1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-18 07:25:14 -05:00
Commit Graph

71 Commits

Author SHA1 Message Date
Daniel Stenberg
6de1053692
smb: check for full size message before reading message details
To avoid reading of uninitialized data.

Assisted-by: Max Dymond
Bug: https://crbug.com/oss-fuzz/16907
Closes #4363
2019-09-16 14:16:06 +02:00
Daniel Stenberg
198b73d12c
smb: init *msg to NULL in smb_send_and_recv()
... it might otherwise return OK from this function leaving that pointer
uninitialized.

Bug: https://crbug.com/oss-fuzz/16907

Closes #4286
2019-09-02 23:06:48 +02:00
Daniel Stenberg
a55faf33d4
cleanup: remove the 'numsocks' argument used in many places
It was used (intended) to pass in the size of the 'socks' array that is
also passed to these functions, but was rarely actually checked/used and
the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries
that should be used instead.

Closes #4169
2019-07-30 23:16:44 +02:00
Juergen Hoetzel
ac3d19a26d smb: Use the correct error code for access denied on file open
- Return CURLE_REMOTE_ACCESS_DENIED for SMB access denied on file open.

Prior to this change CURLE_REMOTE_FILE_NOT_FOUND was returned instead.

Closes https://github.com/curl/curl/pull/4095
2019-07-11 02:57:40 -04:00
Marcel Raad
e23c52b329
build: fix Codacy warnings
Reduce variable scopes and remove redundant variable stores.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:06 +02:00
Matus Uzak
462037ad48
smb: fix incorrect path in request if connection reused
Follow-up to 09e401e01b.  If connection gets reused, then data member
will be copied, but not the proto member.  As a result, in smb_do(),
path has been set from the original proto.share data.

Closes #3388
2018-12-19 09:52:36 +01:00
Daniel Stenberg
46e164069d
url: use the URL API internally as well
... to make it a truly unified URL parser.

Closes #3017
2018-09-22 11:58:10 +02:00
Daniel Stenberg
2825f46d95
CURLOPT_UPLOAD_BUFFERSIZE: set upload buffer size
This is step 3 of #2888.

Fixes #2888
Closes #2896
2018-09-06 10:53:39 +02:00
Daniel Stenberg
1a890997a4
all: s/int/size_t cleanup
Assisted-by: Rikard Falkeborn

Closes #2922
2018-09-01 10:40:42 +02:00
Daniel Stenberg
e6e9b006f7
upload: allocate upload buffer on-demand
Saves 16KB on the easy handle for operations that don't need that
buffer.

Part 1 of #2888
2018-08-18 15:48:08 +02:00
Daniel Stenberg
45d45275e1
smb: don't mark it done in smb_do
Follow-up to 09e401e01b. The SMB protocol handler needs to use its
doing function too, which requires smb_do() to not mark itself as
done...

Closes #2822
2018-08-01 15:52:52 +02:00
Daniel Stenberg
09e401e01b
smb: fix memory leak on early failure
... by making sure connection related data (->share) is stored in the
connection and not in the easy handle.

Detected by OSS-fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
Fixes #2769
Closes #2810
2018-07-30 17:59:36 +02:00
Daniel Stenberg
73af7bcd61
smb_getsock: always wait for write socket too
... the protocol is doing read/write a lot, so it needs to write often
even when downloading. A more proper fix could check for eactly when it
wants to write and only ask for it then.

Without this fix, an SMB download could easily get stuck when the event-driven
API was used.

