packages/curl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backport some patches from community

Browse Source 
(cherry picked from commit 8afd3b243da43e6602d4780fa0312fc72c31449d)
This commit is contained in:
sherlock2010 2024-01-03 08:12:47 +00:00 committed by openeuler-sync-bot
parent b61030f363
commit fd9fed8b41
17 changed files with 1074 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
backport-Curl_close-call-Curl_resolver_cancel-to-avoid-memory.patch Normal file
View File

@ -0,0 +1,30 @@
From 37dbbbb6c14bcbd696441e15b41cc3d1c74c486c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 15 Aug 2022 16:36:33 +0200
Subject: [PATCH] Curl_close: call Curl_resolver_cancel to avoid memory-leak
There might be a pending (c-ares) resolve that isn't free'd up yet.
Closes #9310
Conflict: NA
Reference: https://github.com/curl/curl/commit/37dbbbb6c14bcbd696441e15b41cc3d1c74c486c
---
lib/url.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/url.c b/lib/url.c
index 359e20a7c..44c1d3f37 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -440,6 +440,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
Curl_safefree(data->info.wouldredirect);
/* this destroys the channel and we cannot use it anymore after this */
+ Curl_resolver_cancel(data);
Curl_resolver_cleanup(data->state.async.resolver);
Curl_http2_cleanup_dependencies(data);
--
2.33.0

71
backport-curl_path-bring-back-support-for-SFTP-path-ending-in.patch Normal file
View File

@ -0,0 +1,71 @@
From 91b53efa4b6854dc3688f55bfb329b0cafcf5325 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 25 Apr 2023 13:06:01 +0200
Subject: [PATCH] curl_path: bring back support for SFTP path ending in /~
libcurl used to do a directory listing for this case (even though the
documentation says a URL needs to end in a slash for this), but
4e2b52b5f7a3 modified the behavior.
This change brings back a directory listing for SFTP paths that are
specified exactly as /~ in the URL.
Reported-by: Pavel Mayorov
Fixes #11001
Closes #11023
Conflict: NA
Reference: https://github.com/curl/curl/commit/91b53efa4b6854dc3688f55bfb329b0cafcf5325
---
lib/curl_path.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/lib/curl_path.c b/lib/curl_path.c
index 977e5336f..b4b48fe86 100644
--- a/lib/curl_path.c
+++ b/lib/curl_path.c
@@ -62,24 +62,27 @@ CURLcode Curl_getworkingpath(struct Curl_easy *data,
}
}
else if((data->conn->handler->protocol & CURLPROTO_SFTP) &&
- (working_path_len > 2) && !memcmp(working_path, "/~/", 3)) {
- size_t len;
- const char *p;
- int copyfrom = 3;
+ (!strcmp("/~", working_path) ||
+ ((working_path_len > 2) && !memcmp(working_path, "/~/", 3)))) {
if(Curl_dyn_add(&npath, homedir)) {
free(working_path);
return CURLE_OUT_OF_MEMORY;
}
- /* Copy a separating '/' if homedir does not end with one */
- len = Curl_dyn_len(&npath);
- p = Curl_dyn_ptr(&npath);
- if(len && (p[len-1] != '/'))
- copyfrom = 2;
-
- if(Curl_dyn_addn(&npath,
- &working_path[copyfrom], working_path_len - copyfrom)) {
- free(working_path);
- return CURLE_OUT_OF_MEMORY;
+ if(working_path_len > 2) {
+ size_t len;
+ const char *p;
+ int copyfrom = 3;
+ /* Copy a separating '/' if homedir does not end with one */
+ len = Curl_dyn_len(&npath);
+ p = Curl_dyn_ptr(&npath);
+ if(len && (p[len-1] != '/'))
+ copyfrom = 2;
+
+ if(Curl_dyn_addn(&npath,
+ &working_path[copyfrom], working_path_len - copyfrom)) {
+ free(working_path);
+ return CURLE_OUT_OF_MEMORY;
+ }
}
}
--
2.33.0

216
backport-digest-pass-over-leading-spaces-in-qop-values.patch Normal file
View File

