mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-15 06:40:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
3d6460edee
curl/lib
History
Daniel Stenberg 3d6460edee krb5: avoid realloc(0) 
If the requested size is zero, bail out with error instead of doing a
realloc() that would cause a double-free: realloc(0) acts as a free()
and then there's a second free in the cleanup path.

CVE-2016-8619

Bug: https://curl.haxx.se/docs/adv_20161102E.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
..
vauth sasl: Don't use GSSAPI authentication when domain name not specified 2016-08-21 11:56:23 +01:00
vtls mbedtls: stop using deprecated include file 2016-10-26 23:38:04 +02:00
.gitignore
amigaos.c s/cURL/curl 2016-10-18 13:59:54 +02:00
amigaos.h
arpa_telnet.h
asyn-ares.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
asyn-thread.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
asyn.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
base64.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
checksrc.pl checksrc: detect strtok() use 2016-09-07 10:41:57 +02:00
CMakeLists.txt CMake: Try to (un-)hide private library symbols 2016-09-10 00:35:38 +02:00
config-amigaos.h
config-dos.h
config-mac.h
config-os400.h
config-riscos.h
config-symbian.h
config-tpf.h
config-vxworks.h
config-win32.h
config-win32ce.h
conncache.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
conncache.h
connect.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
connect.h connect: fix #ifdefs for debug versions of conn/streamclose() macros 2016-08-30 23:38:06 +02:00
content_encoding.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
content_encoding.h
cookie.c cookies: getlist() now holds deep copies of all cookies 2016-10-31 08:46:35 +01:00
cookie.h cookies: getlist() now holds deep copies of all cookies 2016-10-31 08:46:35 +01:00
curl_addrinfo.c resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS 2016-06-07 20:39:05 +02:00
curl_addrinfo.h resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS 2016-06-07 20:39:05 +02:00
curl_base64.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
curl_config.h.cmake cmake: add nghttp2 support 2016-10-10 19:47:31 +02:00
curl_des.c
curl_des.h
curl_endian.c
curl_endian.h
curl_fnmatch.c
curl_fnmatch.h
curl_gethostname.c
curl_gethostname.h
curl_gssapi.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
curl_gssapi.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
curl_hmac.h
curl_ldap.h
curl_md4.h
curl_md5.h
curl_memory.h
curl_memrchr.c
curl_memrchr.h
curl_multibyte.c curl_multibyte: fix compiler error 2016-05-20 16:50:04 +02:00
curl_multibyte.h
curl_ntlm_core.c mbedtls: Added support for NTLM 2016-08-03 19:33:59 +01:00
curl_ntlm_core.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
curl_ntlm_wb.c
curl_ntlm_wb.h
curl_printf.h
curl_rtmp.c
curl_rtmp.h
curl_sasl.c sasl: Don't use GSSAPI authentication when domain name not specified 2016-08-21 11:56:23 +01:00
curl_sasl.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
curl_sec.h
curl_setup_once.h
curl_setup.h idn: switch to libidn2 use and IDNA2008 support 2016-10-31 08:46:35 +01:00
curl_sspi.c curl_sspi.c: Updated function description comments 2016-08-31 11:57:28 +01:00
curl_sspi.h
curl_threads.c
curl_threads.h
curlx.h
dict.c unescape: avoid integer overflow 2016-10-31 08:46:35 +01:00
dict.h
dotdot.c
dotdot.h
easy.c idn: switch to libidn2 use and IDNA2008 support 2016-10-31 08:46:35 +01:00
easyif.h typedefs: use the full structs in internal code... 2016-06-22 10:28:41 +02:00
escape.c unescape: avoid integer overflow 2016-10-31 08:46:35 +01:00
escape.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
file.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
file.h
fileinfo.c
fileinfo.h
firefox-db2pem.sh
formdata.c formpost: avoid silent snprintf() truncation 2016-10-08 13:00:45 +02:00
formdata.h formpost: avoid silent snprintf() truncation 2016-10-08 13:00:45 +02:00
ftp.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
ftp.h ftp: fix Curl_ftpsendf() 2016-10-08 15:13:46 +02:00
ftplistparser.c
ftplistparser.h
getenv.c win: Basic support for Universal Windows Platform apps 2016-08-21 13:56:22 +02:00
getinfo.c easy: Reset all statistical session info in curl_easy_reset 2016-09-20 01:14:01 -04:00
getinfo.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
gopher.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
gopher.h
hash.c
hash.h
hmac.c
hostasyn.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
hostcheck.c
hostcheck.h
hostip4.c
hostip6.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
hostip.c resolve: add error message when resolving using SIGALRM 2016-10-10 14:14:20 +02:00
hostip.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
hostsyn.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http2.c http2: debug ouput sent HTTP/2 request headers 2016-09-16 09:00:20 +02:00
http2.h http2: return EOF when done uploading without known size 2016-09-05 14:32:32 +02:00
http_chunks.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http_chunks.h
http_digest.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http_digest.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http_negotiate.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http_negotiate.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
http_ntlm.c
http_ntlm.h
http_proxy.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
http_proxy.h