Closes #2768
2018-07-20 22:53:06 +02:00
Daniel Stenberg
5b511b0958
smb: fix memory-leak in URL parse error path
Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9369
Closes #2740
2018-07-12 14:47:11 +02:00
Daniel Stenberg
9cacc24630 smb: reject negative file sizes
Assisted-by: Max Dymond

Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8245
2018-05-12 22:24:25 +02:00
Daniel Stenberg
23722c515f
get_posix_time: only check for overflows if they can happen! 2018-02-09 22:13:41 +01:00
Daniel Stenberg
8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Daniel Stenberg
25c40c9af9
SMB: fix numeric constant suffix and variable types
1. don't use "ULL" suffix since unsupported in older MSVC
2. use curl_off_t instead of custom long long ifdefs
3. make get_posix_time() not do unaligned data access

Fixes #2211
Closes #2240
Reported-by: Chester Liu
2018-01-16 22:21:59 +01:00
Daniel Stenberg
fa1512b2a0
SMB: fix uninitialized local variable
Reported-by: Brian Carpenter
2017-11-13 08:27:36 +01:00
Marcel Raad
59a0fb2439
smb: rename variable to fix shadowing warning
GCC 4.6.3 on travis complains:
smb.c: In function ‘get_posix_time’:
smb.c:725:13: error: declaration of ‘time’ shadows a global declaration
[-Werror=shadow]

Fix this by renaming the variable.
2017-07-09 14:42:13 +02:00
Gisle Vanem
596cfb6c0a smb: add support for CURLOPT_FILETIME
Bug: https://curl.haxx.se/mail/lib-2017-07/0005.html

Closes #1643
2017-07-04 23:12:57 +02:00
Gisle Vanem
f8dba473a8 smb: fix build for djgpp/MSDOS
bug: https://curl.haxx.se/mail/lib-2017-07/0005.html
2017-07-04 15:42:55 +02:00
Max Dymond
c75f63d7c4 handler: refactor connection checking
Add a new type of callback to Curl_handler which performs checks on
the connection. Alter RTSP so that it uses this callback to do its
own check on connection health.
2017-06-30 10:17:27 +02:00
Daniel Stenberg
89cf6f38d2 upload: UPLOAD_BUFSIZE is now for the upload buffer 2017-05-01 22:55:29 +02:00
Marcel Raad
9bc92eeb0e
NTLM: check for features with #ifdef instead of #if
Feature defines are normally checked with #ifdef instead of #if in the rest of
the codebase. Additionally, some compilers warn when a macro is implicitly
evaluated to 0 because it is not defined, which was the case here.

Ref: https://github.com/curl/curl/pull/1362#discussion_r108605101
Closes https://github.com/curl/curl/pull/1367
2017-03-29 20:16:09 +02:00
Daniel Stenberg
de1c1a8d85 smb: use getpid replacement for windows UWP builds
Source: 7676b8780d/ports/curl/0002_fix_uwp.patch
2017-02-20 10:27:51 +01:00
Daniel Stenberg
97c7591a57 smb: code indent 2017-02-14 15:10:31 +01:00
Patrick Monnerat
8034d8fc62 Declare endian read functions argument as a const pointer.
This is done for all functions of the form Curl_read[136][624]_[lb]e.
2016-11-24 16:14:21 +01:00
Tobias Stoeckmann
8272049062 smb: properly check incoming packet boundaries
Not all reply messages were properly checked for their lengths, which
made it possible to access uninitialized memory (but this does not lead
to out of boundary accesses).

Closes #1052
2016-10-09 00:14:26 +02:00
Daniel Stenberg
6655e30691 conn: don't free easy handle data in handler->disconnect
Reported-by: Gou Lingfeng
Bug: https://curl.haxx.se/mail/lib-2016-06/0139.html
2016-06-29 23:13:09 +02:00
Daniel Stenberg
434f8d0389 internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Steve Holme
b7f3f1b68f smb.c: Fixed compilation warnings
smb.c:134:3: warning: conversion to 'short unsigned int' from 'int' may
             alter its value
smb.c:146:42: warning: conversion to 'unsigned int' from 'long long
              unsigned int' may alter its value
smb.c:146:65: warning: conversion to 'unsigned int' from 'long long
              unsigned int' may alter its value
2015-11-21 11:41:20 +00:00
Daniel Stenberg
50c7f17e50 SMB: rangecheck values read off incoming packet
CVE-2015-3237

Detected by Coverity. CID 1299430.