@ -0,0 +1,216 @@
From 0ad7c8d7d599a7b63fb7117b2c59999b55c54c2d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 8 Aug 2022 00:30:58 +0200
Subject: [PATCH] digest: pass over leading spaces in qop values
When parsing the "qop=" parameter of the digest authentication, and the
value is provided within quotes, the list of values can have leading
white space which the parser previously did not handle correctly.
Add test case 388 to verify.
Reported-by: vlubart on github
Fixes #9264
Closes #9270
Conflict: context adapt for lib/vauth/digest.c and tests/data/Makefile.inc
Reference: https://github.com/curl/curl/commit/0ad7c8d7d599a7b63fb7117b2c59999b55c54c2d
---
lib/vauth/digest.c | 3 +
tests/data/Makefile.inc | 2 +-
tests/data/test388 | 156 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 160 insertions(+), 1 deletion(-)
create mode 100644 tests/data/test388
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index a04ffab..07b9d46 100644
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -557,6 +557,9 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
+ /* Pass additional spaces here */
+ while(*token && ISSPACE(*token))
+ token++;
if(strcasecompare(token, DIGEST_QOP_VALUE_STRING_AUTH)) {
foundAuth = TRUE;
}
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index 4ae1b8f..3c3a4cc 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -61,7 +61,7 @@ test334 test335 test336 test337 test338 test339 test340 test341 test342 \
test343 test344 test345 test346 test347 test348 test349 test350 test351 \
test352 test353 test354 test355 test356 test357 test358 test359 test360 \
test361 test362 test363 test364 test365 test366 \
-test387 \
+test387 test388 \
\
test392 test393 test394 test395 test396 test397 \
\
diff --git a/tests/data/test388 b/tests/data/test388
new file mode 100644
index 0000000..3a0214a
--- /dev/null
+++ b/tests/data/test388
@@ -0,0 +1,156 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP Digest auth
+</keywords>
+</info>
+
+# Server-side
+<reply>
+# First reply back and ask for Digest auth
+<data1>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data1>
+
+# second reply back
+<data2>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data2>
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+<data1001>
+HTTP/1.1 200 OK
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+</data1001>
+
+#
+# This is the second request, and this sends back a response saying that
+# the request contained stale data. We want an update. Set swsbounce to
+# bounce on to data1003 on the second request.
+<data1002>
+HTTP/1.1 401 Authorization re-negotiation please swsbounce
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+This is not the real page
+</data1002>
+
+# The second request to the 1002 section will bounce this one back instead
+# thanks to the swsbounce keyword up there
+<data1003>
+HTTP/1.1 200 OK
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 30
+
+This IS the second real page!
+</data1003>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+!SSPI
+crypto
+</features>
+ <name>
+HTTP with Digest and multiple qop values with leading space
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER0001 -u testuser:testpass --digest http://%HOSTIP:%HTTPPORT/%TESTNUMBER0002
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^Authorization.*cnonce
+</strip>
+<protocol>
+GET /%TESTNUMBER0001 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /%TESTNUMBER0001 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0001", response="ea598bbfdb5c54b7352c977e3885e44d"
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /%TESTNUMBER0002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /%TESTNUMBER0002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/%TESTNUMBER0002", response="921a8e6db782d6359db1f40d9ed7e6a6"
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /%TESTNUMBER0002 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/%TESTNUMBER0002", cnonce="MTA4MzIy", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5
+User-Agent: curl/%VERSION
+Accept: */*
+
+</protocol>
+<stdout>
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 23
+
+This IS the real page!
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 401 Authorization re-negotiation please swsbounce
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", algorithm=MD5, nonce="999999", stale=true, qop="crazy, auth"
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 26
+
+HTTP/1.1 200 OK
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+Content-Length: 30
+
+This IS the second real page!
+</stdout>
+</verify>
+</testcase>
--
2.33.0

31
backport-easy-fix-the-altsvc-init-for-curl_easy_duphandle.patch Normal file
View File

@ -0,0 +1,31 @@
From bbdeb4c6736a6e3923765197f0f4659f9d3b44c7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 29 Sep 2022 22:50:45 +0200
Subject: [PATCH] easy: fix the altsvc init for curl_easy_duphandle
It was using the old #ifdef which nothing sets anymore
Closes #9624
Conflict: NA
Reference: https://github.com/curl/curl/commit/bbdeb4c6736a6e3923765197f0f4659f9d3b44c7
---
lib/easy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/easy.c b/lib/easy.c
index 88159f474..93e8acc8d 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -944,7 +944,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data)
goto fail;
}
-#ifdef USE_ALTSVC
+#ifndef CURL_DISABLE_ALTSVC
if(data->asi) {
outcurl->asi = Curl_altsvc_init();
if(!outcurl->asi)
--
2.33.0

