1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00
curl/tests/libtest
Tobias Stoeckmann 8829703b5a mprintf: Fix stack overflows
Stack overflows can occur with precisions for integers and floats.

Proof of concepts:
- curl_mprintf("%d, %.*1$d", 500, 1);
- curl_mprintf("%d, %+0500.*1$f", 500, 1);

Ideally, compile with -fsanitize=address which makes this undefined
behavior a bit more defined for debug purposes.

The format strings are valid. The overflows occur due to invalid
arguments. If these arguments are variables with contents controlled
by an attacker, the function's stack can be corrupted.

Also see CVE-2016-9586 which partially fixed the float aspect.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

Closes https://github.com/curl/curl/pull/5722
2020-07-27 03:43:00 -04:00
..
.checksrc source cleanup: remove all custom typedef structs 2020-05-15 08:54:42 +02:00
.gitignore libtest: Add chkdecimalpoint to .gitignore 2018-09-15 23:39:50 +02:00
chkdecimalpoint.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
chkhostname.c tests/libtest: follow our code style guidelines better 2016-04-03 11:57:34 +02:00
CMakeLists.txt CMake: do not build test programs by default 2020-05-12 08:50:07 +02:00
first.c cleanup: s/curl_debug/curl_dbg_debug in comments and docs 2019-08-08 16:01:00 +02:00
lib500.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib501.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib502.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib503.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib504.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib505.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib506.c cookies: using a share with cookies shouldn't enable the cookie engine 2019-09-28 18:10:43 +02:00
lib507.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib508.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib509.c url: alloc the download buffer at transfer start 2020-05-30 23:14:33 +02:00
lib510.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib511.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib512.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib513.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib514.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib515.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib516.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib517.c parsedate: support UT timezone 2018-03-19 19:22:42 +01:00
lib518.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib519.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib520.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib521.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib523.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib524.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib525.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib526.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib530.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib533.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib537.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib539.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib540.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib541.c copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
lib542.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib543.c test543: extended to verify zero length input 2020-06-25 00:00:35 +02:00
lib544.c checksrc: make sure sizeof() is used *with* parentheses 2018-05-21 23:21:47 +02:00
lib547.c terminology: call them null-terminated strings 2020-06-28 00:31:24 +02:00
lib549.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib552.c checksrc: make sure sizeof() is used *with* parentheses 2018-05-21 23:21:47 +02:00
lib553.c terminology: call them null-terminated strings 2020-06-28 00:31:24 +02:00
lib554.c mime: keep "text/plain" content type if user-specified. 2017-10-12 19:36:16 +01:00
lib555.c whitespace fixes 2018-09-23 22:24:02 +00:00
lib556.c tests: fix multiple may be used uninitialized warnings 2019-03-05 14:38:25 +01:00
lib557.c mprintf: Fix stack overflows 2020-07-27 03:43:00 -04:00
lib558.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib559.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib560.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib562.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib564.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib566.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib567.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib568.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib569.c copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
lib570.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib571.c copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
lib572.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib573.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib574.c libtest/lib574.c: use correct callback proto 2017-05-31 11:56:53 +02:00
lib575.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib576.c source cleanup: remove all custom typedef structs 2020-05-15 08:54:42 +02:00
lib578.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib579.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib582.c checksrc: enhance the ASTERISKSPACE and update code accordingly 2020-05-14 00:02:05 +02:00
lib583.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib586.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib589.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib590.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib591.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib597.c connection: never reuse CONNECT_ONLY conections 2019-02-19 22:50:02 +01:00
lib598.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib599.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib643.c mime: do not perform more than one read in a row 2020-03-07 23:26:00 +01:00
lib650.c curl-compilers: enable -Wbad-function-cast on GCC 2018-08-21 18:53:45 +02:00
lib651.c terminology: call them null-terminated strings 2020-06-28 00:31:24 +02:00
lib652.c mime: fix the binary encoder to handle large data properly 2020-03-07 23:26:15 +01:00
lib653.c test653: check reuse of easy handle after mime data change 2017-10-20 14:01:14 +01:00
lib654.c mime: do not perform more than one read in a row 2020-03-07 23:26:00 +01:00
lib655.c build: get CFLAGS (including -werror) used for examples and tests 2018-03-04 19:46:26 +01:00
lib658.c setopt: add CURLOPT_CURLU 2018-11-09 15:47:28 +01:00
