#
b2523fc4 |
| 19-Apr-2024 |
Daniel Stenberg |
ftp: fix socket leak on rare error In the function AcceptServerConnect() the newly created socket would leak if Curl_conn_tcp_accepted_set() returns error. Which basically should nev
ftp: fix socket leak on rare error In the function AcceptServerConnect() the newly created socket would leak if Curl_conn_tcp_accepted_set() returns error. Which basically should never happen. Spotted by CodeSonar. Closes #13417
show more ...
|
#
e411c98f |
| 11-Apr-2024 |
Viktor Szakats |
build: prefer `USE_IPV6` macro internally (was: `ENABLE_IPV6`) Before this patch, two macros were used to guard IPv6 features in curl sources: `ENABLE_IPV6` and `USE_IPV6`. This patch ma
build: prefer `USE_IPV6` macro internally (was: `ENABLE_IPV6`) Before this patch, two macros were used to guard IPv6 features in curl sources: `ENABLE_IPV6` and `USE_IPV6`. This patch makes the source use the latter for consistency with other similar switches. `-DENABLE_IPV6` remains accepted for compatibility as a synonym for `-DUSE_IPV6`, when passed to the compiler. `ENABLE_IPV6` also remains the name of the CMake and `Makefile.vc` options to control this feature. Closes #13349
show more ...
|
#
8dd81bd5 |
| 21-Mar-2024 |
Stefan Eissing |
lib: add Curl_xfer_write_resp_hd Add method in protocol handlers to allow writing of a single, 0-terminated header line. Avoids parsing and copying these lines. Closes #13165
|
#
fcef00db |
| 08-Mar-2024 |
Stefan Eissing |
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete st
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
show more ...
|
#
a586b8ca |
| 07-Mar-2024 |
Stefan Eissing |
lib: client reader polish - seek_func/seek_client, use transfer values only - remove copies held in `struct connectdata`, use only ever `data->set.seek_func` - reso
lib: client reader polish - seek_func/seek_client, use transfer values only - remove copies held in `struct connectdata`, use only ever `data->set.seek_func` - resolves possible issues in multiuse connections - new mime post reader eliminates need to ever overwriting this - websockets, remove empty Curl_ws_done() function Closes #13079
show more ...
|
#
9978d40d |
| 06-Mar-2024 |
Stefan Eissing |
lib: add `void *ctx` to reader/writer instances - `struct Curl_cwriter` and `struct Curl_creader` now carry a `void *ctx` member that points to the instance as allocated. - using `
lib: add `void *ctx` to reader/writer instances - `struct Curl_cwriter` and `struct Curl_creader` now carry a `void *ctx` member that points to the instance as allocated. - using `r->ctx` and `w->ctx` as pointer to the instance specific struct that has been allocated Reported-by: Rudi Heitbaum Fixes #13035 Closes #13059
show more ...
|
#
ddb87160 |
| 01-Mar-2024 |
Dan Fandrich |
ftp: Mark a const buffer as const
|
#
59298221 |
| 14-Feb-2024 |
Stefan Eissing |
lib: send rework Curl_read/Curl_write clarifications - replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to 1clarify when and at what level they operate - sen
lib: send rework Curl_read/Curl_write clarifications - replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to 1clarify when and at what level they operate - send/recv of transfer related data is now done via `Curl_xfer_send()/Curl_xfer_recv()` which no longer has socket/socketindex as parameter. It decides on the transfer setup of `conn->sockfd` and `conn->writesockfd` on which connection filter chain to operate. - send/recv on a specific connection filter chain is done via `Curl_conn_send()/Curl_conn_recv()` which get the socket index as parameter. - rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for naming consistency - clarify that the special CURLE_AGAIN handling to return `CURLE_OK` with length 0 only applies to `Curl_xfer_send()` and CURLE_AGAIN is returned by all other send() variants. SingleRequest reshuffling - move functions into request.[ch] - differentiate between reset and free - add Curl_req_done() to perform last actions - add a send `bufq` to SingleRequest for future use in keeping upload data Closes #12963
show more ...