39
backport-ftp-support-growing-files-with-CURLOPT_IGNORE_CONTEN.patch Normal file
View File

@ -0,0 +1,39 @@
From 76b3f5f2cf0f091720413690c49f8d0ada5bfae5 Mon Sep 17 00:00:00 2001
From: fractal-access <116177727+fractal-access@users.noreply.github.com>
Date: Wed, 19 Oct 2022 14:37:44 +0100
Subject: [PATCH] ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH
When using the option CURLOPT_IGNORE_CONTENT_LENGTH (set.ignorecl in
code) to support growing files in FTP, the code should ignore the
initial size it gets from the server as this will not be the final size
of the file. This is done in ftp_state_quote() to prevent a size request
being issued in the initial sequence. However, in a later call to
ftp_state_get_resp() the code attempts to get the size of the content
again if it doesn't already have it, by parsing the response from the
RETR request. This fix prevents this parsing of the response to get the
size when the set.ignorecl option is set. This should maintain the size
value as -1, unknown, in this situation.
Closes #9772
Conflict: NA
Reference: https://github.com/curl/curl/commit/76b3f5f2cf0f091720413690c49f8d0ada5bfae5
---
lib/ftp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/ftp.c b/lib/ftp.c
index c6e31e1b6..c07bafe17 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -2448,6 +2448,7 @@ static CURLcode ftp_state_get_resp(struct Curl_easy *data,
if((instate != FTP_LIST) &&
!data->state.prefer_ascii &&
+ !data->set.ignorecl &&
(ftp->downloadsize < 1)) {
/*
* It seems directory listings either don't show the size or very
--
2.33.0

45
backport-http-fix-the-1-comparison-for-IPv6-localhost-for-coo.patch Normal file
View File

@ -0,0 +1,45 @@
From 565d0ca2b19682e41878e473d3895f89ba3412cf Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 20 Dec 2022 10:07:36 +0100
Subject: [PATCH] http: fix the ::1 comparison for IPv6 localhost for cookies
When checking if there is a "secure context", which it is if the
connection is to localhost even if the protocol is HTTP, the comparison
for ::1 was done incorrectly and included brackets.
Reported-by: BratSinot on github
Fixes #10120
Closes #10121
Conflict: context adapt
Reference: https://github.com/curl/curl/commit/565d0ca2b19682e41878e473d3895f89ba3412cf
---
lib/http.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/http.c b/lib/http.c
index 328dafa..1afbad0 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -2729,7 +2729,7 @@ CURLcode Curl_http_cookies(struct Curl_easy *data,
conn->handler->protocol&CURLPROTO_HTTPS ||
strcasecompare("localhost", host) ||
!strcmp(host, "127.0.0.1") ||
- !strcmp(host, "[::1]") ? TRUE : FALSE;
+ !strcmp(host, "::1") ? TRUE : FALSE;
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
co = Curl_cookie_getlist(data, data->cookies, host, data->state.up.path,
secure_context);
@@ -3604,7 +3604,7 @@ CURLcode Curl_http_header(struct Curl_easy *data, struct connectdata *conn,
conn->handler->protocol&CURLPROTO_HTTPS ||
strcasecompare("localhost", host) ||
!strcmp(host, "127.0.0.1") ||
- !strcmp(host, "[::1]") ? TRUE : FALSE;
+ !strcmp(host, "::1") ? TRUE : FALSE;
Curl_share_lock(data, CURL_LOCK_DATA_COOKIE,
CURL_LOCK_ACCESS_SINGLE);
--
2.33.0

33
backport-http-free-the-url-before-storing-a-new-copy.patch Normal file
View File