lib659.c CURLU: fix NULL dereference when used over proxy 2019-03-04 16:24:08 +01:00
lib661.c copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
lib666.c mime: fix the binary encoder to handle large data properly 2020-03-07 23:26:15 +01:00
lib667.c mime: do not perform more than one read in a row 2020-03-07 23:26:00 +01:00
lib668.c mime: do not perform more than one read in a row 2020-03-07 23:26:00 +01:00
lib670.c lib670: use the same Win32 API check as all other lib tests 2020-04-05 18:25:03 +02:00
lib674.c transfer: fix memory-leak with CURLOPT_CURLU in a duped handle 2020-07-12 16:36:02 +02:00
lib1156.c source cleanup: remove all custom typedef structs 2020-05-15 08:54:42 +02:00
lib1500.c checksrc: code style: use 'char *name' style 2016-11-24 23:58:22 +01:00
lib1501.c code style: use spaces around pluses 2017-09-11 09:29:50 +02:00
lib1502.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib1506.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib1507.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1508.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1509.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1510.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib1511.c checksrc: code style: use 'char *name' style 2016-11-24 23:58:22 +01:00
lib1512.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib1513.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib1514.c test1539: do a HTTP 1.0 POST without a set size (fails) 2020-06-26 15:11:04 +02:00
lib1515.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1517.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib1518.c Curl_follow: extract the Location: header field unvalidated 2018-12-12 07:58:47 +01:00
lib1520.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1522.c copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
lib1523.c test1523: basic test of CURLOPT_LOW_SPEED_LIMIT 2019-06-18 22:34:05 +02:00
lib1525.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1526.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1527.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1528.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib1529.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
lib1530.c checksrc: warn for assignments within if() expressions 2016-12-14 01:29:44 +01:00
lib1531.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1532.c easy: Reset all statistical session info in curl_easy_reset 2016-09-20 01:14:01 -04:00
lib1533.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1534.c easy: Initialize info variables on easy init and duphandle 2016-11-05 23:06:28 -04:00
lib1535.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1536.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1537.c tests: fix multiple may be used uninitialized warnings 2019-03-05 14:38:25 +01:00
lib1538.c code style: use spaces around equals signs 2017-09-11 09:29:50 +02:00
lib1540.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1541.c build: fix Codacy warnings 2019-06-05 20:38:06 +02:00
lib1550.c tests: Make sure libtests call curl_global_cleanup() 2017-08-19 21:42:47 +02:00
lib1551.c tests: Make sure libtests call curl_global_cleanup() 2017-08-19 21:42:47 +02:00
lib1552.c multi_cleanup: call DONE on handles that never got that 2017-10-06 16:48:39 +02:00
lib1553.c pingpong: return error when trying to send without connection 2017-10-07 00:20:31 +02:00
lib1554.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
lib1555.c tests: fix multiple may be used uninitialized warnings 2019-03-05 14:38:25 +01:00
lib1556.c test1556: verify >16KB headers to the header callback 2018-02-16 22:54:50 +01:00
lib1557.c lib1557: fix mem-leak in OOM 2019-12-13 08:16:06 +01:00
lib1558.c test1558: verify CURLINFO_PROTOCOL on file:// transfer 2019-01-10 11:22:48 +01:00
lib1559.c lib1559: fix mem-leak in OOM 2019-12-13 08:16:24 +01:00
lib1560.c test1560: avoid possibly negative association in wording 2020-06-12 10:01:57 +02:00
lib1564.c lib1564: reduce number of mid-wait wakeup calls 2020-03-07 23:27:58 +01:00
lib1565.c multi: add curl_multi_wakeup() 2019-11-25 15:45:56 +01:00
lib1591.c lib1591: free memory properly on OOM, in the trailers callback 2019-12-15 18:19:01 +01:00
lib1592.c curl_multi_remove_handle() don't block terminating c-ares requests 2019-01-07 10:05:20 +01:00
lib1593.c http: allow overriding timecond with custom header 2019-07-14 16:17:15 +02:00
lib1594.c CURLINFO_RETRY_AFTER: parse the Retry-After header value 2019-08-07 14:45:39 +02:00
lib1900.c wording: avoid blacklist/whitelist stereotypes 2020-06-10 08:49:17 +02:00
lib1905.c build: fix Codacy warnings 2019-06-05 20:38:06 +02:00
lib1906.c tests: Run global cleanup at end of tests 2019-04-15 15:23:58 +02:00
lib1907.c url: normalize CURLINFO_EFFECTIVE_URL 2019-10-16 14:10:55 +02:00
lib1908.c altsvc: keep a copy of the file name to survive handle reset 2020-02-09 22:41:49 +01:00
lib1910.c tests: verify newline in username and password for HTTP 2020-06-25 09:57:19 +02:00
libauthretry.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
libntlmconnect.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
Makefile.am source cleanup: remove all custom typedef structs 2020-05-15 08:54:42 +02:00
Makefile.inc transfer: fix memory-leak with CURLOPT_CURLU in a duped handle 2020-07-12 16:36:02 +02:00
mk-lib1521.pl mk-lib1521: generate code for testing BLOB options as well 2020-05-29 09:22:50 +02:00
notexists.pl copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
sethostname.c copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
sethostname.h copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
stub_gssapi.c gssapi: fix deprecated header warnings 2019-02-14 08:38:43 +01:00
stub_gssapi.h copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
test307.pl copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
test610.pl copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
test613.pl test613.pl: make tests 613 and 614 work with OpenSSH for Windows 2020-05-06 19:33:20 +02:00
test1013.pl copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
test1022.pl copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
test.h build: fixed build for systems with select() in unistd.h 2020-03-31 10:59:06 +02:00
testtrace.c snprintf: renamed and we now only use msnprintf() 2018-11-23 08:26:51 +01:00
testtrace.h copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
testutil.c util: silence conversion warnings 2020-07-19 10:34:58 +02:00
testutil.h copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00