#
9126b141 |
| 30-Mar-2024 |
Daniel Stenberg |
curl: use curl_getenv instead of the curlx_ version The curlx one was once introduced when we still considered dropping the libcurl function at some point. To reduce confusion and to mak
curl: use curl_getenv instead of the curlx_ version The curlx one was once introduced when we still considered dropping the libcurl function at some point. To reduce confusion and to make it easier to understand when curl_free() should be used, use the actual libcurl function call directly instead. Closes #13230
show more ...
|
#
e9a7d4a1 |
| 21-Nov-2023 |
Viktor Szakats |
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. T
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
show more ...
|
#
f198d33e |
| 18-May-2023 |
Emanuele Torre |
checksrc: disallow spaces before labels Out of 415 labels throughout the code base, 86 of those labels were not at the start of the line. Which means labels always at the start of th
checksrc: disallow spaces before labels Out of 415 labels throughout the code base, 86 of those labels were not at the start of the line. Which means labels always at the start of the line is the favoured style overall with 329 instances. Out of the 86 labels not at the start of the line: * 75 were indented with the same indentation level of the following line * 8 were indented with exactly one space * 2 were indented with one fewer indentation level then the following line * 1 was indented with the indentation level of the following line minus three space (probably unintentional) Co-Authored-By: Viktor Szakats Closes #11134
show more ...
|
#
8ff82038 |
| 16-Apr-2023 |
Daniel Stenberg |
src/tool_operhlp.c: fix value stored to 'uerr' is never read Ref: https://github.com/curl/curl/pull/10974#issuecomment-1510461343 Reported-by: Viktor Szakats Closes #10982
|
#
54ac447b |
| 14-Apr-2023 |
Daniel Stenberg |
curl: do NOT append file name to path for upload when there's a query Added test 425 to verify. Reported-by: Dirk Rosenkranz Bug: https://curl.se/mail/archive-2023-04/0008.html
curl: do NOT append file name to path for upload when there's a query Added test 425 to verify. Reported-by: Dirk Rosenkranz Bug: https://curl.se/mail/archive-2023-04/0008.html Closes #10969
show more ...
|
#
df3722a4 |
| 06-Feb-2023 |
Dan Fandrich |
tool_operate: Fix error codes during DOS filename sanitize It would return CURLE_URL_MALFORMAT in an OOM condition. Closes #10414
|
#
349c5391 |
| 05-Feb-2023 |
Dan Fandrich |
tool_operate: Fix error codes on bad URL & OOM curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead of CURLE_URL_MALFORMAT. In other cases, it would erroneously return
tool_operate: Fix error codes on bad URL & OOM curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead of CURLE_URL_MALFORMAT. In other cases, it would erroneously return CURLE_URL_MALFORMAT instead of CURLE_OUT_OF_MEMORY. Add a test case to test the former condition. Fixes #10130 Closes #10414
show more ...
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
ec977b05 |
| 17-Oct-2022 |
Daniel Stenberg |
tool_operate: more transfer cleanup after parallel transfer fail In some circumstances when doing parallel transfers, the single_transfer_cleanup() would not be called and then 'inglob'
tool_operate: more transfer cleanup after parallel transfer fail In some circumstances when doing parallel transfers, the single_transfer_cleanup() would not be called and then 'inglob' could leak. Test 496 verifies Reported-by: Trail of Bits Closes #9749
show more ...
|
#
671adfa4 |
| 10-Oct-2022 |
Daniel Stenberg |
curl/get_url_file_name: use libcurl URL parser To avoid URL tricks, use the URL parser for this. This update changes curl's behavior slightly in that it will ignore the possible
curl/get_url_file_name: use libcurl URL parser To avoid URL tricks, use the URL parser for this. This update changes curl's behavior slightly in that it will ignore the possible query part from the URL and only use the file name from the actual path from the URL. I consider it a bugfix. "curl -O localhost/name?giveme-giveme" will now save the output in the local file named 'name' Updated test 1210 to verify Assisted-by: Jay Satiro Closes #9684
show more ...
|
#
d24a2ffe |
| 10-Oct-2022 |
Daniel Stenberg |
curl/add_file_name_to_url: use the libcurl URL parser instead of the custom error-prone parser, to extract and update the path of the given URL Closes #9683
|
#
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
show more ...