@ -0,0 +1,33 @@
From f7170a8f2ed4dc5a4cfb3ef3c002d218c4bcecad Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 9 May 2023 08:31:11 +0200
Subject: [PATCH] http: free the url before storing a new copy
To avoid a memory-leak.
Reported-by: Hiroki Kurosawa
Closes #11093
Conflict: NA
Reference: https://github.com/curl/curl/commit/f7170a8f2ed4dc5a4cfb3ef3c002d218c4bcecad
---
lib/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/http.c b/lib/http.c
index bffdd3468..15cf22c5e 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1010,7 +1010,7 @@ CURLcode Curl_http_input_auth(struct Curl_easy *data, bool proxy,
if(authp->picked == CURLAUTH_NEGOTIATE) {
CURLcode result = Curl_input_negotiate(data, conn, proxy, auth);
if(!result) {
- DEBUGASSERT(!data->req.newurl);
+ free(data->req.newurl);
data->req.newurl = strdup(data->state.url);
if(!data->req.newurl)
return CURLE_OUT_OF_MEMORY;
--
2.33.0

38
backport-libssh-if-sftp_init-fails-don-t-get-the-sftp-error-c.patch Normal file
View File

@ -0,0 +1,38 @@
From bdaa6dd5ba9ad63379c73b53fc639ea39df505c4 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 16 Oct 2022 12:58:55 +0200
Subject: [PATCH] libssh: if sftp_init fails, don't get the sftp error code
This flow extracted the wrong code (sftp code instead of ssh code), and
the code is sometimes (erroneously) returned as zero anyway, so skip
getting it and set a generic error.
Reported-by: David McLaughlin
Fixes #9737
Closes #9740
Conflict: NA
Reference: https://github.com/curl/curl/commit/bdaa6dd5ba9ad63379c73b53fc639ea39df505c4
---
lib/vssh/libssh.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 1afadbfa5..0105e4079 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -963,10 +963,9 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
rc = sftp_init(sshc->sftp_session);
if(rc != SSH_OK) {
- rc = sftp_get_error(sshc->sftp_session);
failf(data, "Failure initializing sftp session: %s",
ssh_get_error(sshc->ssh_session));
- MOVE_TO_ERROR_STATE(sftp_error_to_CURLE(rc));
+ MOVE_TO_ERROR_STATE(sftp_error_to_CURLE(SSH_FX_FAILURE));
break;
}
state(data, SSH_SFTP_REALPATH);
--
2.33.0

59
backport-multi-free-up-more-data-earleier-in-DONE.patch Normal file
View File

@ -0,0 +1,59 @@
From 81b2b577df40262716ff0e1c0e1cebabb99f012d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 15 Apr 2023 21:11:36 +0200
Subject: [PATCH] multi: free up more data earleier in DONE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Before checking for more users of the connection and possibly bailing
out.
Fixes #10971
Reported-by: Paweł Wegner
Closes #10972
Conflict: context adapt
Reference: https://github.com/curl/curl/commit/81b2b577df40262716ff0e1c0e1cebabb99f012d
---
lib/multi.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/lib/multi.c b/lib/multi.c
index b2b1d65a3..0be8d0c40 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -699,6 +699,15 @@ static CURLcode multi_done(struct Curl_easy *data,
process_pending_handles(data->multi); /* connection / multiplex */
+ Curl_safefree(data->state.ulbuf);
+
+ /* if the transfer was completed in a paused state there can be buffered
+ data left to free */
+ for(i = 0; i < data->state.tempcount; i++) {
+ Curl_dyn_free(&data->state.tempwrite[i].b);
+ }
+ data->state.tempcount = 0;
+
CONNCACHE_LOCK(data);
Curl_detach_connnection(data);
if(CONN_INUSE(conn)) {
@@ -717,14 +726,6 @@ static CURLcode multi_done(struct Curl_easy *data,
conn->dns_entry = NULL;
}
Curl_hostcache_prune(data);
- Curl_safefree(data->state.ulbuf);
-
- /* if the transfer was completed in a paused state there can be buffered
- data left to free */
- for(i = 0; i < data->state.tempcount; i++) {
- Curl_dyn_free(&data->state.tempwrite[i].b);
- }
- data->state.tempcount = 0;
/* if data->set.reuse_forbid is TRUE, it means the libcurl client has
forced us to close this connection. This is ignored for requests taking
--
2.33.0

124
backport-tool_operate-refuse-data-or-form-and-continue-at-com.patch Normal file
View File

