#
3829759b |
| 08-Dec-2023 |
Viktor Szakats |
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
show more ...
|
#
e9a7d4a1 |
| 21-Nov-2023 |
Viktor Szakats |
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. T
windows: use built-in `_WIN32` macro to detect Windows Windows compilers define `_WIN32` automatically. Windows SDK headers or build env defines `WIN32`, or we have to take care of it. The agreement seems to be that `_WIN32` is the preferred practice here. Make the source code rely on that to detect we're building for Windows. Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for Windows detection, next to the official `_WIN32`. After this patch it only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`. There is a slight chance these break compatibility with Windows compilers that fail to define `_WIN32`. I'm not aware of any obsolete or modern compiler affected, but in case there is one, one possible solution is to define this macro manually. grepping for `WIN32` remains useful to discover Windows-specific code. Also: - extend `checksrc` to ensure we're not using `WIN32` anymore. - apply minor formatting here and there. - delete unnecessary checks for `!MSDOS` when `_WIN32` is present. Co-authored-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes #12376
show more ...
|
#
84338c4d |
| 15-Nov-2023 |
Viktor Szakats |
build: add more picky warnings and fix them Enable more picky compiler warnings. I've found these options in the nghttp3 project when implementing the CMake quick picky warning funct
build: add more picky warnings and fix them Enable more picky compiler warnings. I've found these options in the nghttp3 project when implementing the CMake quick picky warning functionality for it [1]. `-Wunused-macros` was too noisy to keep around, but fixed a few issues it revealed while testing. - autotools: reflect the more precisely-versioned clang warnings. Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324 - autotools: sync between clang and gcc the way we set `no-multichar`. - autotools: avoid setting `-Wstrict-aliasing=3` twice. - autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2]. It triggers in libtool-generated stub code. - lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch. - lib/curl_setup.h: delete duplicate declaration for `fileno`. Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d (1999-12-29). This suggests this may not be needed anymore, but if it does, we may restore this for those specific (non-Windows) systems. - lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394. - lib: delete unused macro `isxdigit_ascii` since f65f750742068f579f4ee6d8539ed9d5f0afcb85. - lib/mqtt: delete unused macro `MQTT_HEADER_LEN`. - lib/multi: delete unused macro `SH_READ`/`SH_WRITE`. - lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN` macro. - lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`. - lib/rand: fix `-Wunreachable-code` and related fallouts [3]. - lib/setopt: fix `-Wunreachable-code-break`. - lib/system_win32 and lib/timeval: fix double declarations for `Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4]. - lib/warnless: fix double declarations in CMake UNITY mode [5]. This was due to force-disabling the header guard of `warnless.h` to to reapply it to source code coming after `warnless.c` in UNITY builds. This reapplied declarations too, causing the warnings. Solved by adding a header guard for the lines that actually need to be reapplied. - lib/vauth/digest: fix `-Wunreachable-code-break` [6]. - lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant block. - lib/vtls/sectransp: fix `-Wunreachable-code-break` [7]. - lib/vtls/sectransp: suppress `-Wunreachable-code`. Detected in `else` branches of dynamic feature checks, with results known at compile-time, e.g. ```c if(SecCertificateCopySubjectSummary) /* -> true */ ``` Likely fixable as a separate micro-project, but given SecureTransport is deprecated anyway, let's just silence these locally. - src/tool_help: delete duplicate declaration for `helptext`. - src/tool_xattr: fix `-Wunreachable-code`. - tests: delete duplicate declaration for `unitfail` [8]. - tests: delete duplicate declaration for `strncasecompare`. - tests/libtest: delete duplicate declaration for `gethostname`. Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7 (2010-08-02). Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc If there are still systems around with warnings, we may restore the prototype, but limited for those systems. - tests/lib2305: delete duplicate declaration for `libtest_debug_config`. - tests/h2-download: fix `-Wunreachable-code-break`. [1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056f8bf9f/cmake/PickyWarningsC.cmake [2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjauiqla5fj45?fullLog=true#L1675 [3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=12331#step:7:72 https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=12331#step:7:109 [4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L204 [5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrriklpf1ut#L218 [6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=12331#step:7:290 [7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=12331#step:9:1193 [8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=12331#step:33:1870 Closes #12331
show more ...
|
#
b65086a8 |
| 07-Jun-2023 |
Dan Fandrich |
tests: fix error messages & handling around sockets The wrong error code was checked on Windows on UNIX socket failures, which could have caused all UNIX sockets to be reported as having
tests: fix error messages & handling around sockets The wrong error code was checked on Windows on UNIX socket failures, which could have caused all UNIX sockets to be reported as having errored and the tests therefore skipped. Also, a useless error message was displayed on socket errors in many test servers on Windows because strerror() doesn't work on WinSock error codes; perror() is overridden there to work on all errors and is used instead. Ref #11258 Closes #11265
show more ...
|
#
7d62f0d9 |
| 05-Jun-2023 |
Dan Fandrich |
runtests; give each server a unique log lock file Logs are written by several servers and all of them must be finished writing before the test results can be determined. This means each
runtests; give each server a unique log lock file Logs are written by several servers and all of them must be finished writing before the test results can be determined. This means each server must have its own lock file rather than sharing a single one, which is how it was done up to now. Previously, the first server to complete a test would clear the lock before the other server was done, which caused flaky tests. Lock files are now all found in their own directory, so counting locks equals counting the files in that directory. The result is that the proxy logs are now reliably written which actually changes the expected output for two tests. Fixes #11231 Closes #11259
show more ...
