#
9126b141 |
| 30-Mar-2024 |
Daniel Stenberg |
curl: use curl_getenv instead of the curlx_ version The curlx one was once introduced when we still considered dropping the libcurl function at some point. To reduce confusion and to mak
curl: use curl_getenv instead of the curlx_ version The curlx one was once introduced when we still considered dropping the libcurl function at some point. To reduce confusion and to make it easier to understand when curl_free() should be used, use the actual libcurl function call directly instead. Closes #13230
show more ...
|
#
2efc111e |
| 25-Mar-2024 |
Daniel Stenberg |
curl: make --help adapt to the terminal width Instead of assuming and working with 80 colums, try figuring out what width is actually used. Ref: #13141 Closes #13171
|
#
3829759b |
| 08-Dec-2023 |
Viktor Szakats |
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
show more ...
|
#
e6bf2001 |
| 27-Nov-2023 |
Daniel Stenberg |
tool_cb_prg: make the carriage return fit for wide progress bars When the progress bar was made max width (256 columns), the fly() function attempted to generate its output buffer too lo
tool_cb_prg: make the carriage return fit for wide progress bars When the progress bar was made max width (256 columns), the fly() function attempted to generate its output buffer too long so that the trailing carriage return would not fit and then the output would show wrongly. The fly function is called when the expected total transfer is unknown, which could be one or more progress calls before the actual progress meter get shown when the expected transfer size is provided. This new take also replaces the msnprintf() call with a much simpler memset() for speed. Reported-by: Tim Hill Fixes #12407 Closes #12415
show more ...
|
#
e9a7d4a1 |
| 21-Nov-2023 |
Viktor Szakats |
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. T
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
show more ...
|
#
e5bb88b8 |
| 28-Sep-2023 |
Viktor Szakats |
tool: use our own stderr variable Earlier this year we changed our own stderr variable to use the standard name `stderr` (to avoid bugs where someone is using `stderr` instead of the
tool: use our own stderr variable Earlier this year we changed our own stderr variable to use the standard name `stderr` (to avoid bugs where someone is using `stderr` instead of the curl-tool specific variable). This solution needed to override the standard `stderr` symbol via the preprocessor. This in turn didn't play well with unity builds and caused curl tool to crash or stay silent due to an uninitialized stderr. This was a hard to find issue, fixed by manually breaking out one file from the unity sources. To avoid two these two tricks, this patch implements a different solution: Restore using our own local variable for our stderr output and leave `stderr` as-is. To avoid using `stderr` by mistake, add a `checksrc` rule (based on logic we already used in lib for `strerror`) that detects any `stderr` use in `src` and points to using our own variable instead: `tool_stderr`. Follow-up to 06133d3e9b8aeb9e9ca0b3370c246bdfbfc8619e Follow-up to 2f17a9b654121dd1ecf4fc043c6d08a9da3522db Closes #11958
show more ...
|
#
2f17a9b6 |
| 04-Mar-2023 |
Jay Satiro |
tool: improve --stderr handling - freopen stderr with the user-specified file (--stderr file) instead of using a separate 'errors' stream. - In tool_setup.h override stdio.h's
tool: improve --stderr handling - freopen stderr with the user-specified file (--stderr file) instead of using a separate 'errors' stream. - In tool_setup.h override stdio.h's stderr macro as global variable tool_stderr. Both freopen and overriding the stderr macro are necessary because if the user-specified filename is "-" then stdout is assigned to tool_stderr and no freopen takes place. See the PR for more information. Ref: https://github.com/curl/curl/issues/10491 Closes https://github.com/curl/curl/pull/10673
show more ...
|
#
83568266 |
| 23-Feb-2023 |
Daniel Stenberg |
misc: remove support for curl_off_t < 8 bytes Closes #10597
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
show more ...
|
#
74e9c779 |
| 27-Sep-2021 |
Daniel Stenberg |
tool_cb_prg: make resumed upload progress bar show better This is a regression that was *probably* injected in the larger progress bar overhaul in 2018. Reported-by: beslick5 on
tool_cb_prg: make resumed upload progress bar show better This is a regression that was *probably* injected in the larger progress bar overhaul in 2018. Reported-by: beslick5 on github Fixes #7760 Closes #7777
show more ...
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
#
78f642ff |
| 08-Mar-2021 |
Daniel Stenberg |
config: remove CURL_SIZEOF_CURL_OFF_T use only SIZEOF_CURL_OFF_T Make the code consistently use a single name for the size of the "curl_off_t" type. Closes #6702
|
Revision tags: curl-7_75_0, curl-7_74_0 |
|
#
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home Closes #6172
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0 |
|
#
9870b80f |
| 25-Jan-2020 |
Daniel Stenberg |
curl: make the -# spaceship bar not wrap the line The fixed-point math made us lose precision and thus a too high index value could be used for outputting the hashtags which could overwr
curl: make the -# spaceship bar not wrap the line The fixed-point math made us lose precision and thus a too high index value could be used for outputting the hashtags which could overwrite the newline. The fix increases the precision in the sine table (*100) and the associated position math. Reported-by: Andrew Potter Fixes #4849 Closes #4850
show more ...
