1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 08:38:49 -05:00
Commit Graph

68 Commits

Author SHA1 Message Date
Steve Holme
c92c30edbd base64: Extended validation to look for invalid characters
Extended the basic validation in commit e17c1b25bc to return a
failure when invalid base64 characters are included.
2013-12-01 11:12:23 +00:00
Steve Holme
e17c1b25bc base64: Added basic validation to base64 input string when decoding
A base64 string should be a multiple of 4 characters in length, not
contain any more than 2 padding characters and only contain padding
characters at the end of string. For example: Y3VybA==

Strings such as the following are considered invalid:

Y=   - Invalid length
Y==  - Invalid length
Y=== - More than two padding characters
Y=x= - Padding character contained within string
2013-10-30 07:31:22 +00:00
Daniel Stenberg
d737aa19c8 unit1304: include memdebug and free everything correctly 2013-08-29 12:50:15 +02:00
Jonathan Nieder
36585b5395 netrc: handle longer username and password
libcurl truncates usernames and passwords it reads from .netrc to
LOGINSIZE and PASSWORDSIZE (64) characters without any indication to
the user, to ensure the values returned from Curl_parsenetrc fit in a
caller-provided buffer.

Fix the interface by passing back dynamically allocated buffers
allocated to fit the user's input.  The parser still relies on a
256-character buffer to read each line, though.

So now you can include an ~246-character password in your .netrc,
instead of the previous limit of 63 characters.

Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Daniel Stenberg
7877619f85 dotdot: introducing dot file path cleanup
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
2013-06-22 14:15:07 +02:00
Daniel Stenberg
0de7249bb3 unit1396: unit tests to verify curl_easy_(un)escape 2013-06-22 11:21:35 +02:00
Daniel Stenberg
8dac7be438 build: fixed unit1394 for debug and metlink builds 2013-05-06 23:28:04 +02:00
Kamil Dudka
bcf1b9dec1 unit1394.c: plug the curl tool unit test in 2013-05-06 15:03:13 +02:00
Jared Jennings
b045d079f8 unit1394.c: basis of a unit test for parse_cert_parameter() 2013-05-06 15:03:13 +02:00
Kamil Dudka
683f2b8323 src/Makefile.am: build static lib for unit tests if enabled 2013-05-06 15:03:12 +02:00
Yang Tse
8ce915c7a4 unit1330.c: fix date 2013-03-15 20:05:03 +01:00
Yang Tse
1700668d78 tests: add #96 #558 and #1330
These verfy that the 'memory tracking' subsystem is actually doing its
job when using curl tool (#96), a test in libtest (#558) and also a unit
test (#1330), in order to prevent regressions in this functionallity.
2013-03-15 19:59:51 +01:00
Yang Tse
83a42ee20e curl.h: stricter CURL_EXTERN linkage decorations logic
No API change involved.

Info: http://curl.haxx.se/mail/lib-2013-02/0234.html
2013-03-12 00:27:47 +01:00
Yang Tse
63605d281f Makefile.inc: fix $(top_srcdir) not allowed in _SOURCES variables 2013-01-20 04:20:02 +01:00
Yang Tse
4b401b2d99 build: use per-target '_CPPFLAGS' for those currently using default
Automake documents that doing this will make it choose a different name
for intermediate object files even when sharing source files across
targets of same Makefile.am.

Up to automake 1.13.1 target's intermediate object files were placed
in the build subdirectory of the target. We depended on this, probably
undocumented behavior, to achieve same behavior as if a per-target flag
had been specified when building targets that actually belong to
different Makefile.am files.

It seems automake 1.13.2 is going to break behavior mentioned above.

So, lets use a documented behavior in order to achieve same purpose,
across automake versions, no matter where automake wishes to place
intermediate object files.

Our build targets that already were using a per-target '_CFLAGS' or
'_CPPFLAGS' need no 'fixing', these were already 'fixed'. The only
Makefile.am or Makefile.in files in libcurl's source tree touched by
this 'fix' are tests/libtest/Makefile.inc and tests/unit/Makefile.inc.
2013-01-15 16:31:50 +01:00
Yang Tse
5a053ffe80 build: fix circular header inclusion with other packages
This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.

Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]

Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]

----------------------------------------

1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
    up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
    this single inclusion guard is enough to ensure that inclusion of
    lib/setup_once.h done from lib/setup.h is only done once.

    Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
    protect inclusion of setup_once.h even after commit ec691ca3, this
    was to avoid a circular header inclusion triggered when building a
    c-ares enabled version with c-ares sources available which also has
    a setup_once.h header. Commit ec691ca3 exposes the real nature of
    __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
    foreign to libcurl belonging to c-ares's setup_once.h

    The renaming this commit does, fixes the circular header inclusion,
    and as such removes the need and usage of a header inclusion guard
    foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.

2 - Due to the circular interdependency of old lib/setup_once.h and the
    c-ares setup_once.h header, old file lib/setup_once.h has carried
    back from 2006 up to now days an alarming and prominent notice about
    the need of keeping libcurl's and c-ares's setup_once.h in sync.

    Given that this commit fixes the circular interdependency, the need
    and presence of mentioned notice is removed.

    All mentioned interdependencies come back from now old days when
    the c-ares project lived inside a curl subdirectory. This commit
    removes last traces of such fact.
2013-01-09 00:49:50 +01:00
Yang Tse
4a5aa6682d Revert changes relative to lib/*.[ch] recent renaming
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

  f871de0... build: make use of 76 lib/*.h renamed files
  ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

  c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

  13606bb... build: make use of 93 lib/*.c renamed files
  5b6e792... build: rename 93 lib/*.c files
  7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

  http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

  http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

  http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

  lib/curl_imap.h
  lib/curl_smtp.h
2013-01-06 18:20:27 +01:00
Yang Tse
f871de0064 build: make use of 76 lib/*.h renamed files
76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.
2012-12-28 19:37:11 +01:00
Yang Tse
b908376bef build: explain current role of LIBS in our Makefile.am files
BLANK_AT_MAKETIME may be used in our Makefile.am files to blank
LIBS variable used in generated makefile at makefile processing
time. Doing this functionally prevents LIBS from being used for
all link targets in given makefile.
2012-12-04 23:32:05 +01:00
Dave Reisner
550e403f00 uniformly use AM_CPPFLAGS, avoid deprecated INCLUDES
Since automake 1.12.4, the warnings are issued on running automake:

  warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')

Avoid INCLUDES and roll these flags into AM_CPPFLAGS.

Compile tested on:
  Ubuntu 10.04 (automake 1:1.11.1-1)
  Ubuntu 12.04 (automake 1:1.11.3-1ubuntu2)
  Arch Linux (automake 1.12.4)
2012-11-06 00:32:21 +01:00
Yang Tse
21423497ef configure: Windows cross-compilation fixes
BUILDING_LIBCURL and CURL_STATICLIB are no longer defined in curl_config.h,
configure will generate appropriate conditionals so that mentioned symbols
get defined and used in Makefiles at compilation time
2012-04-09 21:24:16 +02:00
Yang Tse
ed0364343d removed trailing whitespace 2011-12-30 03:36:18 +01:00
Yang Tse
eb44ac0138 test suite: use test case specific netrc file names 2011-09-05 12:39:50 +02:00
Yang Tse
6b75d2c2df fix a bunch of MSVC compiler warnings 2011-09-03 16:07:09 +02:00
Yang Tse
fd00b382b2 base64: fix Curl_base64_encode and Curl_base64_decode interfaces
Previous interfaces for these libcurl internal functions did not allow to tell
apart a legitimate zero size result from an error condition. These functions
now return a CURLcode indicating function success or otherwise specific error.
Output size is returned using a pointer argument.

All usage of these two functions, and others closely related, has been adapted
to the new interfaces. Relative error and OOM handling adapted or added where
missing. Unit test 1302 also adapted.
2011-08-24 08:10:30 +02:00
Dan Fandrich
78480892cd Fixed test 1300 to pass the memory torture test 2011-06-24 12:33:30 -07:00
Amr Shahin
c9f16e67ef unitteset: Curl_llist_move
adding unit test for Curl_llist_move, documenting unit-tested functions
in llist.c, changing unit-test to unittest, replacing assert calls with
abort_unless calls
2011-06-19 22:22:49 +02:00
Daniel Stenberg
0aedccc18a curl_formget: fix FILE * leak
Properly deal with the fact that the last fread() call most probably is
a short read, and when using callbacks in fact all calls can be short
reads. No longer consider a file read done until it returns a 0 from the
read function.

