Commit Graph

4062 Commits

Author SHA1 Message Date
Tim Rühsen
ce8ce5bfc0 * src/progress.c: Allow const names for set_progress_implementation. 2019-12-27 13:42:30 +01:00
Tim Rühsen
61b8078672 * src/progress.c (dot_draw): Avoid integer overflow 2019-12-27 13:42:01 +01:00
Tim Rühsen
03a8e59d85 * fuzz/README.md: Add --enable-assert to fuzzing build 2019-12-27 13:41:20 +01:00
Tim Rühsen
abe1ab1916 * src/progress.c (print_row_stats): Fix UB if eta < 0 2019-12-27 13:41:01 +01:00
Tim Rühsen
542524855a * src/progress.c (dot_update, dot_finish): Sanitize input 2019-12-27 13:40:52 +01:00
Tim Rühsen
f5d1dcf718 * src/retr.c (calc_rate): Fix division by 0 2019-12-27 13:40:33 +01:00
Tim Rühsen
1c1cba3a43 * src/retr.c (calc_rate): Add TB/s 2019-12-27 13:39:55 +01:00
Tim Rühsen
0179138fe5 * src/progress.c (create_image): Sanitize input param 'dl_total_time' 2019-12-27 13:39:50 +01:00
Tim Rühsen
ed135257b2 * fuzz/README.md: Update clang instructions 2019-12-27 13:39:11 +01:00
Lauri Nurmi
dd710bde96 Mark note to translators properly and elaborate its contents.
* src/progress.c (create_image): Likewise

The note was not even picked by xgettext to be included in the .pot,
so barely any translators even saw the note.
Also, this is one of the most cryptic messages to translate in wget,
unless the translator happens to guess where the string is used,
or looks at the source.

Copyright-paperwork-exempt: Yes
2019-12-26 19:02:36 +01:00
Lauri Nurmi
dc8bbdbb05 * src/main.c (print_help): Don't cut translatable string mid-sentence.
Complicates translating.

Copyright-paperwork-exempt: Yes
2019-12-26 19:00:11 +01:00
Tim Rühsen
777049389f * fuzz/wget_read_hunk_fuzzer.c: Use cast to fix C++ error 2019-11-24 16:33:34 +01:00
Tim Rühsen
96d74948a3 * src/Makefile.am: Add build_info.c to EXTRA_DIST 2019-11-21 12:16:28 +01:00
Tim Rühsen
b1f566719c * .gitlab-ci.yml: Skip tests on tarball build due to missing perl 2019-11-21 12:16:04 +01:00
Tim Rühsen
0751d053f5 * tests/WgetTests.pm: Support to set the wget executable for testing 2019-11-21 11:24:48 +01:00
Tim Rühsen
4cdda68752 * .gitlab-ci.yml: Add --with-ssl=no 2019-11-21 11:01:27 +01:00
Tim Rühsen
48f762a648 * .gitlab-ci.yml: Allow failure for Valgrind and Scan-Build CI runner 2019-11-21 10:56:10 +01:00
Tim Rühsen
feb52bfab7 * src/ftp.c (delelement): Make sure free'd pointer is set to NULL 2019-11-21 10:56:10 +01:00
Tim Rühsen
1656255767 * configure.ac: Remove -fno-sanitize-recover=integer
With this option on, several overflows from gnulib code (all
harmless and on purpose) would break our tests.
2019-11-21 10:56:10 +01:00
Tim Rühsen
2ba8da8f22 Replace XDIGIT_TO_NUM by _unhex() with proper unsigned handling
* src/wget.h: Replace XDIGIT_TO_NUM by _unhex()
* src/html-parse.c (decode_entity): Use _unhex()
* src/host.c (is_valid_ipv6_address): Use _unhex()
* src/url.c (url_unescape_1): Use unsigned char to avoid UB
* src/res.c (free_specs): Likewise