@ -0,0 +1,124 @@
rom 39a33fcac0e4530ef0c60d3319504e078ea2f137 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 8 May 2023 00:14:33 +0200
Subject: [PATCH] tool_operate: refuse (--data or --form) and --continue-at
combo
libcurl assumes that a --continue-at resumption is done to continue an
upload using the read callback and neither --data nor --form use
that and thus won't do what the user wants. Whatever the user wants
with this strange combination.
Add test 426 to verify.
Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
Conflict: context adapt for tests/data/Makefile.inc
Reference: https://github.com/curl/curl/commit/39a33fcac0e4530ef0c60d3319504e078ea2f137
---
src/tool_operate.c | 27 +++++++++++++++++++--------
tests/data/Makefile.inc | 1 +
tests/data/test426 | 34 ++++++++++++++++++++++++++++++++++
3 files changed, 54 insertions(+), 8 deletions(-)
create mode 100644 tests/data/test426
diff --git a/src/tool_operate.c b/src/tool_operate.c
index a9f93ef..c97addc 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1310,19 +1310,30 @@ static CURLcode single_transfer(struct GlobalConfig *global,
switch(config->httpreq) {
case HTTPREQ_SIMPLEPOST:
- my_setopt_str(curl, CURLOPT_POSTFIELDS,
- config->postfields);
- my_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE,
- config->postfieldsize);
+ if(config->resume_from) {
+ errorf(global, "cannot mix --continue-at with --data\n");
+ result = CURLE_FAILED_INIT;
+ }
+ else {
+ my_setopt_str(curl, CURLOPT_POSTFIELDS,
+ config->postfields);
+ my_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE,
+ config->postfieldsize);
+ }
break;
case HTTPREQ_MIMEPOST:
/* free previous remainders */
curl_mime_free(config->mimepost);
config->mimepost = NULL;
- result = tool2curlmime(curl, config->mimeroot, &config->mimepost);
- if(result)
- break;
- my_setopt_mimepost(curl, CURLOPT_MIMEPOST, config->mimepost);
+ if(config->resume_from) {
+ errorf(global, "cannot mix --continue-at with --form\n");
+ result = CURLE_FAILED_INIT;
+ }
+ else {
+ result = tool2curlmime(curl, config->mimeroot, &config->mimepost);
+ if(!result)
+ my_setopt_mimepost(curl, CURLOPT_MIMEPOST, config->mimepost);
+ }
break;
default:
break;
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index d681f92..2d62a6b 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -68,6 +68,7 @@ test392 test393 test394 test395 test396 test397 \
test400 test401 test402 test403 test404 test405 test406 test407 test408 \
test409 test410 \
test418 \
+test426 \
test430 test431 test432 test433 test434 test435 test445 test446\
\
test442 test443 test444 \
diff --git a/tests/data/test426 b/tests/data/test426
new file mode 100644
index 0000000..34c80c6
--- /dev/null
+++ b/tests/data/test426
@@ -0,0 +1,34 @@
+<testcase>
+<info>
+<keywords>
+error detection
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+<name>
+try --data with --continue-at
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT/%TESTNUMBER -d foobar -C 3
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+2
+</errorcode>
+</verify>
+</testcase>
--
2.33.0

32
backport-tool_progress-avoid-division-by-zero-in-parallel-pro.patch Normal file
View File

@ -0,0 +1,32 @@
From 0defae2fe524230f8b818d406d19e56f360bcc54 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 2 Jul 2022 00:02:04 +0200
Subject: [PATCH] tool_progress: avoid division by zero in parallel progress
meter
Reported-by: Brian Carpenter
Fixes #9082
Closes #9083
Conflict: NA
Reference: https://github.com/curl/curl/commit/0defae2fe524230f8b818d406d19e56f360bcc54
---
src/tool_progress.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/tool_progress.c b/src/tool_progress.c
index da5317b92..46185c0d3 100644
--- a/src/tool_progress.c
+++ b/src/tool_progress.c
@@ -268,6 +268,8 @@ bool progress_meter(struct GlobalConfig *global,
dl = all_dlnow;
ul = all_ulnow;
}
+ if(!deltams) /* no division by zero please */
+ deltams++;
dls = (curl_off_t)((double)dl / ((double)deltams/1000.0));
uls = (curl_off_t)((double)ul / ((double)deltams/1000.0));
speed = dls > uls ? dls : uls;
--
2.33.0

42
backport-transfer-refuse-POSTFIELDS-RESUME_FROM-combo.patch Normal file
View File

