Tim Rühsen
e5d0dda561
* src/http-ntlm.c (ntlm_output): Remove alloca
2020-02-12 17:05:01 +01:00
Tim Rühsen
17fad78290
* src/http-ntlm.c (mkhash): Replace alloca by fixed length array
2020-02-12 16:56:57 +01:00
Tim Rühsen
1ebd88063d
* src/http-ntlm.c (ntlm_input): Replace alloca by fixed length array
2020-02-12 16:44:59 +01:00
Tim Rühsen
c65c23cfc7
* src/gnutls.c (ssl_init): Replace alloca by fixed length arrays
2020-02-12 16:24:45 +01:00
Tim Rühsen
94b9332f50
* src/retr.c (fd_read_body): Fix signedness warnings
2020-02-12 16:14:40 +01:00
Tim Rühsen
fd75f5d986
* src/retr.c (rotate_backups): Replace alloca by fixed length arrays
2020-02-12 16:13:40 +01:00
Tim Rühsen
473db08580
* src/wget.h: Add inline to _unhex
2020-02-12 16:12:09 +01:00
Tim Rühsen
0bb97fecb7
* src/metalink.h: Include dirname.h, remove declaration of last_component
2020-02-12 16:10:58 +01:00
Tim Rühsen
5debe0a96f
* configure.ac: Add -Wno-undef -Wno-float-equal to gcc's WARN_CFLAGS
2020-02-12 16:09:57 +01:00
Tim Rühsen
8bc1d1447b
* src/convert.c (convert_links): Fix previous commit
2020-02-12 10:52:06 +01:00
Tim Rühsen
fe4ade75cf
* src/convert.c (convert_links): Add \n ( Fixes #57795 )
2020-02-12 09:57:27 +01:00
Ander Juaristi
928c54d27e
Do not overwrite restval if len is smaller
...
* src/http.c (http_loop): overwrite 'restval' only if 'len' is
greater than it. Else substract 'len' to 'restval'.
When retrying a request, only send a 'Range' header if the previous
request returned data.
2020-01-25 18:35:05 +01:00
Вячеслав Петрищев
33bc3aae51
Fix and cleanup progress bar code
...
*src/progress.c
(struct dot_progress) accumulated, rows: Type changed to wgint
(print_row_stats): Fix missing unit name 'T'
(dot_update): Add ability to reduce dot_draw runtime
(bar_update): Avoid integer overflow
2020-01-24 19:41:52 +01:00
Вячеслав Петрищев
d5dc68b1a9
* src/progress.c: Fix MINIMUM_SCREEN_WIDTH
2020-01-24 19:41:45 +01:00
Вячеслав Петрищев
68548acf0f
* src/progress.c (prepare_filename): Replace zero-width mbc (\xe2\x80\x8b, ...)
2020-01-24 19:41:36 +01:00
Вячеслав Петрищев
ec68da677f
Reenabling filename scrolling code in progress bar
...
* src/progress.c: Reenabling filename scrolling code
(bar_create): Reenabling file name scrolling.
(bar_create): Memory allocation, filename preparation.
(bar_finish): Filename memory deallocation.
(prepare_filename): New function, replaces unprintable chars.
2020-01-24 19:39:51 +01:00
Вячеслав Петрищев
f7a1e6cd7b
Fix multibyte handling in progress bar
...
* src/progress.c
(count_cols): Fix return value if invalid multibyte sequence was encountered
(bar_draw): Fix xrealoc size
2020-01-24 19:38:52 +01:00
Tim Rühsen
e2c0c2fbe5
* src/progress.c (print_row_stats): Fix two integer overflows
2020-01-10 13:56:39 +01:00
Tim Rühsen
bc7e82d3e9
* .gitlab-ci.yml: Fix path for llvm-symbolizer
2020-01-10 13:56:39 +01:00
Tim Rühsen
c1a46e9a3b
* fuzz/wget_progress_fuzzer.in/*: Add fuzzer corpora
2020-01-10 13:56:39 +01:00
Tim Rühsen
f27daa1c17
* src/retr.c (calc_rate): Remove unwanted assertions
2020-01-10 13:56:39 +01:00
Tim Rühsen
07eebd2a20
Fix buffer overflows in progress 'bar' code
...
* src/progress.c (progress_interactive_p): Sanitize input.
(progress_update): Likewise.
(bar_create): Use larger BUF_LEN.
(bar_create): Remove superfluous memset.
(bar_create): Fix filename layout.
(bar_create): Remove filename scrolling code, it caused many buffer
overflows later in bar_create.
(bar_create): Support TB/s download speed.
2020-01-10 13:56:39 +01:00
Tim Rühsen
34573bdf46
Add new fuzzer for the progress bar code
...
* Makefile.am: Add wget_progress_fuzzer.
* wget_progress_fuzzer.c: New file.
2020-01-10 13:56:39 +01:00
Darshit Shah
221f1ba3ef
Update copyright year to 2020
2020-01-10 12:56:08 +01:00
Darshit Shah
c7fdfe3d60
* cfg.mk: Set update-copyright to use intervals
2020-01-10 12:52:36 +01:00
Tim Rühsen
6bd74e33d6
Fix segfault in progress bar in certain locales
...
