- Nov 01, 2016
-
-
Michael Kaufmann authored
follow-up to 46133aa5
-
Dan Fandrich authored
...to use the public function curl_strnequal(). This isn't ideal because it adds extra overhead to any internal calls to checkprefix. follow-up to 95bd2b3e
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Suggested-by: Dan Jacobson Issue: https://github.com/curl/curl/issues/1097
-
- Oct 31, 2016
-
-
Daniel Stenberg authored
... since the curlx_* code no longer provides one and we don't link libcurl to these test servers.
-
Daniel Stenberg authored
As they are after all part of the public API. Saves space and reduces complexity. Remove the strcase defines from the curlx_ family. Suggested-by: Dan Fandrich Idea: https://curl.haxx.se/mail/lib-2016-10/0136.html
-
Kamil Dudka authored
follow-up to 811a693b
-
Dan Fandrich authored
This should fix the "warning: 'curl_strequal' redeclared without dllimport attribute: previous dllimport ignored" message and subsequent link error on Windows because of the missing CURL_EXTERN on the prototype.
-
Daniel Stenberg authored
-
Daniel Stenberg authored
Follow-up to 811a693b
-
Dan Fandrich authored
This is a followup to commit 811a693b
-
Marcel Raad authored
Fix compile break from 811a693b
-
Dan Fandrich authored
The internal version strcasecompare isn't available outside libcurl
-
Daniel Stenberg authored
-
Daniel Stenberg authored
follow-up to 4f8d0b6f. Since the darwinssl code breaks otherwise. If you build without darwinssl 10.5 works fine.
-
Daniel Stenberg authored
as that is still part of the API, fix from 8fe4bd08
-
Daniel Stenberg authored
Fix bug from 811a693b
-
Daniel Stenberg authored
Mistake brought by 9c91ec77
-
Daniel Stenberg authored
These two public functions have been mentioned as deprecated since a very long time but since they are still part of the API and ABI we need to keep them around.
-
Daniel Stenberg authored
some more follow-ups to 811a693b
-
Daniel Stenberg authored
follow-up to 811a693b
-
Daniel Stenberg authored
-
Daniel Stenberg authored
... that will ignore lines that are too long to fit in the buffer. CVE-2016-8615 Bug: https://curl.haxx.se/docs/adv_20161102A.html Reported-by: Cure53
-
Daniel Stenberg authored
We had some confusions on when each function was used. We should not act differently on different locales anyway.
-
Daniel Stenberg authored
... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
-
Daniel Stenberg authored
... otherwise example.com/PATH and example.com/path would be assumed to be the same and they usually aren't!
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2016-8616 Bug: https://curl.haxx.se/docs/adv_20161102B.html Reported-by: Cure53
-
Daniel Stenberg authored
CVE-2016-8617 Bug: https://curl.haxx.se/docs/adv_20161102C.html Reported-by: Cure53
-
Daniel Stenberg authored
If the requested size is zero, bail out with error instead of doing a realloc() that would cause a double-free: realloc(0) acts as a free() and then there's a second free in the cleanup path. CVE-2016-8619 Bug: https://curl.haxx.se/docs/adv_20161102E.html Reported-by: Cure53
-
Daniel Stenberg authored
On 32bit systems we could otherwise wrap around after 2GB and allocate 0 bytes and crash. CVE-2016-8618 Bug: https://curl.haxx.se/docs/adv_20161102D.html Reported-by: Cure53
-
Daniel Stenberg authored
... which previously would lead to out of boundary reads. Reported-by: Luật Nguyễn
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2016-8620 Bug: https://curl.haxx.se/docs/adv_20161102F.html Reported-by: Luật Nguyễn
-
Daniel Stenberg authored
... and don't read outside of the given buffer! CVE-2016-8621 bug: https://curl.haxx.se/docs/adv_20161102G.html Reported-by: Luật Nguyễn
-
Daniel Stenberg authored
Since the internal Curl_urldecode() function has a better API.
-
Daniel Stenberg authored
CVE-2016-8622 Bug: https://curl.haxx.se/docs/adv_20161102H.html Reported-by: Cure53
-
Daniel Stenberg authored
Previously it only held references to them, which was reckless as the thread lock was released so the cookies could get modified by other handles that share the same cookie jar over the share interface. CVE-2016-8623 Bug: https://curl.haxx.se/docs/adv_20161102I.html Reported-by: Cure53
-
Daniel Stenberg authored
-
Daniel Stenberg authored
CVE-2016-8625 Bug: https://curl.haxx.se/docs/adv_20161102K.html Reported-by: Christian Heimes
-