If the source line had square brackets before the match, the stripping
of the banned function left the original line intact, and repeated the
check on it forever. E.g. with banned function `open` in `lib518.c`:
```c
t518_testfd[0] = open(DEV_NULL, O_RDONLY);
```
Closes#18775
By introducing wrappers for them in the curlx namespace:
`curlx_fopen()`, `curlx_fdopen()`, `curlx_fclose()`.
The undefine/redefine/`(function)()` methods broke on systems
implementing these functions as macros. E.g. AIX 32-bit's `fopen()`.
Also:
- rename `lib/fopen.*` to `lib/curl_fopen.*` (for `Curl_fopen()`)
to make room for the newly added `curlx/fopen.h`.
- curlx: move file-related functions from `multibyte.c` to `fopen.c`.
- tests/server: stop using the curl-specific `fopen()` implementation
on Windows. Unicode isn't used by runtests, and it isn't critical to
run tests on longs path. It can be re-enabled if this becomes
necessary, or if the wrapper receives a feature that's critical for
test servers.
Reported-by: Andrew Kirillov
Bug: https://github.com/curl/curl/issues/18510#issuecomment-3274393640
Follow-up to bf7375ecc5#18503
Follow-up to 9863599d69#18502
Follow-up to 3bb5e58c10#17827Closes#18634
Turns out the signal handler on Windows still wasn't signal safe after
the previous round of fix. There is an `open()` call made from there,
and `open` happens to be unconditionally overridden via `curl_setup.h`
on Windows, to its local implementation (`curlx_win32_open()`), which
does memory allocations and potentially other things that are not signal
safe.
This is a temporary fix, till avoiding the override of system symbols
`open` and `stat` on Windows.
FTR this did not fix the CI 2304 errors, diskspace fail or job hangs due
to 0xC0000142 fork failure (it's rare all three occurs in the same run):
https://github.com/curl/curl/actions/runs/18110523584?pr=18774
Ref: #18634
Follow-up e95f509c66#16852Closes#18774
To avoid typos and non-existing options passed to `./configure` in CI
builds.
Also delete obsolete option `--enable-test-bundles` from Circle CI jobs.
Closes#18759
- GHA/checkdocs: rename `spellcheck` job to `pyspelling` to say
the exact tool used.
- GHA/checkdocs: restore a comment.
- GHA/linux: add `-B .` to a cmake configure to avoid warning, and
future breakage.
- autotools: use correct casing for `Schannel`.
- doh: update RFC URL.
- drop redundant parenthesis.
- fix indentation, whitespace.
Closes#18756
Add script to run all Perl sources through `perl -c` to ensure no
issues, and run this script via GHA/checksrc in CI.
Fallouts:
- fix two repeated declarations.
- move `shell_quote()` from `testutil.pm` to `pathhelp.pm`, to
avoid circular dependency in `globalconfig.pm`.
Closes#18745
When there is more than one user-supplied 'Connection: ' header, add
values that curl needs internally to the first one and emit all
subsequent ones thereafter.
Fixes#18662
Reported-by: Evgeny Grin (Karlson2k)
Closes#18686
Since it would indicate errors to the degree that continuing would just
risk hiding the earlier errors or make things weird.
Inspired by a report in Joshua's sarif data
Closes#18646
To avoid depending on Docker Hub, an Docker image and a GitHub Action.
Also to simplify running this check on a local machine.
Pending question if Dependabot and Mend/Renovate will automatically pick
up `requirements-docs.txt`.
Also:
- enable parallel spellchecking. (also to win back the time lost with
installing components directly from Debian and pip.)
- pin `pyspelling`.
- link to official `pyspelling` docs.
Closes#18736
In an attempt to make `brew install` commands initialize faster.
Often this command started with 20-50 seconds of delay before this
patch. This is an attempt to make it launch faster.
Cherry-picked from #18736
When OpenSSL reports SSL_ERROR_WANT_READ, set the io_need explicitly.
It should have already been set by the BIO, but be safe.
Reported in Joshua's sarif data
Closes#18733
When a transfer has a speed limit less than 4, the receive loop early
exits without receiving anything, causing a busy loop for that transfer.
Perform that check only after the first receive has been done.
Reported in Joshua's sarif data
Closes#18732
The comments on `cf_recv()` function were outdated and described
calling conventions that no longer are true.
Reported in Joshua's sarif data
Closes#18728
The result of setting the negotiated ALPN was not checked, leading
to reporting success when it should not have.
Reported in Joshua's sarif data
Closes#18727
The return code of SSL_get_stream_read_error_code() was not checked
in one location, but others. Make that consistent.
Reported in Joshua's sarif data
Closes#18725
Fail on errors from SSL_handle_events().
Force quit Caddy test instance that is left hanging longer with
openssl-quic tests for unknown reasons.
Reported in Joshua's sarif data
Closes#18720
Restructured the code in the following ways:
* add terminal states SUCCESS and FAILED
* split SOCK4 and SOCK5 states to be more clear
* use `bufq` for send/recv of SOCK messages
* reduce SOCKS4 states, more speaking names
* for most states, move code into static function
* reduce SOCKS5 states, more speaking names
* add helpers for traversing to FAILED state
* add helper to flush bufq
* add hepler to read minimum amount into bufq
Closes#18401
Improvements around HTTP Upgrade: and multiplex hanndling:
* add `Curl_conn_set_multiplex()` to set connection's multiplex
bit and trigger "connchanged" events
* call `Curl_conn_set_multiplex()` in filters' `CF_CTRL_CONN_INFO_UPDATE`
implementation where other connection properties are updated.
This prevents connection updates before the final filter chain
is chosen.
* rename enum `UPGR101_INIT` to `UPGR101_NONE`
* rename connection bit `asks_multiplex` to `upgrade_in_progress`
* trigger "connchanged" when `upgrade_in_progress` clears
* rename `WebSockets` to `WebSocket` as it is the common term
used in documentation
Closes#18227
A probably unnecessary precaution but since the field sizes are 16 bit in the
protocol this makes sure to fail if they would ever be larger as that would go
wrong.
Reported in Joshua's sarif data
Closes#18719
