Tim Rühsen
3ae58dae13
Fix oss-fuzz issue with exit()
...
* src/wget.h: Define exit() as exit_wget()
* fuzz/wget_options_fuzzer.c: Implement exit_wget() and cleanup
2018-04-18 13:26:10 +02:00
Tim Rühsen
bb03572c2a
* fuzz/wget_options_fuzzer.c: Declare fopen_* as C functions
2018-04-17 23:35:42 +02:00
Tim Rühsen
66b416b6cd
Fix fopen/stdin issues with fuzzing
...
* fuzz/wget_options_fuzzer.c: Add fopen_wget() and fopen_wgetrc()
* src/utils.c: Use fopen_wgetrc() for config files,
don't read from stdin when fuzzing
* src/wget.h: Define fopen as fopen_wget when fuzzing,
define fopen_wgetrc as fopen when not fuzzing
2018-04-17 23:02:04 +02:00
Tim Rühsen
fdd86aada9
* configure.ac: AC_DEFINE FUZZING if --enable-fuzzing was given
2018-04-17 15:55:58 +02:00
Tim Rühsen
ce90ed78b6
* fuzz/wget_options_fuzzer.c: Write fuzzer crash reports
2018-04-17 12:41:34 +02:00
Tim Rühsen
3c4a6506a5
* src/log.c: Don't check_redirect_output() when fuzzing
2018-04-17 12:40:47 +02:00
Tim Rühsen
fbb4cd231e
* src/main.c (promt_for_password): Avoid getpass() when fuzzing
2018-04-17 12:15:18 +02:00
Tim Rühsen
3ceb6e5630
Fix double fclose() with -d while fuzzing
...
* src/ftp.c (ftp_loop_internal): Set warc_tmp to NULL after ffclose()
* src/init.c (cleanup): Set output_stream to NULL after fclose()
* src/log.c (log_close): Set global stream vars to NULL after closing
* src/recur.c (retrieve_tree): Set rejectedlog to NULL after closing
* src/warc.c (warc_close): Set stream vars to NULL after closing
2018-04-17 11:59:54 +02:00
Tim Rühsen
eaf167aaaa
* src/main.c (main): Don't background if TESTING
2018-04-17 11:50:36 +02:00
Tim Rühsen
7d5de64fc9
* src/init.c (initialize): Return error, don't exit()
2018-04-17 11:42:43 +02:00
Tim Rühsen
70042265be
* src/init.c (cmd_use_askpass): Return false on error
2018-04-16 23:04:53 +02:00
Tim Rühsen
64758655c4
* src/utils.c (compile_posix_regex): Hard-code string to regcomp
...
regcomp() may be too cpu + memory intensive for fuzzing.
See https://sourceware.org/glibc/wiki/Security%20Exceptions
2018-04-16 22:04:54 +02:00
Tim Rühsen
e737c4b10e
Fix 2 more memleaks
...
* src/init.c (initialize): Use global var for wgetrc filename
* src/iri.c (find_locale): Return strdup'ed locale string
* src/options.h (struct options): Add wgetrcfile
2018-04-16 22:02:11 +02:00
Tim Rühsen
05a8c064e9
* src/init.c (cleanup): Set output_stream to NULL after closing
2018-04-16 13:22:29 +02:00
Tim Rühsen
01002a168a
Fix homedir memory leaks
...
* src/hsts.c: Use opt.homedir
* src/init.c: Likewise
* src/main.c: Likewise
* src/netrc.c: Likewise
* src/options.h (struct options): Add homedir
2018-04-16 13:19:03 +02:00
Tim Rühsen
73fd57585c
* src/main.c (main): Free opt.encoding_remote properly
2018-04-16 12:21:52 +02:00
Tim Rühsen
7963260e76
* src/host.c (wait_ares): Free ptimer
2018-04-16 11:58:18 +02:00
Tim Rühsen
99a7039def
* src/init.c (cleanup): Free regex objects properly
2018-04-16 11:57:39 +02:00
Tim Rühsen
d7e3acb2cc
* src/init.c (cleanup): Never call cleanup() twice
2018-04-16 09:58:51 +02:00
Tim Rühsen
e0860dd1ff
* src/init.c (cmd_bytes_sum): Fix integer over- and underflow
2018-04-16 09:58:51 +02:00
Tim Rühsen
15ef79f808
* src/main.c (save_hsts): Free hsts_store after closing
2018-04-16 09:58:51 +02:00
Tim Rühsen
79385a29fd
Use strtol() instead of selfmade function
...
