Marc Hoersken
eb01947e1d
sockfilt.c: free memory in case of memory allocation errors
2014-04-20 18:22:28 +02:00
Marc Hoersken
ee6791128f
multi.c: fix possible invalid memory access in case nfds overflows
...
ufds might not be allocated in case nfds overflows to zero while
extra_nfds is still non-zero. udfs is then accessed within the
extra_nfds-based for loop.
2014-04-19 16:02:14 +02:00
Marc Hoersken
549b4a659a
netrc.c: fix multiple possible dereferences of null pointers
2014-04-19 16:00:43 +02:00
Marc Hoersken
9146f37973
parsedate.c: check sscanf result before passing it to strlen
2014-04-19 15:47:07 +02:00
Marc Hoersken
662fc62517
telnet.c: check sscanf results before passing them to snprintf
2014-04-19 15:23:04 +02:00
Marc Hoersken
f9ffbfce90
telnet.c: fix possible use of uninitialized variable
2014-04-19 15:18:19 +02:00
Marc Hoersken
aa0fbe3537
telnet.c: fix possible use of non-null-terminated strings
2014-04-19 14:26:02 +02:00
Marc Hoersken
c48b996cf2
url.c: fix possible use of non-null-terminated string with strlen
...
Follow up on b0e742544b
2014-04-19 14:25:32 +02:00
Marc Hoersken
89390f35f8
tool_writeout.c: initialize string pointer variable
2014-04-19 00:24:25 +02:00
Marc Hoersken
da900ca970
tool_formparse.c: fix possible use of non-null-terminated strings
2014-04-19 00:17:47 +02:00
Marc Hoersken
b0e742544b
url.c: fix possible use of non-null-terminated string with strlen
2014-04-19 00:17:21 +02:00
Marc Hoersken
7296fc9e7e
connect.c: fix multiple possible dereferences of null pointers
...
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
2014-04-18 23:56:54 +02:00
Marc Hoersken
3f74e149f8
tftp.c: fix possible dereference of null pointer
2014-04-18 23:53:48 +02:00
Marc Hoersken
667d133dab
tool_urlglob.c: added some comments to clarify for loop conditions
...
I was tempted to change those to >= 0 until I saw that this is
actually a for loop that terminates once i underflows.
2014-04-18 23:28:26 +02:00
Marc Hoersken
e81bdab13e
socks_sspi.c: added pointer guards to FreeContextBuffer calls
...
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
2014-04-18 23:24:41 +02:00
Marc Hoersken
54df616729
md5.c: fix use of uninitialized variable
2014-04-18 22:59:25 +02:00
Marc Hoersken
6f72c2fe31
curl_schannel.c: added explicit cast of structure pointers
2014-04-18 22:38:42 +02:00
Marc Hoersken
a703914e60
curl_schannel.c: fix possible dereference of null pointer
2014-04-18 22:36:12 +02:00
Steve Holme
0115ec2f13
RELEASE-NOTES: Synced with 33e0cba8f1
2014-04-18 20:35:01 +01:00
Steve Holme
33e0cba8f1
curl_easy_setopt: Updated CURLOPT_URL to include IMAP PARTIAL FETCH example
2014-04-18 20:23:45 +01:00
Steve Holme
d7ed8da43e
imap: Extended FETCH support to include PARTIAL URL specifier
2014-04-18 20:14:09 +01:00
Steve Holme
e2c14bde22
url.c: Fixed typo in comment
2014-04-18 17:51:26 +01:00
Steve Holme
0d4af92aeb
curl_easy_setopt: Updated CURLOPT_URL to include IMAP query string examples
2014-04-18 17:51:24 +01:00
Steve Holme
4c8c3da6e2
test810: Updated to use new IMAP URL query string functionality
2014-04-18 16:51:50 +01:00
Steve Holme
84c0aabe65
imap: Expanded mailbox SEARCH support to use URL query strings
2014-04-18 16:51:48 +01:00
Steve Holme
ca63d4feba
imap: Added support for parsing URL query strings
...
Added support for parsing query strings from the URL as defined by
RFC-5092.
2014-04-18 16:43:57 +01:00
Steve Holme
f804378d16
imap: Introduced the SEARCH state
2014-04-18 15:32:13 +01:00
Steve Holme
2c6b41e98a
imap: Fixed untagged response detection when no data after command
...
Should a command return untagged responses that contained no data then
the imap_matchresp() function would not detect them as valid responses,
as it wasn't taking the CRLF characters into account at the end of each
line.