@ -0,0 +1,42 @@
From fb7886b9c95009a837f584caf4943a455f3daa60 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 8 May 2023 00:12:25 +0200
Subject: [PATCH] transfer: refuse POSTFIELDS + RESUME_FROM combo
The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callback
libcurl will just misbehave.
This combo will make the transfer fail with CURLE_BAD_FUNCTION_ARGUMENT
with an explanation in the error message.
Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
Conflict: NA
Reference: https://github.com/curl/curl/commit/fb7886b9c95009a837f584caf4943a455f3daa60
---
lib/transfer.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/transfer.c b/lib/transfer.c
index 947070956..d2ff0c24c 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1325,6 +1325,12 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
}
}
+ if(data->set.postfields && data->set.set_resume_from) {
+ /* we can't */
+ failf(data, "cannot mix POSTFIELDS with RESUME_FROM");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
+
data->state.prefer_ascii = data->set.prefer_ascii;
data->state.list_only = data->set.list_only;
data->state.httpreq = data->set.method;
--
2.33.0

44
backport-url-fix-null-dispname-for-connect-to-option.patch Normal file
View File

@ -0,0 +1,44 @@
From ac5ad5214261a2237bdbe344708f9d32c9393fd6 Mon Sep 17 00:00:00 2001
From: Shohei Maeda <11495867+smaeda-ks@users.noreply.github.com>
Date: Fri, 12 May 2023 21:06:26 +0900
Subject: [PATCH] url: fix null dispname for --connect-to option
Closes #11106
Conflict: context adapt
Reference: https://github.com/curl/curl/commit/ac5ad5214261a2237bdbe344708f9d32c9393fd6
---
lib/url.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index 71ca1b64e..de70eee23 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1816,11 +1816,6 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
result = Curl_idnconvert_hostname(data, &conn->host);
if(result)
return result;
- if(conn->bits.conn_to_host) {
- result = Curl_idnconvert_hostname(data, &conn->conn_to_host);
- if(result)
- return result;
- }
#ifndef CURL_DISABLE_HSTS
/* HSTS upgrade */
@@ -3480,6 +3475,11 @@ static CURLcode create_conn(struct Curl_easy *data,
return result;
}
#endif
+ if(conn->bits.conn_to_host) {
+ result = Curl_idnconvert_hostname(data, &conn->conn_to_host);
+ if(result)
+ return result;
+ }
/*************************************************************
* Check whether the host and the "connect to host" are equal.
--
2.33.0

72
backport-url-move-back-the-IDN-conversion-of-proxy-names.patch Normal file
View File

@ -0,0 +1,72 @@
From 37ca6f0f9a0040b6dc2d5f108cebaa4f7f6abced Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 17 Nov 2022 23:55:26 +0100
Subject: [PATCH] url: move back the IDN conversion of proxy names
Regression: in commit 53bcf55 we moved the IDN conversion calls to
happen before the HSTS checks. But the HSTS checks are only done on the
server host name, not the proxy names. By moving the proxy name IDN
conversions, we accidentally broke the verbose output showing the proxy
name.
This change moves back the IDN conversions for the proxy names to the
place in the code path they were before 53bcf55.
Reported-by: Andy Stamp
Fixes #9937
Closes #9939
Conflict: NA
Reference: https://github.com/curl/curl/commit/37ca6f0f9a0040b6dc2d5f108cebaa4f7f6abced
---
lib/url.c | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
diff --git a/lib/url.c b/lib/url.c
index f2ad31742..78f01c442 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2060,18 +2060,6 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
if(result)
return result;
}
-#ifndef CURL_DISABLE_PROXY
- if(conn->bits.httpproxy) {
- result = Curl_idnconvert_hostname(data, &conn->http_proxy.host);
- if(result)
- return result;
- }
- if(conn->bits.socksproxy) {
- result = Curl_idnconvert_hostname(data, &conn->socks_proxy.host);
- if(result)
- return result;
- }
-#endif
#ifndef CURL_DISABLE_HSTS
/* HSTS upgrade */
@@ -3731,6 +3719,21 @@ static CURLcode create_conn(struct Curl_easy *data,
if(result)
goto out;
+ /*************************************************************
+ * IDN-convert the proxy hostnames
+ *************************************************************/
+#ifndef CURL_DISABLE_PROXY
+ if(conn->bits.httpproxy) {
+ result = Curl_idnconvert_hostname(data, &conn->http_proxy.host);
+ if(result)
+ return result;
+ }
+ if(conn->bits.socksproxy) {
+ result = Curl_idnconvert_hostname(data, &conn->socks_proxy.host);
+ if(result)
+ return result;
+ }
+#endif
/*************************************************************
* Check whether the host and the "connect to host" are equal.
--
2.33.0

