github-repos/wget
1
0
Fork 0
mirror of https://github.com/mirror/wget.git synced 2025-01-27 04:40:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
d892291fb8
wget/src
History
Tim Rühsen d892291fb8 Fix stack overflow in HTTP protocol handling (CVE-2017-13089) 
* src/http.c (skip_short_body): Return error on negative chunk size

Reported-by: Antti Levomäki, Christian Jalio, Joonas Pihlaja from Forcepoint
Reported-by: Juhani Eronen from Finnish National Cyber Security Centre
2017-10-26 17:29:38 +02:00
..
build_info.c.in Add options --bind-dns-address and --dns-servers 2016-03-23 09:26:22 +01:00
connect.c Fix use of idn2_free() 2017-04-08 11:05:55 +02:00
connect.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
convert.c Fix typos in comments 2017-04-01 19:38:09 +02:00
convert.h Parse <img srcset> attributes, they have image URLs. 2016-03-03 09:38:45 +01:00
cookies.c Fix typos in comments 2017-04-01 19:38:09 +02:00
cookies.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
css-tokens.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
css-url.c * src/css-url.c (get_urls_css): Fix memory leak 2016-08-17 23:13:27 +02:00
css-url.h * src/css-url.h: Remove redundant declaration 2017-02-03 11:53:28 +01:00
css.l maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
decc_ver.c Ensure main calls bindtextdomain 2014-06-12 18:49:14 +02:00
DESCRIP_DEPS.MMS imported patch vms-overlay 2010-01-09 15:24:02 -08:00
DESCRIP_MODS.MMS Remove trailing empty lines 2014-06-12 18:49:15 +02:00
DESCRIP_SRC.MMS Remove trailing empty lines 2014-06-12 18:49:15 +02:00
exits.c maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
exits.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
ftp-basic.c Fix compile error when IPv6 is disabled 2015-11-17 13:40:44 +01:00
ftp-ls.c * src/ftp-ls.c: Fix -Wformat= warnings 2017-02-03 11:59:33 +01:00
ftp-opie.c maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
ftp.c Fix typos in comments 2017-04-01 19:38:09 +02:00
ftp.h ftp: understand --trust-server-names on a HTTP->FTP redirect 2016-06-09 15:02:49 +02:00
gnutls.c * src/gnutls.c: Fix -Wformat= warnings 2017-02-03 12:31:51 +01:00
hash.c * src/hash.c: Explicitly convert float to int 2017-02-03 12:03:50 +01:00
hash.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
host.c Fix use of idn2_free() 2017-04-08 11:05:55 +02:00
host.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
hsts.c Safeguards against TOCTTOU 2017-03-24 09:39:09 +01:00
hsts.h Correct HSTS debug message 2016-05-26 16:37:51 +02:00
html-parse.c Fix typos in comments 2017-04-01 19:38:09 +02:00
html-parse.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
html-url.c Fix crash on 'srcset' inline URIs 2016-09-09 11:44:02 +02:00
html-url.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
http-ntlm.c Fix buffer overflow in Public Key Pinning 2017-06-13 10:23:04 +02:00
http-ntlm.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
http.c Fix stack overflow in HTTP protocol handling (CVE-2017-13089) 2017-10-26 17:29:38 +02:00
http.h Add const to url param of some functions 2016-09-08 16:13:54 +02:00
init.c Add --compression option 2017-08-04 14:34:53 +02:00
init.h Safeguards against TOCTTOU 2017-03-24 09:39:09 +01:00
iri.c * src/iri.c (idn_encode): Better IDNA 2003 compatibility 2017-05-11 11:56:26 +02:00
iri.h Fix use of idn2_free() 2017-04-08 11:05:55 +02:00
log.c Fix typos in comments 2017-04-01 19:38:09 +02:00
log.h Fixes #45790: wget prints it's progress even when background 2016-10-21 19:33:29 +02:00
main.c Add --compression option 2017-08-04 14:34:53 +02:00
Makefile.am Change libtool library deps to non-libtool deps 2017-02-10 17:20:42 +01:00
metalink.c * src/metalink.c (retrieve_from_metalink): Fix len in memset() 2017-03-31 13:15:27 +02:00
metalink.h New option --metalink-index to process Metalink application/metalink4+xml 2016-09-30 19:44:06 +02:00
mswindows.c Fix typos in comments 2017-04-01 19:38:09 +02:00
mswindows.h Include <arpa/inet.h> for Windows 2017-03-08 13:00:54 +01:00
netrc.c Add GNU extensions to .netrc parsing 2017-09-27 12:42:06 +02:00
netrc.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
openssl.c Fix compilation for OpenSSL 1.1.0 2016-06-30 13:24:33 +02:00
options.h Add --compression option 2017-08-04 14:34:53 +02:00
progress.c Fix typos in comments 2017-04-01 19:38:09 +02:00
progress.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
ptimer.c maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
ptimer.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
recur.c Fix typos in comments 2017-04-01 19:38:09 +02:00
recur.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
res.c Fix links to www.robotstxt.org 2017-03-18 19:05:38 +01:00
res.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
retr.c Avoid unnecessary UTF-8 encoded fallback (trivial change) 2017-10-25 14:26:36 +02:00
retr.h Add gzip Content-Encoding decompression 2017-08-04 14:34:53 +02:00
spider.c maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
spider.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
ssl.h Added support for FTPS 2015-09-14 10:16:44 +02:00
sysdep.h Replace home-grown portability code by gnulib modules 2017-01-13 15:38:15 +01:00
test.c Add unit test for parse_content_range() method 2015-08-30 21:34:32 +05:30
test.h Add unit test for parse_content_range() method 2015-08-30 21:34:32 +05:30
url.c * src/url.c (url_scheme): Use ASCII version of strncasecmp 2017-07-28 17:11:26 +02:00
url.h Fix use of idn2_free() 2017-04-08 11:05:55 +02:00
utils.c Fix buffer overflow in Public Key Pinning 2017-06-13 10:23:04 +02:00
utils.h Fix buffer overflow in Public Key Pinning 2017-06-13 10:23:04 +02:00
version.h maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
vms.c Remove trailing empty lines 2014-06-12 18:49:15 +02:00
warc.c * src/warc.c (warc_write_cdx_record): Escape URLs 2017-03-22 15:01:04 +01:00
warc.h Add more const usage to function params 2015-04-17 22:42:59 +02:00
wget.h New: Metalink file size mismatch returns error code METALINK_SIZE_ERROR 2016-09-30 19:44:05 +02:00
xattr.c Style fixes and DEBUG on setxattr failure. 2016-07-27 17:05:57 +02:00
xattr.h * src/xattr.h: Fix #define fsetxattr for MacOS and FreeBSD 2017-02-04 15:29:44 +01:00