* src/init.c (cmd_number): Use strtol() instead of selfmade function
* bootstrap.conf: Add strtol gnulib module
2018-04-16 09:58:51 +02:00
Tim Rühsen
55da9f71f0
* src/hsts.c (hsts_hash_func): Allow integer overflow
2018-04-16 09:58:51 +02:00
Tim Rühsen
bec9816f40
* init.c (cmd_spec_mirror): Fix uninitialzed stack variable
2018-04-16 09:58:51 +02:00
Tim Rühsen
b86294e1c9
* src/init.c (cleanup): Free more variables
2018-04-16 09:58:51 +02:00
Tim Rühsen
7e1e5f3959
* wget_options_fuzzer.in: Add corpora directory
2018-04-16 09:58:51 +02:00
Tim Rühsen
4a6336d551
* fuzz/wget_options_fuzzer.c: Suppress error messages from wget
2018-04-16 09:58:51 +02:00
Tim Rühsen
328438e69b
* src/utils.c (fopen_stat): Early return to allow fuzzing/fmemopen
2018-04-16 09:58:51 +02:00
Tim Rühsen
36f029d2f0
* src/init.c (initialize): Free mem before exit()
2018-04-16 09:58:51 +02:00
Tim Rühsen
a4402120ad
Add OSS-Fuzz infrastruture
...
* Makefile.am: Add fuzz/ to SUBDIRS
* cfg.mk: Fix 'make syntax-check'
* configure.ac: Add --enable-fuzzing
* fuzz/Makefile.am: New file
* fuzz/README.md: New file
* fuzz/fuzzer.h: New file
* fuzz/get_all_corpora: New file
* fuzz/get_ossfuzz_corpora: New file
* fuzz/glob_crash.c: New file
* fuzz/main.c: New file
* fuzz/run-afl.sh: New file
* fuzz/run-clang.sh: New file
* fuzz/view-coverage.sh: New file
* fuzz/wget_options_fuzzer.c: New file
* fuzz/wget_options_fuzzer.dict: New file
* src/init.c (cleanup): Free more resources
* src/main.c (init_switches): Initialize only once,
(print_usage): Don't print if TESTING is defined
* src/utils.h: Include wget.h
2018-04-16 09:58:51 +02:00
Tim Rühsen
de54c970b2
Move unit-test code to tests/
...
* src/Makefile.am: Remove test.c and test.h
* src/test.c: Rename to tests/unit-tests.c
* src/test.h: Rename to tests/unit-tests.h
* tests/Makefile.am: Add unit-tests.c and unit-tests.h
* src/hsts.c: Amend #include
* src/http.c: Likewise
* src/init.c: Likewise
* src/metalink.c: Likewise
* src/res.c: Likewise
* src/url.c: Likewise
* src/utils.c: Likewise
2018-04-05 15:06:47 +02:00
Tim Rühsen
3e84963e84
* src/main.c: Rename main() -> main_wget() for unit tests
2018-04-05 15:06:47 +02:00
Tim Rühsen
f56f970bc2
Fix some issues found by 'infer'
2018-03-14 14:43:35 +01:00
Tim Rühsen
0b54043d17
* src/openssl.c: Fix build for OpenSSL 1.1.0 without TLS1_3_VERSION
2018-03-08 16:17:14 +01:00
Tim Rühsen
040106b3e2
Add docs for --secure-protocol=TLSv1_3
...