Bug: http://curl.haxx.se/docs/adv_20150617B.html
2015-06-17 07:43:13 +02:00
Dan Fandrich
35648f2e79 curl_memory: make curl_memory.h the second-last header file loaded
This header file must be included after all header files except
memdebug.h, as it does similar memory function redefinitions and can be
similarly affected by conflicting definitions in system or dependent
library headers.
2015-03-24 23:47:01 +01:00
Daniel Stenberg
0f4a03cbb6 free: instead of Curl_safefree()
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:

- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()

The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
2015-03-16 15:01:15 +01:00
Steve Holme
a3daf542ad smb: Use endian functions for reading NBT and message size values 2015-01-01 20:48:05 +00:00
Steve Holme
7635577ad7 smb.c: Fixed compilation warnings
smb.c:780: warning: passing 'char *' to parameter of type 'unsigned
           char *' converts between pointers to integer types with
           different sign
smb.c:781: warning: passing 'char *' to parameter of type 'unsigned
           char *' converts between pointers to integer types with
           different sign
smb.c:804: warning: passing 'char *' to parameter of type 'unsigned
           char *' converts between pointers to integer types with
           different sign
2015-01-01 04:56:16 +00:00
Steve Holme
0df2ed85fd smb: Use endian functions for reading length and offset values 2014-12-31 16:52:12 +00:00
Steve Holme
56603e2770 smb.c: Fixed compilation warning
smb.c:586: warning: conversion to 'short unsigned int' from 'int' may
           alter its value
2014-12-30 15:42:17 +00:00
Bill Nagel
89cce1e458 smb: Use the connection's upload buffer
Use the connection's upload buffer instead of allocating our own send
buffer.
2014-12-30 13:10:30 +00:00
Bill Nagel
cfa0ac7aff smb: Close the connection after a failed client write 2014-12-29 23:46:33 +00:00
Steve Holme
93e6273b68 smb: Use standard naming for setup connection function
Renamed smb_setup() to smb_setup_connection() to follow more widely
used function naming.
2014-12-24 17:10:28 +00:00
Daniel Stenberg
2c5f346d3a smb: use memcpy() instead of strncpy()
... as it never copies the trailing zero anyway and always just the four
bytes so let's not mislead anyone into thinking it is actually treated
as a string.

Coverity CID: 1260214
2014-12-21 23:21:16 +01:00
Steve Holme
91669584cf smb.c: Fixed code analysis warning
smb.c:320: warning C6297: Arithmetic overflow: 32-bit value is shifted,
           then cast to 64-bit value. Result may not be an expected
           value
2014-12-14 21:01:09 +00:00
Steve Holme
b9950e3b33 smb: Use HAVE_PROCESS_H for process.h inclusion
Rather than testing against _WIN32 use the preferred HAVE_PROCESS_H
pre-processor define when including process.h.
2014-12-14 16:42:08 +00:00
Steve Holme
35fae251dd smb: Fixed unnecessary initialisation of struct member variables
There is no need to set the 'state' and 'result' member variables to
SMB_REQUESTING (0) and CURLE_OK (0) after the allocation via calloc()
as calloc() initialises the contents to zero.
2014-12-14 12:27:57 +00:00
Steve Holme
bd7d7f4523 smb.c: Fixed line longer than 79 columns 2014-12-13 13:10:05 +00:00
Steve Holme
2ecce667a6 smb: Added state change functions to assist with debugging
For debugging purposes, and as per other protocols within curl, added
state change functions rather than changing the states directly.
2014-12-13 12:16:36 +00:00
Steve Holme
24b30d259c smb: Disable SMB when 64-bit integers are not supported
This fixes compilation issues with compilers that don't support 64-bit
integers through long long or __int64.
2014-12-12 22:34:18 +00:00