|
#
d8f01e09 |
| 09-Feb-2024 |
Stefan Eissing |
ftp: fix socket wait activity in ftp_domore_getsock - when waiting on the data connection, always add the control socket to the pollset on state STOP or let the pingpong add the socket
ftp: fix socket wait activity in ftp_domore_getsock - when waiting on the data connection, always add the control socket to the pollset on state STOP or let the pingpong add the socket according to its needs. Reported-by: Fabian Vogt Fixes #12901 Closes #12913
show more ...
|
#
e7fd32b9 |
| 06-Feb-2024 |
Stefan Eissing |
ftp: do lineend conversions in client writer - remove the ftp special handling from sendf.c - let ftp_do() add a client writer that does the linened conversions - change the li
ftp: do lineend conversions in client writer - remove the ftp special handling from sendf.c - let ftp_do() add a client writer that does the linened conversions - change the lineend conversion to no longer modify the passed buffer, but write smaller chunks to the next cwriter instead. The inefficiency of this will be mitigated once we add output buffering for all client writes. Closes #12878
show more ...
|
#
10491957 |
| 01-Feb-2024 |
Daniel Stenberg |
ftp: treat a 226 arriving before data as a signal to read data For active mode transfers. Due to some interesting timing, curl can sometimes get the 226 (transfer complete) over
ftp: treat a 226 arriving before data as a signal to read data For active mode transfers. Due to some interesting timing, curl can sometimes get the 226 (transfer complete) over the control channel first, before the data connection signals readability. If this happens, use that as a signal to check the data connection. Additionally, set the socket filter in listen mode *before* the PORT/EPRT command is issued, to reduce the risk that the little time gap could interfere. This issue never reproduced for me on Debian and takes several hundred rounds for me to trigger on my mac. Reported-by: Stefan Eissing Fixes #12823 Closes #12841
show more ...
|
#
a6c9a33b |
| 25-Jan-2024 |
Stefan Eissing |
file+ftp: use stack buffers instead of data->state.buffer Closes #12789
|
#
c2d97362 |
| 21-Jan-2024 |
Daniel Stenberg |
pingpong: stop using the download buffer The pingpong logic now uses its own dynbuf for receiving command response data. When the "final" response header for a commanad has been
pingpong: stop using the download buffer The pingpong logic now uses its own dynbuf for receiving command response data. When the "final" response header for a commanad has been received, that final line is left first in the recvbuf for the protocols to parse at will. If there is additional data behind the final response line, the 'overflow' counter is indicate how many bytes. Closes #12757
show more ...
|
#
d7b6ce64 |
| 01-Dec-2023 |
Stefan Eissing |
lib: replace readwrite with write_resp This clarifies the handling of server responses by folding the code for the complicated protocols into their protocol handlers. This concerns m
lib: replace readwrite with write_resp This clarifies the handling of server responses by folding the code for the complicated protocols into their protocol handlers. This concerns mainly HTTP and its bastard sibling RTSP. The terms "read" and "write" are often used without clear context if they refer to the connect or the client/application side of a transfer. This PR uses "read/write" for operations on the client side and "send/receive" for the connection, e.g. server side. If this is considered useful, we can revisit renaming of further methods in another PR. Curl's protocol handler `readwrite()` method been changed: ```diff - CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn, - const char *buf, size_t blen, - size_t *pconsumed, bool *readmore); + CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t blen, + bool is_eos, bool *done); ``` The name was changed to clarify that this writes reponse data to the client side. The parameter changes are: * `conn` removed as it always operates on `data->conn` * `pconsumed` removed as the method needs to handle all data on success * `readmore` removed as no longer necessary * `is_eos` as indicator that this is the last call for the transfer response (end-of-stream). * `done` TRUE on return iff the transfer response is to be treated as finished This change affects many files only because of updated comments in handlers that provide no implementation. The real change is that the HTTP protocol handlers now provide an implementation. The HTTP protocol handlers `write_resp()` implementation will get passed **all** raw data of a server response for the transfer. The HTTP/1.x formatted status and headers, as well as the undecoded response body. `Curl_http_write_resp_hds()` is used internally to parse the response headers and pass them on. This method is public as the RTSP protocol handler also uses it. HTTP/1.1 "chunked" transport encoding is now part of the general *content encoding* writer stack, just like other encodings. A new flag `CLIENTWRITE_EOS` was added for the last client write. This allows writers to verify that they are in a valid end state. The chunked decoder will check if it indeed has seen the last chunk. The general response handling in `transfer.c:466` happens in function `readwrite_data()`. This mainly operates now like: ``` static CURLcode readwrite_data(data, ...) { do { Curl_xfer_recv_resp(data, buf) ... Curl_xfer_write_resp(data, buf) ... } while(interested); ... } ``` All the response data handling is implemented in `Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()` implementation if available, or does the default behaviour. All raw response data needs to pass through this function. Which also means that anyone in possession of such data may call `Curl_xfer_write_resp()`. Closes #12480
show more ...
