Commit Graph

53 Commits

Author SHA1 Message Date
Daniel Stenberg
75ca568fa1 URL sanitize: reject URLs containing bad data
Protocols (IMAP, POP3 and SMTP) that use the path part of a URL in a
decoded manner now use the new Curl_urldecode() function to reject URLs
with embedded control codes (anything that is or decodes to a byte value
less than 32).

URLs containing such codes could easily otherwise be used to do harm and
allow users to do unintended actions with otherwise innocent tools and
applications. Like for example using a URL like
pop3://pop3.example.com/1%0d%0aDELE%201 when the app wants a URL to get
a mail and instead this would delete one.

This flaw is considered a security vulnerability: CVE-2012-0036

Security advisory at: http://curl.haxx.se/docs/adv_20120124.html

Reported by: Dan Fandrich
2012-01-24 08:54:26 +01:00
Yang Tse
f1586cb477 stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.h 2011-07-26 17:23:27 +02:00
Yang Tse
30c9799f72 compiler warning: fix
Fix compiler warning: expression has no effect
2011-05-23 16:55:09 +02:00
Daniel Stenberg
b903186fa0 source cleanup: unify look, style and indent levels
By the use of a the new lib/checksrc.pl script that checks that our
basic source style rules are followed.
2011-04-27 09:09:35 +02:00
Daniel Stenberg
c828646f60 CURL_DOES_CONVERSIONS: cleanup
Massively reduce #ifdefs all over (23 #ifdef lines less so far)
Moved conversion-specific code to non-ascii.c
2011-04-20 00:50:07 +02:00
Daniel Stenberg
5df13c3173 curl_easy_escape: don't escape "unreserved" characters
According to RFC3986 section 2.3 the letters -, ., _ and ~ should not be
percent-encoded.

Reported by: Miguel Diaz
Bug: http://curl.haxx.se/mail/lib-2010-09/0227.html
2010-09-28 23:49:32 +02:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Yang Tse
5695c4db86 fix compiler warning 2010-02-24 00:03:06 +00:00
Daniel Stenberg
33ce0ec1f1 wrap long lines and do some indent policing 2010-01-22 23:21:39 +00:00
Yang Tse
33a3753c3f libcurl's memory.h renamed to curl_memory.h 2009-04-21 11:46:16 +00:00
Dan Fandrich
95456b8e78 Added const to some pointer variables 2008-10-08 01:17:51 +00:00
Dan Fandrich
c98ab69cc7 Factored out Curl_isalnum 2008-09-09 21:15:50 +00:00
Daniel Stenberg
cbd1a77ec2 if () => if()
while () => while()
and some other minor re-indentings
2007-11-07 09:21:35 +00:00
Daniel Stenberg
ec08e2f9f2 Alex Fishman reported a curl_easy_escape() problem that was made the
function do wrong on all input bytes that are >= 0x80 (decimal 128) due to a
signed / unsigned mistake in the code. I fixed it and added test case 543 to
verify.
2007-09-30 22:40:24 +00:00
Dan Fandrich
523767660c Fixed some minor mismatched types found by splint. 2007-08-26 05:53:26 +00:00
Daniel Stenberg
1926f4573d Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
non-ASCII systems.
2007-08-04 20:47:59 +00:00
Daniel Stenberg
44d84ac164 Avoid typecasting a signed char to an int when using is*() functions, as that
could very well cause a negate number get passed in and thus cause reading
outside of the array usually used for this purpose.

