| #
c074ba64 |
| 01-Jul-2024 |
Daniel Stenberg |
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
- file name => filename
- user name = username
- man page => manpage
- run-time => runtime
- set-up => setup
- back-end => backend
- a HTTP => an HTTP
- Two spaces after a period => one space after period
Closes #14073
show more ...
|
| #
f0eacd94 |
| 26-Feb-2024 |
Andreas Kiefer |
fopen: fix narrowing conversion warning on 32-bit Android
This was fixed in commit 06dc599405f, but came back in commit
03cb1ff4d62.
When building for 32-bit ARM or x86 Android,
fopen: fix narrowing conversion warning on 32-bit Android
This was fixed in commit 06dc599405f, but came back in commit
03cb1ff4d62.
When building for 32-bit ARM or x86 Android, `st_mode` is defined as
`unsigned int` instead of `mode_t`, resulting in a
`-Wimplicit-int-conversion` clang warning because `mode_t` is
`unsigned short`. Add a cast to silence the warning, but only for
32-bit Android builds, because other architectures and platforms are
not affected.
Ref: https://android.googlesource.com/platform/bionic/+/refs/tags/ndk-r25c/libc/include/sys/stat.h#86
Closes https://github.com/curl/curl/pull/12998
show more ...
|
| #
f27b8dba |
| 24-Nov-2023 |
Daniel Stenberg |
fopen: allocate the dir after fopen
Move the allocation of the directory name down to after the fopen() call
to allow that shortcut code path to avoid a superfluous malloc+free
cycle
fopen: allocate the dir after fopen
Move the allocation of the directory name down to after the fopen() call
to allow that shortcut code path to avoid a superfluous malloc+free
cycle.
Follow-up to 73b65e94f35311
Closes #12398
show more ...
|
| #
03cb1ff4 |
| 23-Nov-2023 |
Daniel Stenberg |
fopen: create new file using old file's mode
Because the function renames the temp file to the target name as a last
step, if the file was previously owned by a different user, not ORing
fopen: create new file using old file's mode
Because the function renames the temp file to the target name as a last
step, if the file was previously owned by a different user, not ORing
the old mode could otherwise end up creating a file that was no longer
readable by the original owner after save.
Reported-by: Loïc Yhuel
Fixes #12299
Closes #12395
show more ...
|
| #
73b65e94 |
| 23-Nov-2023 |
Daniel Stenberg |
fopen: create short(er) temporary file name
Only using random letters in the name plus a ".tmp" extension. Not by
appending characters to the final file name.
Reported-by: Maksy
fopen: create short(er) temporary file name
Only using random letters in the name plus a ".tmp" extension. Not by
appending characters to the final file name.
Reported-by: Maksymilian Arciemowicz
Closes #12388
show more ...
|
| #
3aa3cc9b |
| 12-Sep-2023 |
Harry Sintonen |
misc: better random strings
Generate alphanumerical random strings.
Prior this change curl used to create random hex strings. This was
mostly okay, but having alphanumerical ran
misc: better random strings
Generate alphanumerical random strings.
Prior this change curl used to create random hex strings. This was
mostly okay, but having alphanumerical random strings is better: The
strings have more entropy in the same space.
The MIME multipart boundary used to be mere 64-bits of randomness due
to being 16 hex chars. With these changes the boundary is 22
alphanumerical chars, or little over 130 bits of randomness.
Closes #11838
show more ...
|
| #
0c667188 |
| 10-Jul-2023 |
SaltyMilk |
fopen: optimize
Closes #11419
|
| #
06dc5994 |
| 13-Jun-2023 |
Marcel Raad |
fopen: fix conversion warning on 32-bit Android
When building for 32-bit ARM or x86 Android, `st_mode` is defined as
`unsigned int` instead of `mode_t`, resulting in a
-Wimplicit-int
fopen: fix conversion warning on 32-bit Android
When building for 32-bit ARM or x86 Android, `st_mode` is defined as
`unsigned int` instead of `mode_t`, resulting in a
-Wimplicit-int-conversion clang warning because `mode_t` is
`unsigned short`. Add a cast to silence the warning.
Ref: https://android.googlesource.com/platform/bionic/+/refs/tags/ndk-r25c/libc/include/sys/stat.h#86
Closes https://github.com/curl/curl/pull/11313
show more ...
|
| #
74040dde |
| 02-Feb-2023 |
Kvarec Lezki |
fopen: remove unnecessary assignment
[CWE-1164] V1048: The '* tempname' variable was assigned the same value.
Ref: https://pvs-studio.com/en/docs/warnings/v1048/
Closes htt
fopen: remove unnecessary assignment
[CWE-1164] V1048: The '* tempname' variable was assigned the same value.
Ref: https://pvs-studio.com/en/docs/warnings/v1048/
Closes https://github.com/curl/curl/pull/10398
show more ...
|
| #
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
show more ...
|
| #
20f9dd6b |
| 25-May-2022 |
Daniel Stenberg |
fopen: add Curl_fopen() for better overwriting of files
Bug: https://curl.se/docs/CVE-2022-32207.html
CVE-2022-32207
Reported-by: Harry Sintonen
Closes #9050
|