|
#
10584836 |
| 07-Jan-2024 |
Daniel Stenberg |
ftp: only consider entry path if it has a length Follow-up from 8edcfedc1a144f438bd1cdf814a0016cb Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65631 Avoids a
ftp: only consider entry path if it has a length Follow-up from 8edcfedc1a144f438bd1cdf814a0016cb Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65631 Avoids a NULL pointer deref. Closes #12648
show more ...
|
#
8edcfedc |
| 05-Jan-2024 |
Daniel Stenberg |
ftp: use memdup0 to store the OS from a SYST 215 response avoid malloc + direct buffer fiddle Closes #12639
|
#
f4beef52 |
| 05-Jan-2024 |
Daniel Stenberg |
ftp: use dynbuf to store entrypath avoid direct malloc Closes #12638
|
#
3829759b |
| 08-Dec-2023 |
Viktor Szakats |
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
show more ...
|
#
7c992dd9 |
| 08-Dec-2023 |
Daniel Stenberg |
lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding Since the copy does not stop at a null byte, let's not call it anything that makes you think it works like the common s
lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding Since the copy does not stop at a null byte, let's not call it anything that makes you think it works like the common strndup() function. Based on feedback from Jay Satiro, Stefan Eissing and Patrick Monnerat Closes #12490
show more ...
|
#
7309b9cb |
| 05-Dec-2023 |
Daniel Stenberg |
lib: strndup/memdup instead of malloc, memcpy and null-terminate - bufref: use strndup - cookie: use strndup - formdata: use strndup - ftp: use strndup - gtls: use aprin
lib: strndup/memdup instead of malloc, memcpy and null-terminate - bufref: use strndup - cookie: use strndup - formdata: use strndup - ftp: use strndup - gtls: use aprintf instead of malloc + strcpy * 2 - http: use strndup - mbedtls: use strndup - md4: use memdup - ntlm: use memdup - ntlm_sspi: use strndup - pingpong: use memdup - rtsp: use strndup instead of malloc, memcpy and null-terminate - sectransp: use strndup - socks_gssapi.c: use memdup - vtls: use dynbuf instead of malloc, snprintf and memcpy - vtls: use strdup instead of malloc + memcpy - wolfssh: use strndup Closes #12453
show more ...
|
#
c0dd06ec |
| 05-Dec-2023 |
Daniel Stenberg |
ftp: handle the PORT parsing without allocation Also reduces amount of *cpy() calls. Closes #12456
|
#
bc8509a7 |
| 07-Nov-2023 |
Sam James |
misc: fix -Walloc-size warnings GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` src/tool_operate.c: In function ‘add_per_transfer’: src/tool_operat
misc: fix -Walloc-size warnings GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` src/tool_operate.c: In function ‘add_per_transfer’: src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ for type ‘struct per_transfer’ with size ‘480’ [-Walloc-size] 213 | p = calloc(sizeof(struct per_transfer), 1); | ^ src/var.c: In function ‘addvariable’: src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type ‘struct var’ with size ‘32’ [-Walloc-size] 361 | p = calloc(sizeof(struct var), 1); | ^ ``` The calloc prototype is: ``` void *calloc(size_t nmemb, size_t size); ``` So, just swap the number of members and size arguments to match the prototype, as we're initialising 1 struct of size `sizeof(struct ...)`. GCC then sees we're not doing anything wrong. Closes #12292
show more ...