We avoid this by using the uppercase macro versions introduced just now that
does some extra crazy typecasts to avoid byte codes > 127 to cause negative
int values.
2006-10-17 21:32:56 +00:00
Daniel Stenberg
5a4b43848a First commit of David McCreedy's EBCDIC and TPF changes. 2006-04-07 21:50:47 +00:00
Daniel Stenberg
090b89cc76 Variable type cleanups to please the picky MIPSPro compiler. 2004-07-01 08:10:21 +00:00
Daniel Stenberg
cf10df6c68 include header for our printfs 2004-06-24 14:35:45 +00:00
Daniel Stenberg
feb2dd2835 Replaced all uses of sprintf() with the safer snprintf(). It is just a
precaution to prevent mistakes to lead to buffer overflows.
2004-06-24 11:54:11 +00:00
Daniel Stenberg
5bf02b16a0 curl_free() doesn't free(NULL) but just returns 2004-05-13 15:16:36 +00:00
Daniel Stenberg
c123676825 return NULL on out of memory 2004-05-12 13:04:30 +00:00
Daniel Stenberg
bbafb2eb27 curl_global_init_mem() allows the memory functions to be replaced.
memory.h is included everywhere for this.
2004-05-11 11:30:23 +00:00
Daniel Stenberg
a684c51c9b size_t/int/long fixes 2004-03-08 08:38:29 +00:00
Daniel Stenberg
4d17d6876e Dan Fandrich's cleanup patch to make pedantic compiler options cause less
warnings. Minor edits by me.
2004-01-29 13:56:45 +00:00
Daniel Stenberg
053f6c85ef updated year in the copyright string 2004-01-07 09:19:33 +00:00
Daniel Stenberg
2bd71d70ff use CURLDEBUG instead of MALLOCDEBUG 2003-06-26 06:50:32 +00:00
Daniel Stenberg
2356325592 David Balazic pointed out the lack of checks for a valid %XX code when
we unescape a string. We now check and decode only valid %XX strings.
2003-05-21 15:53:59 +00:00
Daniel Stenberg
a7c72b7abf removed the local variables for emacs and vim, use the new sample.emacs
way for emacs, and vim users should provide a similar non-polluting style
2003-01-29 10:14:20 +00:00
Daniel Stenberg
f26a338a54 copyright year update in the source header 2003-01-16 21:08:12 +00:00
Jean-Philippe Barette-LaPierre
6a7e53a7c7 fixed a very, very rare and very, very little memory leak 2003-01-08 02:27:47 +00:00
Daniel Stenberg
6883f0c49f Walter J. Mack added curl_free 2002-09-25 12:26:07 +00:00
Daniel Stenberg
ba4e69bebc updated source code boilerplate/header 2002-09-03 11:52:59 +00:00
Daniel Stenberg
2f8e7f56b3 ignore '+' in URLs, generate only %-codes 2002-06-26 07:15:31 +00:00
Daniel Stenberg
974f314f57 copyright string (year) update 2002-03-19 07:54:55 +00:00
Sterling Hughes
8e91d5de8e looks nicer and is better compatible with older vim versions 2001-10-11 09:32:19 +00:00
Sterling Hughes
6147879837 Added formatting sections for emacs and vim 2001-09-07 04:01:32 +00:00
Daniel Stenberg
08655d8d5d Georg Huettenegger's patch curl-7.8.1-pre5-patch-20010819 2001-08-21 13:18:07 +00:00
Daniel Stenberg
7b4b166718 added typecasts when converting from unsigned int to int 2001-08-14 08:20:17 +00:00
Daniel Stenberg
2827f5327a curl_escape() no longer attempts to detect already encoded stuff (in order
not to re-encode it).
2001-08-05 12:34:07 +00:00
Daniel Stenberg
84e71e1c50 Andrés García fixed curl_escape() 2001-04-07 18:35:28 +00:00
Daniel Stenberg
58085dbbf6 Jim Drash suggested and I made it not encode what looks like an already
encoded letter (in curl_escape)
2001-03-22 18:06:08 +00:00
Daniel Stenberg
f8d883355d the new escape/unescape function setup 2001-03-22 11:40:58 +00:00
Daniel Stenberg
0dc8c4d451 use unsigned int hex to receive the hex digit in, caused a warning with
-Wall and a new gcc
2001-03-09 15:11:39 +00:00
Daniel Stenberg
24dee483e9 dual-license fix 2001-01-03 09:29:33 +00:00
Daniel Stenberg
b734bc37eb curl_unescape() did not stop at the set length properly when %-codes were
used
2000-11-21 19:01:53 +00:00
Daniel Stenberg
0f8facb49b added memory debugging include file 2000-10-09 11:12:34 +00:00
Daniel Stenberg
60eab89f10 in unescape(), '+' is now only converted to space after the first '?' 2000-08-31 12:03:04 +00:00
Daniel Stenberg
1ef3600a07 haxx.nu => haxx.se 2000-06-20 15:31:26 +00:00