http.c cookies: getlist() now holds deep copies of all cookies 2016-10-31 08:46:35 +01:00
http.h http2: handle closed streams when uploading 2016-08-28 17:59:34 +02:00
idn_win32.c
if2ip.c
if2ip.h
imap.c errors: new alias CURLE_WEIRD_SERVER_REPLY (8) 2016-09-07 21:24:27 -04:00
imap.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
inet_ntop.c
inet_ntop.h
inet_pton.c
inet_pton.h
krb5.c ftp: fix Curl_ftpsendf() 2016-10-08 15:13:46 +02:00
ldap.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
libcurl.def
libcurl.plist
libcurl.rc s/cURL/curl 2016-10-18 13:59:54 +02:00
libcurl.vers.in
llist.c
llist.h
Makefile.am
makefile.amiga
Makefile.b32
makefile.dj
Makefile.inc loadlibrary: Only load system DLLs from the system directory 2016-05-30 08:14:27 +02:00
Makefile.m32 makefile.m32: add crypt32 for winssl builds 2016-06-01 10:39:13 +02:00
Makefile.netware
Makefile.vc6 Makefile.vc: link with crypt32.lib for winssl builds 2016-06-22 11:08:47 +02:00
Makefile.vxworks
Makefile.Watcom
md4.c
md5.c win: Basic support for Universal Windows Platform apps 2016-08-21 13:56:22 +02:00
memdebug.c memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC 2016-05-30 11:43:04 +02:00
memdebug.h
mk-ca-bundle.pl mk-ca-bundle.vbs: Fix UTF-8 output 2016-10-30 01:01:29 -04:00
mk-ca-bundle.vbs mk-ca-bundle.vbs: Fix UTF-8 output 2016-10-30 01:01:29 -04:00
mprintf.c aprintf: detect wrap-around when growing allocation 2016-10-31 08:46:35 +01:00
multi.c multi: force connections to get closed in close_all_connections 2016-10-22 16:10:57 +02:00
multihandle.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
multiif.h multi: make Curl_expire() work with 0 ms timeouts 2016-08-04 00:26:01 +02:00
netrc.c
netrc.h
non-ascii.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
non-ascii.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
nonblock.c
nonblock.h
nwlib.c
nwos.c
objnames-test08.sh
objnames-test10.sh
objnames.inc
openldap.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
parsedate.c parsedate: handle cut off numbers better 2016-10-31 08:46:35 +01:00
parsedate.h
pingpong.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
pingpong.h
pipeline.c multi: make Curl_expire() work with 0 ms timeouts 2016-08-04 00:26:01 +02:00
pipeline.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
pop3.c errors: new alias CURLE_WEIRD_SERVER_REPLY (8) 2016-09-07 21:24:27 -04:00
pop3.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
progress.c speed caps: not based on average speeds anymore 2016-09-04 13:11:23 +02:00
progress.h speed caps: not based on average speeds anymore 2016-09-04 13:11:23 +02:00
rawstr.c
rawstr.h
rtsp.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
rtsp.h
security.c krb5: avoid realloc(0) 2016-10-31 08:46:35 +01:00
select.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
select.h select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
sendf.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
sendf.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
setup-os400.h
setup-vms.h
share.c typedefs: use the full structs in internal code... 2016-06-22 10:28:41 +02:00
share.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
sigpipe.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
slist.c
slist.h
smb.c smb: properly check incoming packet boundaries 2016-10-09 00:14:26 +02:00
smb.h
smtp.c errors: new alias CURLE_WEIRD_SERVER_REPLY (8) 2016-09-07 21:24:27 -04:00
smtp.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
sockaddr.h
socks_gssapi.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
socks_sspi.c library: Fix memory leaks found during static analysis 2016-07-14 02:52:56 -04:00
socks.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
socks.h
speedcheck.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
speedcheck.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
splay.c
splay.h
ssh.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
ssh.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
strdup.c memdup: use 'void *' as return and source type 2016-10-04 23:31:25 +02:00
strdup.h memdup: use 'void *' as return and source type 2016-10-04 23:31:25 +02:00
strequal.c
strequal.h
strerror.c idn: switch to libidn2 use and IDNA2008 support 2016-10-31 08:46:35 +01:00
strerror.h idn: switch to libidn2 use and IDNA2008 support 2016-10-31 08:46:35 +01:00
strtok.c
strtok.h
strtoofft.c
strtoofft.h
system_win32.c win: fix Universal Windows Platform build 2016-10-16 12:09:12 +02:00
system_win32.h win32: Introduced centralised verify windows version function 2016-06-04 21:24:09 +01:00
telnet.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
telnet.h
tftp.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
tftp.h
timeval.c
timeval.h
transfer.c select: switch to macros in uppercase 2016-10-18 11:05:45 +02:00
transfer.h speed caps: not based on average speeds anymore 2016-09-04 13:11:23 +02:00
url.c escape: avoid using curl_easy_unescape() internally 2016-10-31 08:46:35 +01:00
url.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
urldata.h vtls: only re-use session-ids using the same scheme 2016-10-13 11:24:16 +02:00
version.c idn: switch to libidn2 use and IDNA2008 support 2016-10-31 08:46:35 +01:00
warnless.c
warnless.h
wildcard.c
wildcard.h internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
x509asn1.c internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
x509asn1.h schannel: add CURLOPT_CERTINFO support 2016-06-01 08:50:01 +02:00