2014-04-18 15:01:57 +01:00
Steve Holme
0160cb2e19
build: Added Visual Studio 2012 (VC11) project files
...
Carrying on from commit 11025613b9
added VC11 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-18 10:28:11 +01:00
Steve Holme
cd1f746b86
build: Corrected Visual Studio solutions for DLL Release x64
2014-04-17 21:04:19 +01:00
Daniel Stenberg
b166117c60
README.http2: mention some alt-svc thoughts
2014-04-17 19:23:39 +02:00
Steve Holme
5a23aeb00d
Makefile.am: Missed separator in commit fbaa2f8660
2014-04-16 23:50:17 +01:00
Steve Holme
fbaa2f8660
build: Added Visual Studio 2010 (VC10) project files
...
Carrying on from commit 11025613b9
added VC10 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-16 21:24:33 +01:00
Dan Fandrich
263ed02da6
url: only use if_nametoindex() if IFNAMSIZ is available
2014-04-14 08:02:06 +02:00
Dan Fandrich
b2e9c17a19
symbian: fixed typo in comment
2014-04-09 22:12:47 +02:00
Steve Holme
78e3844a4a
build: Added Visual Studio 2008 (VC9) project files
...
Carrying on from commit 11025613b9
, added VC9 project files which are
capable of supporting side-by-side compilation, 32-bit and 64-bit
builds as well as support for some of the third-party libraries curl
uses.
2014-04-09 00:20:44 +01:00
Steve Holme
b574e83079
sas: Added DIGEST-MD5 qop-option validation in native challange handling
...
Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.
2014-04-08 21:24:34 +01:00
Daniel Stenberg
a700f9002c
dist: include the projects/ files in releases
...
... the recent MSVC project files added by Steve Holme
2014-04-08 10:17:03 +02:00
Daniel Stenberg
73b7a03c3f
strerror: fix comment about vxworks' strerror_r buffer size
...
Bug: http://curl.haxx.se/mail/lib-2014-04/0063.html
Reported-by: Jeroen Koekkoek
2014-04-06 23:13:08 +02:00
Steve Holme
64381f5091
sasl: Added forward declaration of structures following recent changes
...
To avoid urldata.h being included from the header file or that the
source file has the correct include order as highlighted by one of
the auto builds recently.
2014-04-06 17:20:08 +01:00
Steve Holme
28d005cc9b
RELEASE-NOTES: Synced with 5cdb61abb2
2014-04-06 16:57:37 +01:00
Steve Holme
5cdb61abb2
tests: Disabled DIGEST-MD5 tests when running with SSPI enabled
2014-04-06 16:32:59 +01:00
Steve Holme
537b571c90
sasl: Fixed compilation warning
...
warning: no previous prototype for 'Curl_sasl_create_digest_md5_message'
2014-04-06 16:32:28 +01:00
Steve Holme
fe15ea67cc
sasl: Added curl_memory.h include as per test 1132
2014-04-06 16:09:19 +01:00
Steve Holme
2af28a147b
sasl: Fixed compilation warning in SSPI builds
...
warning: 'sasl_digest_get_key_value' defined but not used
2014-04-06 16:01:55 +01:00
Steve Holme
f700eb7d9a
sasl: Corrected missing free of decoded challenge message from 607883f13c
2014-04-06 14:18:31 +01:00
Steve Holme
175b605331
sasl: Corrected add of Curl_sasl_decode_digest_md5_message() from 2c49e96092
2014-04-06 14:02:10 +01:00
Steve Holme
ee40136f6c
sasl: Post DIGEST-MD5 SSPI code tidy up
...
* Added comments to SSPI NTLM message generation
* Added comments to native DIGEST-MD5 code
* Removed redundant identity pointer
2014-04-06 13:30:52 +01:00
Steve Holme
19a514237d
sasl: Corrected pre-processor inclusion of SSPI based DIGEST-MD5 code
...
When CURL_DISABLE_CRYPTO_AUTH is defined the DIGEST-MD5 code should not
be included, regardless of whether USE__WINDOWS_SSPI is defined or not.
This is indicated by the definition of USE_HTTP_NEGOTIATE and USE_NTLM
in curl_setup.h.
2014-04-06 13:01:14 +01:00
Steve Holme
607883f13c
sasl: Added support for DIGEST-MD5 via Windows SSPI
2014-04-06 12:49:32 +01:00