|
#
0bdb95ec |
| 29-Mar-2023 |
Dan Fandrich |
tests: fix fake_ntlm to run with a dynamic log directory Ref: #10818
|
#
c102502e |
| 29-Mar-2023 |
Dan Fandrich |
tests: fix C servers to run with a dynamic log directory Ref: #10818
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
d7dceb57 |
| 07-Sep-2022 |
Marcel Raad |
lib and tests: add missing curl.h includes Closes https://github.com/curl/curl/pull/9453
|
#
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
show more ...
|
#
80eb71a3 |
| 17-Apr-2022 |
Balakrishnan Balasubramanian <3070606-balki@users.noreply.gitlab.com> |
tests: refactor server/socksd.c to support --unix-socket Closes #8687
|
#
24f0fec4 |
| 14-Mar-2022 |
Marc Hoersken |
tests/server/util.h: align WIN32 condition with util.c There is no need to test for both _WIN32 and WIN32 as curl_setup.h automatically defines the later if the first one is defined.
tests/server/util.h: align WIN32 condition with util.c There is no need to test for both _WIN32 and WIN32 as curl_setup.h automatically defines the later if the first one is defined. Also tests/server/util.c is only checking for WIN32 arouund the implementation of win32_perror, so just defining _WIN32 would not be sufficient for a successful compilation. Reviewed-by: Daniel Stenberg Reviewed-by: Jay Satiro Closes #8594
show more ...
|
#
8b42d7b9 |
| 26-Feb-2022 |
Marc Hoersken |
tool and tests: force flush of all buffers at end of program On Windows data can be lost in buffers in case of abnormal program termination, especially in process chains as seen due to f
tool and tests: force flush of all buffers at end of program On Windows data can be lost in buffers in case of abnormal program termination, especially in process chains as seen due to flaky tests. Therefore flushing all buffers manually should avoid this data loss. In the curl tool we play the safe game by only flushing write buffers, but in the testsuite where we manage all buffers, we flush everything. This should drastically reduce Windows CI and testsuite flakiness. Reviewed-by: Daniel Stenberg Supersedes #7833 and #6064 Closes #8516
show more ...
|
#
8c9722bb |
| 16-Aug-2021 |
Daniel Stenberg |
misc: update incorrect copyright year ranges Closes #7577
|
#
d9d26a6b |
| 23-Jul-2021 |
Marc Hoersken |
tests/servers: use our platform-aware pid for server verification The pid used for server verification is later stored as pid2 in the hash of running test servers and therefore used for
tests/servers: use our platform-aware pid for server verification The pid used for server verification is later stored as pid2 in the hash of running test servers and therefore used for shutdown. The pid used for shutdown must be the platform-aware (Win32) pid to avoid leaking test servers while running them using Cygwin/msys. Reviewed-by: Jay Satiro Closes #7481
show more ...
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0 |
|
#
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home Closes #6172
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0 |
|
#
bb79320a |
| 20-May-2020 |
Daniel Stenberg |
tests/server/util.h: add extern to silence compiler warning Follow-up from a3b0699d5c1
|
Revision tags: curl-7_70_0 |
|
#
7dc8a981 |
| 18-Apr-2020 |
Marc Hoersken |
tests/server/util.[ch]: add exit event to stop waiting on Windows This commit adds a global exit event to the test servers that Windows-specific wait routines can use to get triggered if
tests/server/util.[ch]: add exit event to stop waiting on Windows This commit adds a global exit event to the test servers that Windows-specific wait routines can use to get triggered if the program was signaled to be terminated, eg. select_ws in sockfilt.c The exit event will be managed by the signal handling code and is set to not reset automatically to support multiple wait routines. Reviewed-by: Jay Satiro Closes #5260
show more ...
|
#
d009bc2e |
| 17-Apr-2020 |
Daniel Stenberg |
tests: introduce preprocessed test cases The runtests script now always performs variable replacement on the entire test source file before the test gets executed, and saves the upda
tests: introduce preprocessed test cases The runtests script now always performs variable replacement on the entire test source file before the test gets executed, and saves the updated version in a temporary file (log/test[num]) so that all test case readers/servers can use that version (if present) and thus enjoy the powers of test case variable substitution. This is necessary to allow complete port number freedom. Test 309 is updated to work with a non-fixed port number thanks to this.
show more ...
|
#
5e855bbd |
| 14-Apr-2020 |
Daniel Stenberg |
tests: add the mqtt test server mqttd
|
#
9869f6dc |
| 11-Apr-2020 |
Marc Hoersken |
tests/server: move all signal handling routines to util.[ch] Avoid code duplication to prepare for portability enhancements.
|
#
9a8b3b3e |
| 23-Mar-2020 |
Daniel Stenberg |
copyright: fix out-of-date copyright ranges and missing headers Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyrigh
copyright: fix out-of-date copyright ranges and missing headers Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyright headers. Removed three (mostly usesless) README files from docs/ Closes #5141
show more ...
|
Revision tags: curl-7_69_1 |
|
#
3c1b9145 |
| 04-Mar-2020 |
Marc Hoersken |
tests: align some Windows sleep defines with each other
|
Revision tags: curl-7_69_0, curl-7_68_0, curl-7_67_0, curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0, curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0, curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0 |
|
#
b9d25f9a |
| 23-Oct-2017 |
Daniel Stenberg |
timediff: return timediff_t from the time diff functions ... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us.
timediff: return timediff_t from the time diff functions ... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
show more ...
|
Revision tags: curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0, curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0 |
|
#
c2402b6e |
| 19-Dec-2016 |
Jay Satiro |
tests: checksrc compliance
|