Daniel Stenberg
386ed2d590
gtls: fix NULL pointer dereference
...
gnutls_x509_crt_import() must not be called with a NULL certificate
Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
2014-04-22 23:24:31 +02:00
Daniel Stenberg
5b463e97fa
curl_global_init_mem: bump initialized even if already initialized
...
As this makes curl_global_init_mem() behave the same way as
curl_global_init() already does in that aspect - the same number of
curl_global_cleanup() calls is then required to again decrease the
counter and then eventually do the cleanup.
Bug: http://curl.haxx.se/bug/view.cgi?id=1362
Reported-by: Tristan
2014-04-22 23:08:14 +02:00
Kamil Dudka
8868a226cd
nss: implement non-blocking SSL handshake
2014-04-22 22:56:14 +02:00
Kamil Dudka
a43bba3a34
nss: split Curl_nss_connect() into 4 functions
2014-04-22 22:56:14 +02:00
Dan Fandrich
c1d6158789
tests: Fixed torture test for tests 1526 & 1527
2014-04-22 22:43:57 +02:00
Marc Hoersken
42c04eb1d1
sockfilt.c: clean up threaded approach and add documentation
2014-04-22 17:22:42 +02:00
Marc Hoersken
6fd97fca88
sockfilt.c: zero initialize variable
2014-04-22 17:22:42 +02:00
Marc Hoersken
6a03f6368f
sockfilt.c: fixed getting stuck waiting for MinGW stdin pipe
2014-04-22 17:22:41 +02:00
Daniel Stenberg
a5d7ec1848
configure: use the nghttp2 path correctly with pkg-config
...
When --with-nghttp2 was used (without a given path), the
PKG_CONFIG_LIBDIR varialbe could get clobbered and ruin a proper
detection of the library.
Reported-by: Dilyan Palauzov
Bug: http://curl.haxx.se/mail/lib-2014-04/0159.html
2014-04-22 00:24:44 +02:00
Dilyan Palauzov
11ce2f2182
configure: fix wrong comment
...
copy and paste error
2014-04-21 20:12:20 +02:00
Steve Holme
4b87029113
build: Fixed output name for Release builds in VC10 and VC11
2014-04-21 17:40:50 +01:00
Marc Hoersken
8ce852a279
sockfilt.c: properly handle disk files, pipes and character input
2014-04-20 22:15:36 +02:00
Marc Hoersken
fe1c0176c1
sockfilt.c: ignore non-key-events and continue waiting for input
2014-04-20 18:26:24 +02:00
Marc Hoersken
eb01947e1d
sockfilt.c: free memory in case of memory allocation errors
2014-04-20 18:22:28 +02:00
Marc Hoersken
ee6791128f
multi.c: fix possible invalid memory access in case nfds overflows
...
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
2014-04-19 16:02:14 +02:00
Marc Hoersken
549b4a659a
netrc.c: fix multiple possible dereferences of null pointers
2014-04-19 16:00:43 +02:00
Marc Hoersken
9146f37973
parsedate.c: check sscanf result before passing it to strlen
2014-04-19 15:47:07 +02:00
Marc Hoersken
662fc62517
telnet.c: check sscanf results before passing them to snprintf
2014-04-19 15:23:04 +02:00
Marc Hoersken
f9ffbfce90
telnet.c: fix possible use of uninitialized variable
2014-04-19 15:18:19 +02:00
Marc Hoersken
aa0fbe3537
telnet.c: fix possible use of non-null-terminated strings
2014-04-19 14:26:02 +02:00
Marc Hoersken
c48b996cf2
url.c: fix possible use of non-null-terminated string with strlen
...
Follow up on b0e742544b
2014-04-19 14:25:32 +02:00
Marc Hoersken
89390f35f8
tool_writeout.c: initialize string pointer variable
2014-04-19 00:24:25 +02:00
Marc Hoersken
da900ca970
tool_formparse.c: fix possible use of non-null-terminated strings
2014-04-19 00:17:47 +02:00
Marc Hoersken
b0e742544b
url.c: fix possible use of non-null-terminated string with strlen
2014-04-19 00:17:21 +02:00
Marc Hoersken
7296fc9e7e
connect.c: fix multiple possible dereferences of null pointers
...
