Go to file
Daniel Stenberg 3d8731c8f5
ftp: avoid risk of reading uninitialized integers
If the received PASV response doesn't match the expected pattern, we
could end up reading uninitialized integers for IP address and port
number.

Issue pointed out by muse.dev
Closes #5972
2020-09-18 08:26:49 +02:00
.github github: remove the duplicate "Security vulnerability" entry 2020-09-17 15:22:11 +02:00
.muse CI: Add muse CI config 2020-08-04 09:52:52 +02:00
CMake content_encoding: add zstd decoding support 2020-07-12 18:11:37 +02:00
docs man pages: switch to https://example.com URLs 2020-09-17 16:28:18 +02:00
include tls: add CURLOPT_SSL_EC_CURVES and --curves 2020-08-30 17:24:04 +02:00
lib ftp: avoid risk of reading uninitialized integers 2020-09-18 08:26:49 +02:00
m4 lib: fix -Wassign-enum warnings 2020-09-08 13:53:02 +02:00
packages TLS naming: fix more Winssl and Darwinssl leftovers 2020-08-08 00:19:21 +02:00
plan9 copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
projects curl: use curlx_dynbuf for realloc when loading config files 2020-09-14 08:32:45 +02:00
scripts travis: use libressl v3.1.4 instead of master 2020-09-15 22:49:37 +02:00
src tool_help.h: update copyright year range 2020-09-16 23:08:20 +02:00
tests test3015: verify stdout "as text" 2020-09-15 22:51:08 +02:00
winbuild curl: use curlx_dynbuf for realloc when loading config files 2020-09-14 08:32:45 +02:00
.azure-pipelines.yml CI/azure: disable test 571 in the msys2 builds 2020-09-16 10:07:24 +02:00
.cirrus.yml cirrus-ci: upgrade 11-STABLE to 11.4 2020-07-11 02:42:54 -04:00
.dcignore .dcignore: ignore tests and docs directories 2020-06-27 00:07:37 +02:00
.dir-locals.el copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
.gitattributes .gitattributes: make tabs in indentation a visible error 2018-12-06 20:21:17 +01:00
.gitignore .gitignore: add directory containing the stats repo 2020-06-05 19:54:34 +02:00
.lgtm.yml copyright: fix out-of-date copyright ranges and missing headers 2020-03-24 15:05:59 +01:00
.mailmap mailmap: Nicolas Sterchele 2020-06-12 13:41:52 +02:00
.travis.yml travis: add a build using libressl (from git master) 2020-09-07 22:50:15 +02:00
acinclude.m4 build: fixed build for systems with select() in unistd.h 2020-03-31 10:59:06 +02:00
appveyor.yml AppVeyor: switch 64-bit Schannel Debug CMake builds to Unicode 2020-08-29 10:01:22 +02:00
buildconf buildconf: exec autoreconf to avoid additional process 2020-08-29 21:43:49 +02:00
buildconf.bat copyrights: update all copyright notices to 2019 on files changed this year 2019-11-02 23:15:56 +01:00
CHANGES CHANGES: spell fix, use correct path to script 2017-02-07 08:22:37 +01:00
CMakeLists.txt cmake: make HTTP_ONLY also disable MQTT 2020-09-07 14:30:47 +02:00
configure.ac mqtt: enable by default 2020-08-31 09:45:09 +02:00
COPYING COPYING: it's 2020! 2020-01-03 15:12:46 +01:00
curl-config.in curl-config: ignore REQUIRE_LIB_DEPS in --libs output 2020-08-14 10:22:28 +02:00
GIT-INFO
libcurl.pc.in libcurl.pc: Merge Libs.private into Libs for static-only builds 2020-05-12 08:53:12 +02:00
MacOSX-Framework TLS naming: fix more Winssl and Darwinssl leftovers 2020-08-08 00:19:21 +02:00
Makefile.am winbuild: convert the instruction text to README.md 2020-08-26 15:49:21 +02:00
Makefile.dist build: drop support for building with Watcom 2020-09-05 21:51:37 +02:00
maketgz maketgz: delete .bak files, fix indentation 2018-06-15 23:28:34 +00:00
README docs/LICENSE-MIXING: remove 2020-09-11 23:36:27 +02:00
README.md docs/LICENSE-MIXING: remove 2020-09-11 23:36:27 +02:00
RELEASE-NOTES RELEASE-NOTES: synced 2020-09-14 09:47:20 +02:00
SECURITY.md SECURITY.md: minor rephrase 2020-03-30 08:53:25 +02:00

curl logo

CII Best Practices Coverity passed Travis-CI Build Status AppVeyor Build Status Azure DevOps Build Status Cirrus Build Status Backers on Open Collective Sponsors on Open Collective Language Grade: C/C++ Codacy Badge Fuzzing Status

Curl is a command-line tool for transferring data specified with URL syntax. Find out how to use curl by reading the curl.1 man page or the MANUAL document. Find out how to install Curl by reading the INSTALL document.

libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl.3 man page to learn how!

You can find answers to the most frequent questions we get in the FAQ document.

Study the COPYING file for distribution terms.

Contact

If you have problems, questions, ideas or suggestions, please contact us by posting to a suitable mailing list.

All contributors to the project are listed in the THANKS document.

Website

Visit the curl website for the latest news and downloads.

Git

To download the very latest source from the Git server do this:

git clone https://github.com/curl/curl.git

(you'll get a directory named curl created, filled with the source code)

Security problems

Report suspected security problems via our HackerOne page and not in public!

Notice

Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms.

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]