116
backport-urlapi-make-sure-zoneid-is-also-duplicated-in-curl_u.patch Normal file
View File

@ -0,0 +1,116 @@
From 49e244318672c688097c1bf601a110005cd9a6a8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 31 Jul 2023 10:07:35 +0200
Subject: [PATCH] urlapi: make sure zoneid is also duplicated in curl_url_dup
Add several curl_url_dup() tests to the general lib1560 test.
Reported-by: Rutger Broekhoff
Bug: https://curl.se/mail/lib-2023-07/0047.html
Closes #11549
Conflict: tests/libtest/lib1560.c for context adapt
Reference: https://github.com/curl/curl/commit/49e244318672c688097c1bf601a110005cd9a6a8
---
lib/urlapi.c | 1 +
tests/libtest/lib1560.c | 68 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 69 insertions(+)
diff --git a/lib/urlapi.c b/lib/urlapi.c
index 7f03862..b676c4d 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -1096,6 +1096,7 @@ CURLU *curl_url_dup(CURLU *in)
DUP(u, in, path);
DUP(u, in, query);
DUP(u, in, fragment);
+ DUP(u, in, zoneid);
u->portnum = in->portnum;
}
return u;
diff --git a/tests/libtest/lib1560.c b/tests/libtest/lib1560.c
index b822004..960ee50 100644
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -1129,10 +1129,78 @@ static int scopeid(void)
return error;
}
+
+static int urldup(void)
+{
+ const char *url[] = {
+ "http://"
+ "user:pwd@"
+ "[2a04:4e42:e00::347%25eth0]"
+ ":80"
+ "/path"
+ "?query"
+ "#fraggie",
+ "https://example.com",
+ "https://user@example.com",
+ "https://user.pwd@example.com",
+ "https://user.pwd@example.com:1234",
+ "https://example.com:1234",
+ "example.com:1234",
+ "https://user.pwd@example.com:1234/path?query#frag",
+ NULL
+ };
+ CURLU *copy = NULL;
+ char *h_str = NULL, *copy_str = NULL;
+ CURLU *h = curl_url();
+ int i;
+
+ if(!h)
+ goto err;
+
+ for(i = 0; url[i]; i++) {
+ CURLUcode rc = curl_url_set(h, CURLUPART_URL, url[i],
+ CURLU_GUESS_SCHEME);
+ if(rc)
+ goto err;
+ copy = curl_url_dup(h);
+
+ rc = curl_url_get(h, CURLUPART_URL, &h_str, 0);
+ if(rc)
+ goto err;
+
+ rc = curl_url_get(copy, CURLUPART_URL, &copy_str, 0);
+ if(rc)
+ goto err;
+
+ if(strcmp(h_str, copy_str)) {
+ printf("Original: %s\nParsed: %s\nCopy: %s\n",
+ url[i], h_str, copy_str);
+ goto err;
+ }
+ curl_free(copy_str);
+ curl_free(h_str);
+ curl_url_cleanup(copy);
+ copy_str = NULL;
+ h_str = NULL;
+ copy = NULL;
+ }
+ curl_url_cleanup(h);
+ return 0;
+err:
+ curl_free(copy_str);
+ curl_free(h_str);
+ curl_url_cleanup(copy);
+ curl_url_cleanup(h);
+ return 1;
+}
+
int test(char *URL)
{
(void)URL; /* not used */
+ if(urldup())
+ return 11;
+
if(scopeid())
return 6;
--
2.33.0

44
backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch Normal file
View File