* doc/wget.texi: Likewise
2018-03-08 15:30:28 +01:00
Loganaden Velvindron
fde8cefd13
Add TLS1.3 support for OpenSSL build
...
* src/init.c: Add 'tlsv1_3 for --secure-protocol
* src/openssl.c (ssl_init): Enable TLS1.3 if possible
* src/options.h: Add secure_protocol_tlsv1_3
* doc/wget.texi: Add description of TLSv1_3
Copyright-paperwork-exempt: Yes
2018-03-08 15:30:14 +01:00
Tim Rühsen
ba2b0654b4
* src/main.c: Add help text for --retry-on-http-error
...
Reported-by: Giovanni Tirloni
2018-03-07 10:32:08 +01:00
Tim Rühsen
375bfa98dc
* src/url.c (convert_fname): Fix invalid free on iconv_open() failure
...
Reported-by: Volkmar Klatt
2018-03-01 16:03:29 +01:00
Tim Rühsen
bea54e0da4
* src/mswindows.c: Fix prototype of fork_to_background()
...
Reported-by: Gisle Vanem
2018-02-21 19:05:15 +01:00
Tim Rühsen
98ec26cc6d
Fix warning to not print binary IP address
...
* tests/Test-https-badcerts.px: Likewise
* tests/Test-https-clientcert.px: Likewise
* tests/Test-https-crl.px: Likewise
* tests/Test-https-pfs.px: Likewise
* tests/Test-https-selfsigned.px: Likewise
* tests/Test-https-tlsv1.px: Likewise
* tests/Test-https-tlsv1x.px: Likewise
* tests/Test-https-weboftrust.px: Likewise
2018-02-09 10:33:07 +01:00
Tim Rühsen
9887b870d1
Use gnulib's utime()
...
* bootstrap.conf: Add modules utime and utime-h
* src/utils.c (touch): Remove own code for gnulib's utime()
2018-02-09 10:21:43 +01:00
Tim Rühsen
c722973212
Fix logging in background mode
...
* ../src/main.c: Re-init logfile if changed for background mode
* ../src/utils.c: fork_to_background() returns whether logfile changed
* ../src/utils.h: Set return type bool for fork_to_background()
Fixes : #53020
Reported-by: Noël Köthe
2018-02-09 10:21:43 +01:00
Tim Rühsen
bb7fa977a1
* src/http.c: Fix two typos in comments
2018-02-09 10:18:35 +01:00
Tim Rühsen
f2d6075a6e
* testenv/conf/expected_files.py: Ignore pubring.gpg
...
Reported-by: Arkadiusz Miśkiewicz
2018-01-31 09:04:42 +01:00
Tim Rühsen
0caed28cda
* bootstrap.conf: Replace gnulib module gettext by gettext-h
2018-01-31 09:01:54 +01:00
Tim Rühsen
d27032c446
Mention list and bugtracker for --help and in man page
...
* doc/wget.texi: Mention list and bugtracker in man page
* src/main.c: Mention list and bugtracker for --help
2018-01-22 10:39:49 +01:00
Darshit Shah
080fd0d93b
* contrib/make-release: Add another release script
2018-01-21 13:50:45 +01:00
Darshit Shah
ab8a3c80df
Update NEWS file for new release
2018-01-21 11:00:29 +01:00
Darshit Shah
11ecabcb3d
Fix typo in documentation
2018-01-21 11:00:25 +01:00
Darshit Shah
d0a5d9f131
Switch off compression by default
...
Gzip compression has a number of bugs which need to be ironed out before
we can support it by default. Some of these stem from a misunderstanding
of the HTTP spec, but a lot of them are also due to many web servers not
being compliant with RFC 7231.
With this commit, I am marking GZip compression support as experimental
in GNU Wget pending further investigation and the addition of tests.
* src/init.c (defaults): Switch of compression support by default
* docs/wget.texi: State that compression is experimental
2018-01-21 10:51:11 +01:00