| #
d84a95de |
| 14-May-2024 |
Daniel Gustafsson |
hsts: explicitly skip blank lines
Keep blank lines or lines containing only whitespace to make it all
the way to the more expensive sscanf call in hsts_add.
Closes: #13603
R
hsts: explicitly skip blank lines
Keep blank lines or lines containing only whitespace to make it all
the way to the more expensive sscanf call in hsts_add.
Closes: #13603
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| #
4d96873a |
| 13-May-2024 |
Daniel Gustafsson |
hsts: Remove single-use single-line function
The hsts_entry() function contains of a single line and is only
used in a single place in the code, so move the allocation into
hsts_crea
hsts: Remove single-use single-line function
The hsts_entry() function contains of a single line and is only
used in a single place in the code, so move the allocation into
hsts_create instead to improve code readability. C code usually
don't use the factory abstraction for object creation, and this
small example wasn't following our usual code style.
Closes: #13604
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
| #
c296abd4 |
| 10-Apr-2024 |
Stefan Eissing |
llist: add Curl_llist_append()
- use for better readability in all places where the "insert_next"
actually performs an append to the list
- add some tests in unit1300
Clos
llist: add Curl_llist_append()
- use for better readability in all places where the "insert_next"
actually performs an append to the list
- add some tests in unit1300
Closes #13336
show more ...
|
| #
142ac257 |
| 06-Feb-2024 |
Daniel Stenberg |
lib: convert Curl_get_line to use dynbuf
Create the line in a dynbuf. Aborts the reading of the file on
errors. Avoids having to always allocate maximum amount from the
start. Avoids
lib: convert Curl_get_line to use dynbuf
Create the line in a dynbuf. Aborts the reading of the file on
errors. Avoids having to always allocate maximum amount from the
start. Avoids direct malloc.
Closes #12846
show more ...
|
| #
24ae4a07 |
| 10-Jan-2024 |
Daniel Stenberg |
hsts: remove assert for zero length domain
A zero length domain can happen if the HSTS parser is given invalid
input data which is not unheard of and is done by the fuzzer.
Foll
hsts: remove assert for zero length domain
A zero length domain can happen if the HSTS parser is given invalid
input data which is not unheard of and is done by the fuzzer.
Follow-up from cfe7902111ae547873
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661
Closes #12676
show more ...
|
| #
cfe79021 |
| 08-Jan-2024 |
Daniel Stenberg |
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
Closes #12658
|
| #
7c992dd9 |
| 08-Dec-2023 |
Daniel Stenberg |
lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
Since the copy does not stop at a null byte, let's not call it anything
that makes you think it works like the common s
lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
Since the copy does not stop at a null byte, let's not call it anything
that makes you think it works like the common strndup() function.
Based on feedback from Jay Satiro, Stefan Eissing and Patrick Monnerat
Closes #12490
show more ...
|
| #
289b486f |
| 13-Nov-2023 |
Daniel Stenberg |
urldata: move hstslist from 'set' to 'state'
To make it work properly with curl_easy_duphandle(). This, because
duphandle duplicates the entire 'UserDefined' struct by plain copy while
urldata: move hstslist from 'set' to 'state'
To make it work properly with curl_easy_duphandle(). This, because
duphandle duplicates the entire 'UserDefined' struct by plain copy while
'hstslist' is a linked curl_list of file names. This would lead to a
double-free when the second of the two involved easy handles were
closed.
Closes #12315
show more ...
|
| #
bc8509a7 |
| 07-Nov-2023 |
Sam James |
misc: fix -Walloc-size warnings
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
```
src/tool_operate.c: In function ‘add_per_transfer’:
src/tool_operat
misc: fix -Walloc-size warnings
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
```
src/tool_operate.c: In function ‘add_per_transfer’:
src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ for type ‘struct per_transfer’ with size ‘480’ [-Walloc-size]
213 | p = calloc(sizeof(struct per_transfer), 1);
| ^
src/var.c: In function ‘addvariable’:
src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type ‘struct var’ with size ‘32’ [-Walloc-size]
361 | p = calloc(sizeof(struct var), 1);
| ^
```
The calloc prototype is:
```
void *calloc(size_t nmemb, size_t size);
```
So, just swap the number of members and size arguments to match the
prototype, as we're initialising 1 struct of size `sizeof(struct
...)`. GCC then sees we're not doing anything wrong.