|
#
c2feed05 |
| 14-Jan-2020 |
Daniel Stenberg |
curl:progressbarinit: ignore column width from terminals < 20 To avoid division by zero - or other issues. Reported-by: Daniel Marjamäki Closes #4818
|
#
ad0aa27a |
| 11-Jan-2020 |
Daniel Stenberg |
curl: remove 'config' field from OutStruct As it was just unnecessary duplicated information already stored in the 'per_transfer' struct and that's around mostly anyway. The dup
curl: remove 'config' field from OutStruct As it was just unnecessary duplicated information already stored in the 'per_transfer' struct and that's around mostly anyway. The duplicated pointer caused problems when the code flow was aborted before the dupe was filled in and could cause a NULL pointer access. Reported-by: Brian Carpenter Fixes #4807 Closes #4810
show more ...
|
Revision tags: curl-7_68_0 |
|
#
9a2cbf30 |
| 26-Nov-2019 |
John Schroeder |
curl: fix --upload-file . hangs if delay in STDIN Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION. When uploading from stdin in non-blocking mode, a delay in reading
curl: fix --upload-file . hangs if delay in STDIN Attempt to unpause a busy read in the CURLOPT_XFERINFOFUNCTION. When uploading from stdin in non-blocking mode, a delay in reading the stream (EAGAIN) causes curl to pause sending data (CURL_READFUNC_PAUSE). Prior to this change, a busy read was detected and unpaused only in the CURLOPT_WRITEFUNCTION handler. This change performs the same busy read handling in a CURLOPT_XFERINFOFUNCTION handler. Fixes #2051 Closes #4599 Reported-by: bdry on github
show more ...
|
Revision tags: curl-7_67_0, curl-7_66_0, curl-7_65_3 |
|
#
952998cb |
| 15-Jul-2019 |
Daniel Stenberg |
curl: only accept COLUMNS less than 10000 ... as larger values would rather indicate something silly (and could potentially cause buffer problems). Reported-by: pendrek at hacke
curl: only accept COLUMNS less than 10000 ... as larger values would rather indicate something silly (and could potentially cause buffer problems). Reported-by: pendrek at hackerone Closes #4114
show more ...
|
Revision tags: curl-7_65_2 |
|
#
6df5f35e |
| 10-Jun-2019 |
Daniel Gustafsson |
tool_cb_prg: Fix integer overflow in progress bar Commit 61faa0b420c236480bc9ef6fd52b4ecc1e0f8d17 fixed the progress bar width calculation to avoid integer overflow, but failed to accoun
tool_cb_prg: Fix integer overflow in progress bar Commit 61faa0b420c236480bc9ef6fd52b4ecc1e0f8d17 fixed the progress bar width calculation to avoid integer overflow, but failed to account for the fact that initial_size is initialized to -1 when the file size is retrieved from the remote on an upload, causing another signed integer overflow. Fix by separately checking for this case before the width calculation. Closes #3984 Reported-by: Brian Carpenter (Geeknik Labs) Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
Revision tags: curl-7_65_1, curl-7_65_0 |
|
#
d1b5cf83 |
| 05-Apr-2019 |
Marcel Raad |
build: fix Codacy/CppCheck warnings - remove unused variables - declare conditionally used variables conditionally - suppress unused variable warnings in the CMake tests - remove
build: fix Codacy/CppCheck warnings - remove unused variables - declare conditionally used variables conditionally - suppress unused variable warnings in the CMake tests - remove dead variable stores - consistently use WIN32 macro to detect Windows Closes https://github.com/curl/curl/pull/3739
show more ...
|
Revision tags: curl-7_64_1, curl-7_64_0 |
|
#
61faa0b4 |
| 10-Jan-2019 |
Daniel Stenberg |
tool_cb_prg: avoid integer overflow When calculating the progress bar width. Reported-by: Peng Li Fixes #3456 Closes #3458
|
Revision tags: curl-7_63_0 |
|
#
dcd6f810 |
| 22-Nov-2018 |
Daniel Stenberg |
snprintf: renamed and we now only use msnprintf() The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differen
snprintf: renamed and we now only use msnprintf() The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
show more ...
|
Revision tags: curl-7_62_0, curl-7_61_1, curl-7_61_0 |
|
#
c45360d4 |
| 02-Jun-2018 |
Marian Klymov |
cppcheck: fix warnings - Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over
cppcheck: fix warnings - Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
show more ...
|
Revision tags: curl-7_60_0, curl-7_59_0 |
|
#
1eb4f5ac |
| 31-Jan-2018 |
Ben Greear |
build: fix termios issue on android cross-compile Bug: https://curl.haxx.se/mail/lib-2018-01/0122.html Signed-off-by: Ben Greear <greearb@candelatech.com>
|
#
02b72806 |
| 24-Jan-2018 |
Daniel Stenberg |
progress-bar: don't use stderr explicitly, use bar->out Reported-By: Gisle Vanem Bug: https://github.com/curl/curl/commit/993dd5651a6c853bfe3870f6a69c7b329fa4e8ce#commitcomment-27070080
|