The switch to using Curl_expire_latest() in commit cacdc27f was a mistake and was against the advice even mentioned in that commit. The comparison in asyn-thread.c:Curl_resolver_is_resolved() makes Curl_expire() the suitable function to use. Bug: http://curl.haxx.se/bug/view.cgi?id=1426 Reported-By: graysky
-
- Sep 19, 2014
-
-
Daniel Stenberg authored
-
Steve Holme authored
Added initial support for WinIDN build configurations to the VC10+ project files.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
As we weren't using the correct phonetic description and doing it correctly involves funny letters that I'm sure will cause problems for people in a text document so I instead rephrased it and link to a WAV file with a person actually saying 'curl'. Reported-By: Dimitar Boevski
-
- Sep 18, 2014
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Reported-By: Jonathan Cardoso Machado URL: http://curl.haxx.se/mail/lib-2014-09/0102.html
-
- Sep 15, 2014
-
-
Daniel Stenberg authored
-
- Sep 13, 2014
-
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... to further remove specific TLS backend knowledge from url.c
-
Daniel Stenberg authored
-
Catalin Patulea authored
Missed this in af45542c . Signed-off-by: Catalin Patulea <cat@vv.carleton.ca>
-
Daniel Stenberg authored
-
Tatsuhiro Tsujikawa authored
Previously we did not handle EOF from underlying transport socket and wrongly just returned error code CURL_AGAIN from http2_recv, which caused busy loop since socket has been closed. This patch adds the code to handle EOF situation and tells the upper layer that we got EOF.
-
Steve Holme authored
-
Steve Holme authored
-
Marcel Raad authored
Bug: http://curl.haxx.se/bug/view.cgi?id=1422 Verified-by: Steve Holme
-