- Mar 20, 2018
-
-
Daniel Stenberg authored
Make the integer overflow check not rely on the undefined behavior that a size_t wraps around on overflow. Detected by lgtm.com Closes #2408
-
Daniel Stenberg authored
Detected by lgtm.com
-
Daniel Stenberg authored
Detected by lgtm.com
-
Jay Satiro authored
-
- Mar 19, 2018
-
-
Nikos Tsipinakis authored
RFC822 section 5.2 mentions Universal Time, 'UT', to be synonymous with GMT. Closes #2401
-
Daniel Stenberg authored
-
Don authored
Currently CMake cannot detect Brotli support. This adds detection of the libraries and associated header files. It also adds this to the generated config. Closes #2392
-
- Mar 18, 2018
-
-
Chris Araman authored
-
Patrick Monnerat authored
-
- Mar 17, 2018
-
-
Rick Deist authored
This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request shuffling of IP addresses returned for a hostname when there is more than one. This is useful when the application knows that a round robin approach is appropriate and is willing to accept the consequences of potentially discarding some preference order returned by the system's implementation. Closes #1694
-
Daniel Stenberg authored
To offer applications a more defined behavior, we clear the buffer as early as possible. Assisted-by: Jay Satiro Fixes #2190 Closes #2377
-
Lawrence Matthews authored
Add --haproxy-protocol for the command line tool Closes #2162
-
Daniel Stenberg authored
Reported-by: Vincas Razma Fixes #2364
-
- Mar 16, 2018
-
-
Daniel Stenberg authored
When a transfer is requested to get done and it is put in the pending queue when limited by number of connections, total or per-host, libcurl would previously very aggressively retry *ALL* pending transfers to get them transferring. That was very time consuming. By reducing the aggressiveness in how pending are being retried, we waste MUCH less time on putting transfers back into pending again. Some test cases got a factor 30(!) speed improvement with this change. Reported-by: Cyril B Fixes #2369 Closes #2383
-
Daniel Stenberg authored
Especially unpausing a transfer might have to move the socket back to the "currently used sockets" hash to get monitored. Otherwise it would never get any more data and get stuck. Easily triggered with pausing using the multi_socket API. Reported-by: Philip Prindeville Bug: https://curl.haxx.se/mail/lib-2018-03/0048.html Fixes #2393 Closes #2391
-
Philip Prindeville authored
* use member struct event’s instead of pointers to alloc’d struct events * simplify the cases for the mcode_or_die() function via macros; * make multi_timer_cb() actually do what the block comment says it should; * accept a “stop” command on the FIFO to shut down the service; * use cleaner notation for unused variables than the (void) hack; * allow following redirections (304’s);
-
Daniel Stenberg authored
Due to very frequent updates of the rate limit "window", it could attempt to rate limit within the same milliseconds and that then made the calculations wrong, leading to it not behaving correctly on very fast transfers. This new logic updates the rate limit "window" to be no shorter than the last three seconds and only updating the timestamps for this when switching between the states TOOFAST/PERFORM. Reported-by: 刘佩东 Fixes #2386 Closes #2388
-
luz.paz authored
Found via `codespell` Closes #2389
-
Daniel Stenberg authored
-
- Mar 15, 2018
-
-
Kobi Gurkan authored
Closes #2387
-
Daniel Stenberg authored
Bug: https://github.com/curl/curl/issues/2381
-
Daniel Stenberg authored
This is what "HTTP/0.9" basically looks like. Reported on IRC Closes #2382
-
Daniel Stenberg authored
It fails somewhere between every 3rd to 10th travis-CI run
-
- Mar 14, 2018
-
-
Daniel Stenberg authored
-
dasimx authored
Fixes #2380
-
- Mar 13, 2018
-
-
Daniel Stenberg authored
-
Kamil Dudka authored
Detected by Coverity Analysis: Error: IDENTIFIER_TYPO: curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: identifier_typo: Using "SuportedMech" appears to be a typo: * Identifier "SuportedMech" is only known to be referenced here, or in copies of this code. * Identifier "SupportedMech" is referenced elsewhere at least 4 times. curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2651: identifier_use: Example 1: Using identifier "SupportedMech". curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2308: identifier_use: Example 2: Using identifier "SupportedMech". curl-7.58.0/tests/python_dependencies/impacket/spnego.py:252: identifier_use: Example 3: Using identifier "SupportedMech" (2 total uses in this function). curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: remediation: Should identifier "SuportedMech" be replaced by "SupportedMech"? Closes #2379
-
Daniel Stenberg authored
Reported-by: Aron Bergman Bug: https://curl.haxx.se/mail/lib-2018-03/0049.html [ci skip]
-
- Mar 12, 2018
-
-
Daniel Stenberg authored
This reverts commit a577059f. The assignment really needs to be there or we risk working with an uninitialized pointer.
-
Michael Kaufmann authored
follow-up to 72a0f625
-
Viktor Szakats authored
To sync it with changes made for the libssh2 project. Also cleanup some whitespace.
-
Viktor Szakats authored
-
Viktor Szakats authored
-
Daniel Stenberg authored
... don't consider it an error! Assisted-by: Jay Satiro Reported-by: Łukasz Domeradzki Fixes #2365 Closes #2375
-
Daniel Stenberg authored
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2018-1000121 Reported-by: Dario Weisser Bug: https://curl.haxx.se/docs/adv_2018-97a2.html
-
Daniel Stenberg authored
Refuse to operate when given path components featuring byte values lower than 32. Previously, inserting a %00 sequence early in the directory part when using the 'singlecwd' ftp method could make curl write a zero byte outside of the allocated buffer. Test case 340 verifies. CVE-2018-1000120 Reported-by: Duy Phan Thanh Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html
-
Daniel Stenberg authored
CVE-2018-1000122 Bug: https://curl.haxx.se/docs/adv_2018-b047.html Detected by OSS-fuzz
-
- Mar 11, 2018
-
-
Daniel Stenberg authored
-