Revision tags: curl-7_61_0 |
|
#
c45360d4 |
| 02-Jun-2018 |
Marian Klymov |
cppcheck: fix warnings - Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over
cppcheck: fix warnings - Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
show more ...
|
#
8ea5d41f |
| 28-May-2018 |
Rikard Falkeborn |
strictness: correct {infof, failf} format specifiers Closes #2623
|
#
8541d02c |
| 28-May-2018 |
Patrick Monnerat |
psl: use latest psl and refresh it periodically The latest psl is cached in the multi or share handle. It is refreshed before use after 72 hours. New share lock CURL_LOCK_DATA_PSL co
psl: use latest psl and refresh it periodically The latest psl is cached in the multi or share handle. It is refreshed before use after 72 hours. New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing. If the latest psl is not available, the builtin psl is used. Reported-by: Yaakov Selkowitz Fixes #2553 Closes #2601
show more ...
|
Revision tags: curl-7_60_0 |
|
#
1b55d270 |
| 12-May-2018 |
Patrick Monnerat |
cookies: do not take cookie name as a parameter RFC 6265 section 4.2.1 does not set restrictions on cookie names. This is a follow-up to commit 7f7fcd0. Also explicitly check proper
cookies: do not take cookie name as a parameter RFC 6265 section 4.2.1 does not set restrictions on cookie names. This is a follow-up to commit 7f7fcd0. Also explicitly check proper syntax of cookie name/value pair. New test 1155 checks that cookie names are not reserved words. Reported-By: anshnd at github Fixes #2564 Closes #2566
show more ...
|
#
732d0938 |
| 24-Apr-2018 |
Daniel Gustafsson |
cookies: ensure that we have cookies before writing jar The jar should be written iff there are cookies, so ensure that we still have cookies after expiration to avoid creating an empty
cookies: ensure that we have cookies before writing jar The jar should be written iff there are cookies, so ensure that we still have cookies after expiration to avoid creating an empty file. Closes #2529
show more ...
|
#
dd03e8c2 |
| 06-Apr-2018 |
Daniel Stenberg |
hash: calculate sizes with size_t instead of longs ... since they return size_t anyway! closes #2462
|
#
746479ad |
| 05-Apr-2018 |
Lauri Kasanen |
cookie: case-insensitive hashing for the domains closes #2458
|
#
82dfdac5 |
| 04-Apr-2018 |
Patrick Monnerat |
cookie: fix and optimize 2nd top level domain name extraction This fixes a segfault occurring when a name of the (invalid) form "domain..tld" is processed. test46 updated to cov
cookie: fix and optimize 2nd top level domain name extraction This fixes a segfault occurring when a name of the (invalid) form "domain..tld" is processed. test46 updated to cover this case. Follow-up to commit c990ead. Ref: https://github.com/curl/curl/pull/2440
show more ...
|
#
c990eadd |
| 30-Mar-2018 |
Lauri Kasanen |
cookie: store cookies per top-level-domain-specific hash table This makes libcurl handle thousands of cookies much better and speedier. Closes #2440
|
#
4073cd83 |
| 30-Mar-2018 |
Lauri Kasanen |
cookies: when reading from a file, only remove_expired once This drops the cookie load time for 8k cookies from 178ms to 15ms. Closes #2441
|
Revision tags: curl-7_59_0 |
|
#
4c46dfc3 |
| 25-Jan-2018 |
Daniel Stenberg |
cookies: remove verbose "cookie size:" output It was once used for some debugging/verifying logic but should never have ended up in git!
|
Revision tags: curl-7_58_0, curl-7_57_0 |
|
#
fa394c8c |
| 30-Oct-2017 |
Daniel Stenberg |
cookie: avoid NULL dereference ... when expiring old cookies. Reported-by: Pavel Gushchin Fixes #2032 Closes #2035
|
Revision tags: curl-7_56_1, curl-7_56_0 |
|
#
8392a0cf |
| 30-Sep-2017 |
Daniel Stenberg |
cookie: fix memory leak if path was set twice in header ... this will let the second occurance override the first. Added test 1161 to verify. Reported-by: Max Dymond Fi
cookie: fix memory leak if path was set twice in header ... this will let the second occurance override the first. Added test 1161 to verify. Reported-by: Max Dymond Fixes #1932 Closes #1933
show more ...
|
#
20ea22ff |
| 29-Sep-2017 |
Daniel Stenberg |
cookie: fix memory leak on oversized rejection Regression brought by 2bc230de63b Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513 Assisted-by: Ma
cookie: fix memory leak on oversized rejection Regression brought by 2bc230de63b Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3513 Assisted-by: Max Dymond Closes #1930
show more ...
|
#
5fe85587 |
| 18-Sep-2017 |
Pavel P |
cookies: use lock when using CURLINFO_COOKIELIST Closes #1896
|
#
2bc230de |
| 17-Sep-2017 |
Daniel Stenberg |
cookies: reject oversized cookies ... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4
cookies: reject oversized cookies ... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4096 bytes (section 6.1). This is also what browsers seem to implement. We now allow max 5000 bytes cookie header. Max 4095 bytes length per cookie name and value. Name + value together may not exceed 4096 bytes. Added test 1151 to verify Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html Reported-by: Kevin Smith Closes #1894
show more ...
|
#
e5743f08 |
| 09-Sep-2017 |
Daniel Stenberg |
code style: use spaces around pluses
|
#
6b84438d |
| 09-Sep-2017 |
Daniel Stenberg |
code style: use spaces around equals signs
|
#
ff50fe03 |
| 14-Aug-2017 |
Daniel Stenberg |
strtoofft: reduce integer overflow risks globally ... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
|
Revision tags: curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0 |
|
#
66de5634 |
| 10-Mar-2017 |
Sylvestre Ledru |
Improve code readbility ... by removing the else branch after a return, break or continue. Closes #1310
|
Revision tags: curl-7_53_1 |
|
#
588960be |
| 21-Feb-2017 |
Daniel Stenberg |
cookie: fix declaration of 'dup' shadows a global declaration
|
Revision tags: curl-7_53_0 |
|
#
cbd4e1fa |
| 27-Jan-2017 |
Daniel Stenberg |
cookies: do not assume a valid domain has a dot This repairs cookies for localhost. Non-PSL builds will now only accept "localhost" without dots, while PSL builds okeys everythi
cookies: do not assume a valid domain has a dot This repairs cookies for localhost. Non-PSL builds will now only accept "localhost" without dots, while PSL builds okeys everything not listed as PSL. Added test 1258 to verify. This was a regression brought in a76825a5efa6b4
show more ...
|
Revision tags: curl-7_52_1, curl-7_52_0 |
|
#
1c3e8bbf |
| 14-Dec-2016 |
Daniel Stenberg |
checksrc: warn for assignments within if() expressions ... they're already frowned upon in our source code style guide, this now enforces the rule harder.
|
#
dbadaebf |
| 23-Nov-2016 |
Daniel Stenberg |
checksrc: code style: use 'char *name' style
|
Revision tags: curl-7_51_0 |
|
#
cff89bc0 |
| 27-Sep-2016 |
Daniel Stenberg |
cookie: replace use of fgets() with custom version ... that will ignore lines that are too long to fit in the buffer. CVE-2016-8615 Bug: https://curl.haxx.se/docs/adv_20161
cookie: replace use of fgets() with custom version ... that will ignore lines that are too long to fit in the buffer. CVE-2016-8615 Bug: https://curl.haxx.se/docs/adv_20161102A.html Reported-by: Cure53
show more ...
|