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
2014-04-18 23:56:54 +02:00
Marc Hoersken
3f74e149f8
tftp.c: fix possible dereference of null pointer
2014-04-18 23:53:48 +02:00
Marc Hoersken
667d133dab
tool_urlglob.c: added some comments to clarify for loop conditions
...
I was tempted to change those to >= 0 until I saw that this is
actually a for loop that terminates once i underflows.
2014-04-18 23:28:26 +02:00
Marc Hoersken
e81bdab13e
socks_sspi.c: added pointer guards to FreeContextBuffer calls
...
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
2014-04-18 23:24:41 +02:00
Marc Hoersken
54df616729
md5.c: fix use of uninitialized variable
2014-04-18 22:59:25 +02:00
Marc Hoersken
6f72c2fe31
curl_schannel.c: added explicit cast of structure pointers
2014-04-18 22:38:42 +02:00
Marc Hoersken
a703914e60
curl_schannel.c: fix possible dereference of null pointer
2014-04-18 22:36:12 +02:00
Steve Holme
0115ec2f13
RELEASE-NOTES: Synced with 33e0cba8f1
2014-04-18 20:35:01 +01:00
Steve Holme
33e0cba8f1
curl_easy_setopt: Updated CURLOPT_URL to include IMAP PARTIAL FETCH example
2014-04-18 20:23:45 +01:00
Steve Holme
d7ed8da43e
imap: Extended FETCH support to include PARTIAL URL specifier
2014-04-18 20:14:09 +01:00
Steve Holme
e2c14bde22
url.c: Fixed typo in comment
2014-04-18 17:51:26 +01:00
Steve Holme
0d4af92aeb
curl_easy_setopt: Updated CURLOPT_URL to include IMAP query string examples
2014-04-18 17:51:24 +01:00
Steve Holme
4c8c3da6e2
test810: Updated to use new IMAP URL query string functionality
2014-04-18 16:51:50 +01:00
Steve Holme
84c0aabe65
imap: Expanded mailbox SEARCH support to use URL query strings
2014-04-18 16:51:48 +01:00
Steve Holme
ca63d4feba
imap: Added support for parsing URL query strings
...
Added support for parsing query strings from the URL as defined by
RFC-5092.
2014-04-18 16:43:57 +01:00
Steve Holme
f804378d16
imap: Introduced the SEARCH state
2014-04-18 15:32:13 +01:00
Steve Holme
2c6b41e98a
imap: Fixed untagged response detection when no data after command
...
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
2014-04-18 15:01:57 +01:00
Steve Holme
0160cb2e19
build: Added Visual Studio 2012 (VC11) project files
...
Carrying on from commit 11025613b9
added VC11 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-18 10:28:11 +01:00
Steve Holme
cd1f746b86
build: Corrected Visual Studio solutions for DLL Release x64
2014-04-17 21:04:19 +01:00
Daniel Stenberg
b166117c60
README.http2: mention some alt-svc thoughts
2014-04-17 19:23:39 +02:00
Steve Holme
5a23aeb00d
Makefile.am: Missed separator in commit fbaa2f8660
2014-04-16 23:50:17 +01:00
Steve Holme
fbaa2f8660
build: Added Visual Studio 2010 (VC10) project files
...
Carrying on from commit 11025613b9
added VC10 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-16 21:24:33 +01:00
Dan Fandrich
263ed02da6
url: only use if_nametoindex() if IFNAMSIZ is available
2014-04-14 08:02:06 +02:00
Dan Fandrich
b2e9c17a19
symbian: fixed typo in comment
2014-04-09 22:12:47 +02:00
Steve Holme
78e3844a4a
build: Added Visual Studio 2008 (VC9) project files
...
Carrying on from commit 11025613b9
, added VC9 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-09 00:20:44 +01:00
Steve Holme
b574e83079
sas: Added DIGEST-MD5 qop-option validation in native challange handling
...
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
2014-04-08 21:24:34 +01:00