Closes #12292
show more ...
|
| #
d3b3ba35 |
| 02-Nov-2023 |
Daniel Stenberg |
lib: add and use Curl_strndup()
The Curl_strndup() function is similar to memdup(), but copies 'n' bytes
then adds a terminating null byte ('\0').
Closes #12251
|
| #
8c058a82 |
| 02-Nov-2023 |
Daniel Stenberg |
hsts: skip single-dot hostname
Reported-by: Maksymilian Arciemowicz
Closes #12247
|
| #
3f8fc257 |
| 09-May-2023 |
Viktor Szakats |
cmake: add support for "unity" builds
Aka "jumbo" or "amalgamation" builds. It means to compile all sources
per target as a single C source. This is experimental.
You can enable
cmake: add support for "unity" builds
Aka "jumbo" or "amalgamation" builds. It means to compile all sources
per target as a single C source. This is experimental.
You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake.
It requires CMake 3.16 or newer.
It makes builds (much) faster, allows for better optimizations and tends
to promote less ambiguous code.
Also add a new AppVeyor CI job and convert an existing one to use
"unity" mode (one MSVC, one MinGW), and enable it for one macOS CI job.
Fix related issues:
- add missing include guard to `easy_lock.h`.
- rename static variables and functions (and a macro) with names reused
across sources, or shadowed by local variables.
- add an `#undef` after use.
- add a missing `#undef` before use.
- move internal definitions from `ftp.h` to `ftp.c`.
- `curl_memory.h` fixes to make it work when included repeatedly.
- stop building/linking curlx bits twice for a static-mode curl tool.
These caused doubly defined symbols in unity builds.
- silence missing extern declarations compiler warning for ` _CRT_glob`.
- fix extern declarations for `tool_freq` and `tool_isVistaOrGreater`.
- fix colliding static symbols in debug mode: `debugtime()` and
`statename`.
- rename `ssl_backend_data` structure to unique names for each
TLS-backend, along with the `ssl_connect_data` struct member
referencing them. This required adding casts for each access.
- add workaround for missing `[P]UNICODE_STRING` types in certain Windows
builds when compiling `lib/ldap.c`. To support "unity" builds, we had
to enable `SCHANNEL_USE_BLACKLISTS` for Schannel (a Windows
`schannel.h` option) _globally_. This caused an indirect inclusion of
Windows `schannel.h` from `ldap.c` via `winldap.h` to have it enabled
as well. This requires `[P]UNICODE_STRING` types, which is apperantly
not defined automatically (as seen with both MSVS and mingw-w64).
This patch includes `<subauth.h>` to fix it.
Ref: https://github.com/curl/curl/runs/13987772013
Ref: https://dev.azure.com/daniel0244/curl/_build/results?buildId=15827&view=logs&jobId=2c9f582d-e278-56b6-4354-f38a4d851906&j=2c9f582d-e278-56b6-4354-f38a4d851906&t=90509b00-34fa-5a81-35d7-5ed9569d331c
- tweak unity builds to compile `lib/memdebug.c` separately in memory
trace builds to avoid PP confusion.
- force-disable unity for test programs.
- do not compile and link libcurl sources to libtests _twice_ when libcurl
is built in static mode.
KNOWN ISSUES:
- running tests with unity builds may fail in cases.