* src/progress.c (create_image): Protect memset from negative count
Reported-by: JunDong Xie
2019-12-27 13:43:22 +01:00
Tim Rühsen
042f2727bf
* src/progress.c (count_cols): Fix return value if USE_NLS_PROGRESS_BAR is undefined
...
Taking patch from #54126
Reported-by: Vyacheslav
Copyright-paperwork-exempt: Yes
2019-12-27 13:42:58 +01:00
Tim Rühsen
ce8ce5bfc0
* src/progress.c: Allow const names for set_progress_implementation.
2019-12-27 13:42:30 +01:00
Tim Rühsen
61b8078672
* src/progress.c (dot_draw): Avoid integer overflow
2019-12-27 13:42:01 +01:00
Tim Rühsen
03a8e59d85
* fuzz/README.md: Add --enable-assert to fuzzing build
2019-12-27 13:41:20 +01:00
Tim Rühsen
abe1ab1916
* src/progress.c (print_row_stats): Fix UB if eta < 0
2019-12-27 13:41:01 +01:00
Tim Rühsen
542524855a
* src/progress.c (dot_update, dot_finish): Sanitize input
2019-12-27 13:40:52 +01:00
Tim Rühsen
f5d1dcf718
* src/retr.c (calc_rate): Fix division by 0
2019-12-27 13:40:33 +01:00
Tim Rühsen
1c1cba3a43
* src/retr.c (calc_rate): Add TB/s
2019-12-27 13:39:55 +01:00
Tim Rühsen
0179138fe5
* src/progress.c (create_image): Sanitize input param 'dl_total_time'
2019-12-27 13:39:50 +01:00
Tim Rühsen
ed135257b2
* fuzz/README.md: Update clang instructions
2019-12-27 13:39:11 +01:00
Lauri Nurmi
dd710bde96
Mark note to translators properly and elaborate its contents.
...
* src/progress.c (create_image): Likewise
The note was not even picked by xgettext to be included in the .pot,
so barely any translators even saw the note.
Also, this is one of the most cryptic messages to translate in wget,
unless the translator happens to guess where the string is used,
or looks at the source.
Copyright-paperwork-exempt: Yes
2019-12-26 19:02:36 +01:00
Lauri Nurmi
dc8bbdbb05
* src/main.c (print_help): Don't cut translatable string mid-sentence.
...
Complicates translating.
Copyright-paperwork-exempt: Yes
2019-12-26 19:00:11 +01:00
Tim Rühsen
777049389f
* fuzz/wget_read_hunk_fuzzer.c: Use cast to fix C++ error
2019-11-24 16:33:34 +01:00
Tim Rühsen
96d74948a3
* src/Makefile.am: Add build_info.c to EXTRA_DIST
2019-11-21 12:16:28 +01:00
Tim Rühsen
b1f566719c
* .gitlab-ci.yml: Skip tests on tarball build due to missing perl
2019-11-21 12:16:04 +01:00
Tim Rühsen
0751d053f5
* tests/WgetTests.pm: Support to set the wget executable for testing
2019-11-21 11:24:48 +01:00
Tim Rühsen
4cdda68752
* .gitlab-ci.yml: Add --with-ssl=no
2019-11-21 11:01:27 +01:00
Tim Rühsen
48f762a648
* .gitlab-ci.yml: Allow failure for Valgrind and Scan-Build CI runner
2019-11-21 10:56:10 +01:00
Tim Rühsen
feb52bfab7
* src/ftp.c (delelement): Make sure free'd pointer is set to NULL
2019-11-21 10:56:10 +01:00
Tim Rühsen
1656255767
* configure.ac: Remove -fno-sanitize-recover=integer
...
With this option on, several overflows from gnulib code (all
harmless and on purpose) would break our tests.
2019-11-21 10:56:10 +01:00
Tim Rühsen
2ba8da8f22
Replace XDIGIT_TO_NUM by _unhex() with proper unsigned handling
...
* src/wget.h: Replace XDIGIT_TO_NUM by _unhex()
* src/html-parse.c (decode_entity): Use _unhex()
* src/host.c (is_valid_ipv6_address): Use _unhex()
* src/url.c (url_unescape_1): Use unsigned char to avoid UB
* src/res.c (free_specs): Likewise
Code taken from Wget2. XDIGIT_TO_NUM had a signed issue, detected by
scan-build static anylyzer.
2019-11-21 10:56:10 +01:00
Tim Rühsen
a255d9f0c8
* src/connect.c (select_fd): Check for negative fd
2019-11-21 10:56:10 +01:00
Tim Rühsen
823a9c8e0d
* .gitlab-ci.yml: Enable Windows executables for MinGW runner
2019-11-21 10:56:10 +01:00
Tim Rühsen
57ac97e6d8
* .gitlab-ci.yml: Add CI runners from Wget2
2019-11-21 10:56:10 +01:00