@ -0,0 +1,44 @@
From a4a5e438ae533c9af5e97457ae424c9189545105 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 12 Jun 2023 14:10:37 +0200
Subject: [PATCH] vtls: avoid memory leak if sha256 call fails
... in the pinned public key handling function.
Reported-by: lizhuang0630 on github
Fixes #11306
Closes #11307
Conflict: Curl_base64_encode function adapt
Reference: https://github.com/curl/curl/commit/a4a5e438ae533c9af5e97457ae424c9189545105
---
lib/vtls/vtls.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index a4ff7d61a..cdd3a4fdc 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -907,14 +907,12 @@ CURLcode Curl_pin_peer_pubkey(struct Curl_easy *data,
if(!sha256sumdigest)
return CURLE_OUT_OF_MEMORY;
encode = Curl_ssl->sha256sum(pubkey, pubkeylen,
- sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
+ sha256sumdigest, CURL_SHA256_DIGEST_LENGTH);
- if(encode != CURLE_OK)
- return encode;
-
- encode = Curl_base64_encode(data, (char *)sha256sumdigest,
- CURL_SHA256_DIGEST_LENGTH, &encoded,
- &encodedlen);
+ if(!encode)
+ encode = Curl_base64_encode(data, (char *)sha256sumdigest,
+ CURL_SHA256_DIGEST_LENGTH, &encoded,
+ &encodedlen);
Curl_safefree(sha256sumdigest);
if(encode)
--
2.33.0

39
curl.spec
View File

@ -6,7 +6,7 @@
Name: curl Name: curl
Version: 7.79.1 Version: 7.79.1
Release: 25 Release: 26
Summary: Curl is used in command lines or scripts to transfer data Summary: Curl is used in command lines or scripts to transfer data
License: MIT License: MIT
URL: https://curl.haxx.se/ URL: https://curl.haxx.se/
@ -78,6 +78,22 @@ Patch64: backport-CVE-2023-38546.patch
Patch65: backport-CVE-2023-46218.patch Patch65: backport-CVE-2023-46218.patch
Patch66: backport-0001-CVE-2023-46219.patch Patch66: backport-0001-CVE-2023-46219.patch
Patch67: backport-0002-CVE-2023-46219.patch Patch67: backport-0002-CVE-2023-46219.patch
Patch68: backport-tool_progress-avoid-division-by-zero-in-parallel-pro.patch
Patch69: backport-digest-pass-over-leading-spaces-in-qop-values.patch
Patch70: backport-Curl_close-call-Curl_resolver_cancel-to-avoid-memory.patch
Patch71: backport-easy-fix-the-altsvc-init-for-curl_easy_duphandle.patch
Patch72: backport-libssh-if-sftp_init-fails-don-t-get-the-sftp-error-c.patch
Patch73: backport-url-move-back-the-IDN-conversion-of-proxy-names.patch
Patch74: backport-ftp-support-growing-files-with-CURLOPT_IGNORE_CONTEN.patch
Patch75: backport-http-fix-the-1-comparison-for-IPv6-localhost-for-coo.patch
Patch76: backport-multi-free-up-more-data-earleier-in-DONE.patch
Patch77: backport-curl_path-bring-back-support-for-SFTP-path-ending-in.patch
Patch78: backport-transfer-refuse-POSTFIELDS-RESUME_FROM-combo.patch
Patch79: backport-tool_operate-refuse-data-or-form-and-continue-at-com.patch
Patch80: backport-http-free-the-url-before-storing-a-new-copy.patch
Patch81: backport-url-fix-null-dispname-for-connect-to-option.patch
Patch82: backport-vtls-avoid-memory-leak-if-sha256-call-fails.patch
Patch83: backport-urlapi-make-sure-zoneid-is-also-duplicated-in-curl_u.patch
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel
BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel
@ -246,6 +262,27 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Wed Jan 03 2024 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-26
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:tool_progress: avoid division by zero in parallel progress
digest: pass over leading spaces in qop values
Curl_close: call Curl_resolver_cancel to avoid memory-leak
easy: fix the altsvc init for curl_easy_duphandle
libssh: if sftp_init fails, don't get the sftp error code
url: move back the IDN conversion of proxy names
ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH
http: fix the ::1 comparison for IPv6 localhost for cookies
multi: free up more data earleier in DONE
curl_path: bring back support for SFTP path ending in /~
transfer: refuse POSTFIELDS + RESUME_FROM combo
tool_operate: refuse (--data or --form) and --continue-at
http: free the url before storing a new copy
url: fix null dispname for --connect-to option
vtls: avoid memory leak if sha256 call fails
urlapi: make sure zoneid is also duplicated in curl_url_dup
* Fri Dec 08 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-25 * Fri Dec 08 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-25
- Type:CVE - Type:CVE
- CVE:CVE-2023-46218 CVE-2023-46219 - CVE:CVE-2023-46218 CVE-2023-46219