Code taken from Wget2. XDIGIT_TO_NUM had a signed issue, detected by
scan-build static anylyzer.
2019-11-21 10:56:10 +01:00
Tim Rühsen
a255d9f0c8 * src/connect.c (select_fd): Check for negative fd 2019-11-21 10:56:10 +01:00
Tim Rühsen
823a9c8e0d * .gitlab-ci.yml: Enable Windows executables for MinGW runner 2019-11-21 10:56:10 +01:00
Tim Rühsen
57ac97e6d8 * .gitlab-ci.yml: Add CI runners from Wget2 2019-11-21 10:56:10 +01:00
Tomas Hozza
bac6fbab6c testenv: enable running tests on different wget binary
* testenv/README: Document $WGET_PATH
* testenv/test/base_test.py: Use $WGET_PATH instead ../src/wget if set

Previously tests in testenv/ directory were run only on wget binary
which was built from sources in src/ directory. However as a
wget maintainer in a Linux distribution, I would like to be able to run
upstream tests on the wget binary distributed with the distribution.

This change enables one to define WGET_PATH environment variable
to a path to wget binary which should be used by tests.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2019-11-21 10:50:34 +01:00
Tim Rühsen
1e4262e98d * AUTHORS: Add Darshit Shah and Tim Rühsen as maintainers 2019-11-21 10:49:56 +01:00
Tim Rühsen
6f3baab02c * src/cookie.c: Fix cookie file header to be recognized by 'file' 2019-11-19 12:37:46 +01:00
Tim Rühsen
b4dba956ce * .mailmap: Allow mapping contributors for statistics 2019-11-19 12:37:46 +01:00
Darshit Shah
f3b25875ab * configure.ac: Ignore -Wchkp which is deprecated 2019-10-03 13:49:32 +02:00
Darshit Shah
cd21cb3812 Update gnulib
* gnulib: Pull submodule
* bootstrap: Update file from gnulib
2019-10-03 13:45:02 +02:00
Tim Rühsen
b3f86f90cc Revert "Add . to perl path for all perl tests"
This reverts commit 79be99aff4.

/usr/bin/env 8.28 and below doesn't know -S.
2019-05-30 12:06:01 +02:00
Darshit Shah
60dc09b507 Revert " Hi, Thank you again Darshit for your response. The RejectHeaderField rule rejects ANY header"
I accidentally commited this patch.

This reverts commit 4ce2f93600.
2019-05-30 11:19:46 +02:00
Darshit Shah
02c059a857 * .gitignore: Update gitignore file 2019-05-30 11:19:15 +02:00
sulfastor
4ce2f93600 Hi, Thank you again Darshit for your response. The RejectHeaderField rule rejects ANY header
of the header field while RejectHeader rejects ONLY the specified full header.
	Since we wanted to be sure a header field is not sent to the server we wrote this rule.

	* doc/wget.texi: Added --disable-header documentation.
        * fuzz/wget_options_fuzzer.dict: Update with --disable-header inputs.
        * src/http.c (disabled_header): Checks for disabled headers
	(request_set_header): Doesn't let header to be set if disabled
	(gethttp): frees disabled header to let overriding
        * src/init.c (cmd_dis_header), (check_user_disabled_header) added new option disabled_headers.
        * src/main.c: added new option --disable-header, added help description
        * src/options.h: added new option --disable-header
	* src/utils.h (vec_remove_header)
	* src/utils.c (vec_remove_header) removes all header instances from vector
        * testenv/Makefile.am: Added new test files
        * testenv/server/http/http_server.py: Added new rule RejectHeaderField
        * testenv/conf/reject_header_field.py: Added new rule RejectHeaderField
        * testenv/README: Added help description for new rule
        * testenv/Test-disable-default-headers.py: Test without using --header
        * testenv/Test-disable-headers-after.py: Test using --header before --disable-header
        * testenv/Test-disable-headers-before.py: Test using --header after --disable-header