|
#
26101421 |
| 03-Feb-2022 |
Daniel Stenberg |
lib: remove support for CURL_DOES_CONVERSIONS TPF was the only user and support for that was dropped. Closes #8378
|
#
265b14d6 |
| 01-Jun-2021 |
Daniel Stenberg |
metalink: remove Warning: this will make existing curl command lines that use metalink to stop working. Reasons for removal: 1. We've found several security problems an
metalink: remove Warning: this will make existing curl command lines that use metalink to stop working. Reasons for removal: 1. We've found several security problems and issues involving the metalink support in curl. The issues are not detailed here. When working on those, it become apparent to the team that several of the problems are due to the system design, metalink library API and what the metalink RFC says. They are very hard to fix on the curl side only. 2. The metalink usage with curl was only very briefly documented and was not following the "normal" curl usage pattern in several ways, making it surprising and non-intuitive which could lead to further security issues. 3. The metalink library was last updated 6 years ago and wasn't so active the years before that either. An unmaintained library means there's a security problem waiting to happen. This is probably reason enough. 4. Metalink requires an XML parsing library, which is complex code (even the smaller alternatives) and to this day often gets security updates. 5. Metalink is not a widely used curl feature. In the 2020 curl user survey, only 1.4% of the responders said that they'd are using it. In 2021 that number was 1.2%. Searching the web also show very few traces of it being used, even with other tools. 6. The torrent format and associated technology clearly won for downloading large files from multiple sources in parallel. Cloes #7176
show more ...
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0 |
|
#
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home Closes #6172
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0 |
|
#
643b9e4d |
| 04-Feb-2020 |
Daniel Stenberg |
tool_operhlp: Copyright year out of date, should be 2020 Follow-up from 2bc373740a3
|
#
2bc37374 |
| 03-Feb-2020 |
Orgad Shaneh |
curl: avoid using strlen for testing if a string is empty Closes #4873
|
Revision tags: curl-7_68_0 |
|
#
dc4900ee |
| 11-Dec-2019 |
Daniel Stenberg |
curl: improved cleanup in upload error path Memory leak found by torture test 58 Closes #4705
|
Revision tags: curl-7_67_0 |
|
#
e59371a4 |
| 23-Sep-2019 |
Daniel Stenberg |
curl: create easy handles on-demand and not ahead of time This should again enable crazy-large download ranges of the style [1-10000000] that otherwise easily ran out of memory starting
curl: create easy handles on-demand and not ahead of time This should again enable crazy-large download ranges of the style [1-10000000] that otherwise easily ran out of memory starting in 7.66.0 when this new handle allocating scheme was introduced. Reported-by: Peter Sumatra Fixes #4393 Closes #4438
show more ...
|
Revision tags: curl-7_66_0 |
|
#
b8894085 |
| 20-Jul-2019 |
Daniel Stenberg |
curl: support parallel transfers This is done by making sure each individual transfer is first added to a linked list as then they can be performed serially, or at will, in parallel.
curl: support parallel transfers This is done by making sure each individual transfer is first added to a linked list as then they can be performed serially, or at will, in parallel. Closes #3804
show more ...
|
Revision tags: curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0, curl-7_64_1, curl-7_64_0, curl-7_63_0 |
|
#
dcd6f810 |
| 22-Nov-2018 |
Daniel Stenberg |
snprintf: renamed and we now only use msnprintf() The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differen
snprintf: renamed and we now only use msnprintf() The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
show more ...
|
Revision tags: curl-7_62_0, curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0, curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0, curl-7_51_0 |
|
#
811a693b |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: all case insensitive string compares ignore locale now We had some confusions on when each function was used. We should not act differently on different locales anyway.
|
#
502acba2 |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: is the new name for strequal() ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the
strcasecompare: is the new name for strequal() ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
show more ...
|
Revision tags: curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0, curl-7_49_1, curl-7_49_0, curl-7_48_0, curl-7_47_1 |
|
#
d572d266 |
| 07-Feb-2016 |
Jay Satiro |
tool_operhlp: Check for backslashes in get_url_file_name Extract the filename from the last slash or backslash. Prior to this change backslashes could be part of the filename. T
tool_operhlp: Check for backslashes in get_url_file_name Extract the filename from the last slash or backslash. Prior to this change backslashes could be part of the filename. This change needed for the curl tool built for Cygwin. Refer to the CYGWIN addendum in advisory 20160127B. Bug: https://curl.haxx.se/docs/adv_20160127B.html
show more ...
|
#
4520534e |
| 05-Feb-2016 |
Jay Satiro |
tool_doswin: Improve sanitization processing - Add unit test 1604 to test the sanitize_file_name function. - Use -DCURL_STATICLIB when building libcurltool for unit testing.
tool_doswin: Improve sanitization processing - Add unit test 1604 to test the sanitize_file_name function. - Use -DCURL_STATICLIB when building libcurltool for unit testing. - Better detection of reserved DOS device names. - New flags to modify sanitize behavior: SANITIZE_ALLOW_COLONS: Allow colons SANITIZE_ALLOW_PATH: Allow path separators and colons SANITIZE_ALLOW_RESERVED: Allow reserved device names SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename - Restore sanitization of banned characters from user-specified outfile. Prior to this commit sanitization of a user-specified outfile was temporarily disabled in 2b6dadc because there was no way to allow path separators and colons through while replacing other banned characters. Now in such a case we call the sanitize function with SANITIZE_ALLOW_PATH which allows path separators and colons to pass through. Closes https://github.com/curl/curl/issues/624 Reported-by: Octavio Schroeder
show more ...
|