moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-12 04:25:08 -05:00
Code Issues Releases Wiki Activity
27,279 Commits 10 Branches 144 Tags 113 MiB
57e46dce58
Commit Graph

7 Commits

Author SHA1 Message Date
Daniel Stenberg
4d2f800677
curl.se: new home 
Closes #6172
 2020-11-04 23:59:47 +01:00
Daniel Stenberg
3c4c4ec2ee
strdup: remove the odd strlen check 
It confuses code analyzers with its use of -1 for unsigned value. Also,
a check that's not normally used in strdup() code - and not necessary.

Closes #5697
 2020-07-18 12:37:25 +02:00
Daniel Stenberg
e5743f08e7
code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
9395999543 checksrc: use space after comma 2015-03-17 13:57:37 +01:00
Daniel Stenberg
8a2dda312c tool_strdup.c: include the tool strdup.h 
... not the lib/ one that the tool no longer uses!
 2014-11-05 23:33:22 +01:00
Daniel Stenberg
b387560692 curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds 
When duplicating a handle, the data to post was duplicated using
strdup() when it could be binary and contain zeroes and it was not even
zero terminated! This caused read out of bounds crashes/segfaults.

Since the lib/strdup.c file no longer is easily shared with the curl
tool with this change, it now uses its own version instead.

Bug: http://curl.haxx.se/docs/adv_20141105.html
CVE: CVE-2014-3707
Reported-By: Symeon Paraschoudis
 2014-11-05 08:05:14 +01:00