Signed-off-by: sulfastor <torresmoisesa@gmail.com>, adham elkarn <adhamelkarn@hotmail.com>
2019-05-30 10:01:24 +02:00
Tim Rühsen
0cdbc715a9 * src/log.c (log_vprintf_internal): Don't log twice 2019-05-28 16:26:03 +02:00
AviSoomirtee
95a677c7f5 * src/openssl.c (ssl_init): post handshake auth for OpenSSL
Copyright-paperwork-exempt: Yes
2019-05-25 18:10:37 +02:00
Tim Rühsen
96f48bf412 * bootstrap.conf: Explicitly set source_base and test_base 2019-05-24 11:14:19 +02:00
Tim Rühsen
95de9cd97f * src/convert.c (convert_basename): Do not pass NULL to strrchr() 2019-05-07 17:06:04 +02:00
Tim Rühsen
fac8f8099d * src/url.c (append_uri_pathel): Check for possible NULL dereference 2019-05-07 17:05:55 +02:00
Tim Rühsen
7da620c7ce * fuzz/main.c: Fix paths for WIN32 2019-05-07 17:05:32 +02:00
Tim Rühsen
e3790ad2a3 * bootstrap.conf: Work around VPATH issue 2019-05-07 17:05:26 +02:00
Tim Rühsen
021458ddf2 * configure.ac: Update gettext version to 0.19.3 2019-05-07 17:05:10 +02:00
Tim Rühsen
64618a9852 * bootstrap.conf: Remove rsync as prerequisite
'./bootstrap --skip-po' won't need wget nor rsync
2019-05-07 17:05:05 +02:00
Tim Rühsen
c9fa9d599e * bootstrap.conf: Replace prerequisite xz by gzip 2019-05-07 17:04:56 +02:00
Tim Rühsen
64f6f6847e Add sanitizer flags for ./configure
* bootstrap.conf: Add 'warning' gnulib module
* configure.ac: Add --enable-fsanitize-* flags
* tests/Makefile.am: Add compiler flags for unit testing
2019-05-03 11:27:30 +02:00
Tim Rühsen
94e2dd5ecd Add --enable-manywarnings from wget2
* .gitignore: Exclude /lib/Makefile.am
* bootstrap.conf: Use --makefile-name=gnulib.mk with gnulib-tool
* configure.ac: Use wget_MANYWARNINGS()
* lib/Makefile.am: Define empty noinst_LIBRARIES and MAINTAINERCLEANFILES
* m4/wget_manywarnings.m4: New file from GNU Wget2
* src/Makefile.am: Use WARN_CFLAGS for AM_CFLAGS
2019-05-02 12:53:19 +02:00
Tim Rühsen
14dc0c6af0 Add CONTRIBUTING.md
* CONTRIBUTING.md: New file for contributors
* README: Mention CONTRIBUTING.md
2019-04-28 20:36:14 +02:00
Tim Rühsen
6edf7a30b6 * fuzz/*.in/*: Update corpora from OSS-fuzz 2019-04-26 14:47:17 +02:00
Tim Rühsen
c34e9a8c47 * fuzz/get_ossfuzz_corpora: Remove -f from unzip, mkdir *.in/ 2019-04-26 14:14:12 +02:00
Tim Rühsen
370b778db2 * .gitlab-ci.yml: Update Gitlab CI WORKDIR to /usr/local 2019-04-26 11:04:03 +02:00
Eneas U de Queiroz
14e3712b8c * src/openssl.c: fix ssl_init for openssl 1.1.1
ssl_init fails with openssl 1.1.1 when openssl.cnf is not found.
Redundant calls to intialization functions were removed as
OPENSSL_config takes care of them for openssl versions < 1.1.0.
For versions > 1.1.0, OPENSSL_init_ssl is preferred.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Copyright-paperwork-exempt: Yes
2019-04-26 10:33:49 +02:00