|
#
47f5b1a3 |
| 04-Sep-2023 |
Stefan Eissing |
lib: introduce struct easy_poll_set for poll information Connection filter had a `get_select_socks()` method, inspired by the various `getsocks` functions involved during the lifetime of
lib: introduce struct easy_poll_set for poll information Connection filter had a `get_select_socks()` method, inspired by the various `getsocks` functions involved during the lifetime of a transfer. These, depending on transfer state (CONNECT/DO/DONE/ etc.), return sockets to monitor and flag if this shall be done for POLLIN and/or POLLOUT. Due to this design, sockets and flags could only be added, not removed. This led to problems in filters like HTTP/2 where flow control prohibits the sending of data until the peer increases the flow window. The general transfer loop wants to write, adds POLLOUT, the socket is writeable but no data can be written. This leads to cpu busy loops. To prevent that, HTTP/2 did set the `SEND_HOLD` flag of such a blocked transfer, so the transfer loop cedes further attempts. This works if only one such filter is involved. If a HTTP/2 transfer goes through a HTTP/2 proxy, two filters are setting/clearing this flag and may step on each other's toes. Connection filters `get_select_socks()` is replaced by `adjust_pollset()`. They get passed a `struct easy_pollset` that keeps up to `MAX_SOCKSPEREASYHANDLE` sockets and their `POLLIN|POLLOUT` flags. This struct is initialized in `multi_getsock()` by calling the various `getsocks()` implementations based on transfer state, as before. After protocol handlers/transfer loop have set the sockets and flags they want, the `easy_pollset` is *always* passed to the filters. Filters "higher" in the chain are called first, starting at the first not-yet-connection one. Each filter may add sockets and/or change flags. When all flags are removed, the socket itself is removed from the pollset. Example: * transfer wants to send, adds POLLOUT * http/2 filter has a flow control block, removes POLLOUT and adds POLLIN (it is waiting on a WINDOW_UPDATE from the server) * TLS filter is connected and changes nothing * h2-proxy filter also has a flow control block on its tunnel stream, removes POLLOUT and adds POLLIN also. * socket filter is connected and changes nothing * The resulting pollset is then mixed together with all other transfers and their pollsets, just as before. Use of `SEND_HOLD` is no longer necessary in the filters. All filters are adapted for the changed method. The handling in `multi.c` has been adjusted, but its state handling the the protocol handlers' `getsocks` method are untouched. The most affected filters are http/2, ngtcp2, quiche and h2-proxy. TLS filters needed to be adjusted for the connecting handshake read/write handling. No noticeable difference in performance was detected in local scorecard runs. Closes #11833
show more ...
|
#
3b6d18bb |
| 03-Oct-2023 |
Viktor Szakats |
spelling: fix codespell 2.2.6 typos Closes #12019
|
#
88982574 |
| 19-Sep-2023 |
Stefan Eissing |
lib: disambiguate Curl_client_write flag semantics - use CLIENTWRITE_BODY *only* when data is actually body data - add CLIENTWRITE_INFO for meta data that is *not* a HEADER - debug a
lib: disambiguate Curl_client_write flag semantics - use CLIENTWRITE_BODY *only* when data is actually body data - add CLIENTWRITE_INFO for meta data that is *not* a HEADER - debug assertions that BODY/INFO/HEADER is not used mixed - move `data->set.include_header` check into Curl_client_write so protocol handlers no longer have to care - add special in FTP for `data->set.include_header` for historic, backward compatible reasons - move unpausing of client writes from easy.c to sendf.c, so that code is in one place and can forward flags correctly Closes #11885
show more ...
|