Reported by: Aaron Orenstein
Bug: http://curl.haxx.se/mail/lib-2011-06/0048.html
2011-06-13 22:32:00 +02:00
Dan Fandrich
b688f2c260 Fixed test 1309 to pass the torture test
Removing dynamic allocations also simplifies the test.
2011-06-11 00:10:09 -07:00
Daniel Stenberg
c4dd8df081 splay: add unit tests
The test code that was #ifdef'ed in the code was converted into unit
tests in test case 1309. I also removed the #if 0'ed code from splay.c
2011-06-10 20:19:35 +02:00
Daniel Stenberg
36a22f9074 unit test formpost: added test case 1308
This is a few first rather basic tests of curl_formadd() and
curl_formget(). Should serve as building blocks to add more variations
to the test.
2011-06-10 12:03:29 +02:00
Yang Tse
2a31dde76c unit tests: attempt to fix linkage issue 2011-06-02 22:26:01 +02:00
Yang Tse
aa76dec33a unit tests: more build adjustments 2011-06-01 21:40:09 +02:00
Yang Tse
685359d4c3 makefile: avoid preprocessor definition usage when linking 2011-06-01 14:43:25 +02:00
Yang Tse
9f390a356e unit tests: build adjustment
Also define UNITTESTS macro when building unit test sources.

Fixing compiler warning: external definition with no prior declaration
2011-05-25 20:24:03 +02:00
Yang Tse
9b5343054a unit tests: README, adjust header inclusion order 2011-05-24 21:23:52 +02:00
Yang Tse
ec33742d1b compiler warning: fix
Fix compiler warning: external definition with no prior declaration
2011-05-24 17:35:08 +02:00
Yang Tse
8b849265d8 compiler warning: fix
Fix compiler warning: enumerated type mixed with another type
2011-05-21 14:39:42 +02:00
Yang Tse
02f3ff3b0a unit tests: adjust header inclusion order
Additionally, prevent multiple inclusions of curl_config.h
2011-05-21 13:22:11 +02:00
Julien Chaffraix
8702ebff74 unit1305: Fixed the test to match our coding style. 2011-03-20 08:03:25 -07:00
Daniel Stenberg
1aeb635cdd sources: update source headers
All C and H files now (should) feature the proper project curl source
code header, which includes basic info, a copyright statement and some
basic disclaimers.
2011-03-10 12:04:33 +01:00
Dan Fandrich
c60a6153be Moved test 577 into the unit test framework as test 1307 2011-03-04 15:56:40 -08:00
Dan Fandrich
80225b08cd Added unit test 1306 so tests 558 & 559 are now fully replaced 2011-03-04 15:13:12 -08:00
Dan Fandrich
bfc491a2d2 The unit test argument is allowed to be used 2011-03-04 15:11:21 -08:00
Dan Fandrich
fb199cd29d Converted tests 558 & 559 to use the unit test framework as 1305
Test 558 was just a subset of 559 which is something that can be
easily added later.
2011-03-04 14:32:58 -08:00
Dan Fandrich
a8aab6e7d4 Fixed test 1300 to pass the torture test 2011-03-04 13:54:04 -08:00
Dan Fandrich
32aedf1d3d Added abort_* unit test macros
These are for when a test failure makes it impossible to continue
running further tests.
2011-03-04 13:53:15 -08:00
Julien Chaffraix
311bd4c7b1 netrc: Enable setting up the filename in unit tests.
Unset the environment variable so that we can specify different
filenames in the unit test.
2011-02-10 07:38:48 -08:00
Julien Chaffraix
39d0d787d2 test1304: Added some unit tests for Curl_parsenetrc.
Moved some definitons into the header file so that we can reuse them.
2011-02-10 07:38:48 -08:00
Daniel Stenberg
08a77025c6 unit1300: code style cleanup 2011-02-02 13:35:55 +01:00