- some build configurations/env may not compile in unity mode. E.g.:
https://ci.appveyor.com/project/curlorg/curl/builds/47230972/job/51wfesgnfuauwl8q#L250
Ref: https://github.com/libssh2/libssh2/issues/1034
Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.html
Ref: https://en.wikipedia.org/wiki/Unity_build
Closes #11095
show more ...
|
| #
f198d33e |
| 18-May-2023 |
Emanuele Torre |
checksrc: disallow spaces before labels
Out of 415 labels throughout the code base, 86 of those labels were
not at the start of the line. Which means labels always at the start of
th
checksrc: disallow spaces before labels
Out of 415 labels throughout the code base, 86 of those labels were
not at the start of the line. Which means labels always at the start of
the line is the favoured style overall with 329 instances.
Out of the 86 labels not at the start of the line:
* 75 were indented with the same indentation level of the following line
* 8 were indented with exactly one space
* 2 were indented with one fewer indentation level then the following
line
* 1 was indented with the indentation level of the following line minus
three space (probably unintentional)
Co-Authored-By: Viktor Szakats
Closes #11134
show more ...
|
| #
d567cca1 |
| 27-Apr-2023 |
Daniel Stenberg |
checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In
checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In order to avoid
catching function pointer declarations, the logic allows a space if the
first character after the open parenthesis is an asterisk.
I also spotted what we did not include "switch" in the check but we should.
This check is a little lame, but we reduce this problem by not allowing
that space for if/while/for/switch.
Reported-by: Emanuele Torre
Closes #11044
show more ...
|
| #
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
show more ...
|
| #
ca02a77f |
| 27-Dec-2022 |
Daniel Stenberg |
hsts: handle adding the same host name again
It will then use the largest expire time of the two entries.
|
| #
076a2f62 |
| 27-Dec-2022 |
Daniel Stenberg |
share: add sharing of HSTS cache among handles
Closes #10138
|
| #
3f039dfd |
| 31-Oct-2022 |
Daniel Stenberg |
strcase: use curl_str(n)equal for case insensitive matches
No point in having two entry points for the same functions.
Also merged the *safe* function treatment into these so that t
strcase: use curl_str(n)equal for case insensitive matches
No point in having two entry points for the same functions.
Also merged the *safe* function treatment into these so that they can
also be used when one or both pointers are NULL.
Closes #9837
show more ...
|
| #
279834dd |
| 24-Oct-2022 |
Daniel Stenberg |
misc: remove duplicated include files
Closes #9796
|
| #
6f9fb7ec |
| 05-Sep-2022 |
Daniel Stenberg |
misc: ISSPACE() => ISBLANK()
Instances of ISSPACE() use that should rather use ISBLANK(). I think
somewhat carelessly used because it sounds as if it checks for space or
whitespace,
misc: ISSPACE() => ISBLANK()
Instances of ISSPACE() use that should rather use ISBLANK(). I think
somewhat carelessly used because it sounds as if it checks for space or
whitespace, but also includes %0a to %0d.
For parsing purposes, we should only accept what we must and not be
overly liberal. It leads to surprises and surprises lead to bad things.
Closes #9432
show more ...
|
| #
d64115d7 |
| 25-May-2022 |
Daniel Stenberg |
hsts: use Curl_fopen()
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
3c8b969d |
| 22-May-2022 |
Daniel Stenberg |
links: update dead links
The wiki pages are gone, remove and link to more long-living docs.
Closes #8897
|
| #
fae6fea2 |
| 09-May-2022 |
Daniel Stenberg |
hsts: ignore trailing dots when comparing hosts names
CVE-2022-30115
Reported-by: Axel Chong
Bug: https://curl.se/docs/CVE-2022-30115.html
Closes #8821
|
| #
519b62cc |
| 21-Jan-2022 |
lucas |
docs: update IETF links to use datatracker
The tools.ietf.org domain has been deprecated a while now, with the
links being redirected to datatracker.ietf.org.
Rather than make p
docs: update IETF links to use datatracker
The tools.ietf.org domain has been deprecated a while now, with the
links being redirected to datatracker.ietf.org.
Rather than make people eat that redirect time, this change switches the
URL to a more canonical source.
Closes #8317
show more ...
|
