rpms/curl
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

new upstream release (fixes CVE-2013-1944)

Browse Source
This commit is contained in:
Kamil Dudka 2013-04-12 12:13:50 +02:00
parent 8dc3914699
commit 57f6d9d6a1
11 changed files with 48 additions and 605 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

321
0001-curl-7.29.0-da3fc1ee.patch
View File

@ -1,321 +0,0 @@
From 48b69def52771149ed19189284b8c6d1ba667ef7 Mon Sep 17 00:00:00 2001
From: Linus Nielsen Feltzing <linus@haxx.se>
Date: Sun, 10 Feb 2013 22:57:58 +0100
Subject: [PATCH] Fix NULL pointer reference when closing an unused multi handle.
[upstream commit da3fc1ee91de656a30f3a12de394bcba55119872]
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
---
lib/multi.c | 8 +++--
tests/data/Makefile.am | 2 +-
tests/data/Makefile.in | 2 +-
tests/data/test1508 | 31 +++++++++++++++++
tests/libtest/Makefile.in | 79 ++++++++++++++++++++++++++++++++++++++++++--
tests/libtest/Makefile.inc | 6 +++-
tests/libtest/lib1508.c | 49 +++++++++++++++++++++++++++
7 files changed, 168 insertions(+), 9 deletions(-)
create mode 100644 tests/data/test1508
create mode 100644 tests/libtest/lib1508.c
diff --git a/lib/multi.c b/lib/multi.c
index fa0afb9..706df23 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -1773,10 +1773,12 @@ CURLMcode curl_multi_cleanup(CURLM *multi_handle)
/* Close all the connections in the connection cache */
close_all_connections(multi);
- multi->closure_handle->dns.hostcache = multi->hostcache;
- Curl_hostcache_clean(multi->closure_handle);
+ if(multi->closure_handle) {
+ multi->closure_handle->dns.hostcache = multi->hostcache;
+ Curl_hostcache_clean(multi->closure_handle);
- Curl_close(multi->closure_handle);
+ Curl_close(multi->closure_handle);
+ }
multi->closure_handle = NULL;
Curl_hash_destroy(multi->sockhash);
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index d82534d..9f569a3 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -93,7 +93,7 @@ test1379 test1380 test1381 test1382 test1383 test1384 test1385 test1386 \
test1387 test1388 test1389 test1390 test1391 test1392 test1393 \
test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
test1408 test1409 test1410 test1411 test1412 test1413 \
-test1500 test1501 test1502 test1503 test1504 test1505 test1506 \
+test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1508 \
test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \
test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \
test2016 test2017 test2018 test2019 test2020 test2021 test2022 \
diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in
index df52421..d5b0918 100644
--- a/tests/data/Makefile.in
+++ b/tests/data/Makefile.in
@@ -357,7 +357,7 @@ test1379 test1380 test1381 test1382 test1383 test1384 test1385 test1386 \
test1387 test1388 test1389 test1390 test1391 test1392 test1393 \
test1400 test1401 test1402 test1403 test1404 test1405 test1406 test1407 \
test1408 test1409 test1410 test1411 test1412 test1413 \
-test1500 test1501 test1502 test1503 test1504 test1505 test1506 \
+test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1508 \
test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \
test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \
test2016 test2017 test2018 test2019 test2020 test2021 test2022 \
diff --git a/tests/data/test1508 b/tests/data/test1508
new file mode 100644
index 0000000..f8607e5
--- /dev/null
+++ b/tests/data/test1508
@@ -0,0 +1,31 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+multi
+</keywords>
+</info>
+
+# Client-side
+<client>
+<server>
+none
+</server>
+<tool>
+lib1508
+</tool>
+ <name>
+Close a multi handle without using it
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/path/1508
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<file name="log/stdout1508" mode="text">
+We are done
+</file>
+</verify>
+</testcase>
diff --git a/tests/libtest/Makefile.in b/tests/libtest/Makefile.in
index 406b457..7683c09 100644
--- a/tests/libtest/Makefile.in
+++ b/tests/libtest/Makefile.in
@@ -85,7 +85,7 @@ noinst_PROGRAMS = chkhostname$(EXEEXT) libauthretry$(EXEEXT) \
lib591$(EXEEXT) lib597$(EXEEXT) lib598$(EXEEXT) \
lib599$(EXEEXT) lib1500$(EXEEXT) lib1501$(EXEEXT) \
lib1502$(EXEEXT) lib1503$(EXEEXT) lib1504$(EXEEXT) \
- lib1505$(EXEEXT) lib1506$(EXEEXT)
+ lib1505$(EXEEXT) lib1506$(EXEEXT) lib1508$(EXEEXT)
subdir = tests/libtest
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/curl-compilers.m4 \
@@ -173,6 +173,13 @@ am_lib1506_OBJECTS = lib1506-lib1506.$(OBJEXT) $(am__objects_18) \
$(am__objects_19) $(am__objects_20)
lib1506_OBJECTS = $(am_lib1506_OBJECTS)
lib1506_DEPENDENCIES = $(am__DEPENDENCIES_1)
+am__objects_151 = lib1508-first.$(OBJEXT)
+am__objects_152 = lib1508-testutil.$(OBJEXT)
+am__objects_153 = lib1508-warnless.$(OBJEXT)
+am_lib1508_OBJECTS = lib1508-lib1508.$(OBJEXT) $(am__objects_151) \
+ $(am__objects_152) $(am__objects_153)
+lib1508_OBJECTS = $(am_lib1508_OBJECTS)
+lib1508_DEPENDENCIES = $(am__DEPENDENCIES_1)
am__objects_21 = lib500-first.$(OBJEXT)
am__objects_22 = lib500-testutil.$(OBJEXT)
am__objects_23 = lib500-testtrace.$(OBJEXT)
@@ -632,7 +639,7 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
SOURCES = $(libhostname_la_SOURCES) $(chkhostname_SOURCES) \
$(lib1500_SOURCES) $(lib1501_SOURCES) $(lib1502_SOURCES) \
$(lib1503_SOURCES) $(lib1504_SOURCES) $(lib1505_SOURCES) \
- $(lib1506_SOURCES) $(lib500_SOURCES) $(lib501_SOURCES) \
+ $(lib1506_SOURCES) $(lib1508_SOURCES) $(lib500_SOURCES) $(lib501_SOURCES) \
$(lib502_SOURCES) $(lib503_SOURCES) $(lib504_SOURCES) \
$(lib505_SOURCES) $(lib506_SOURCES) $(lib507_SOURCES) \
$(lib508_SOURCES) $(lib510_SOURCES) $(lib511_SOURCES) \
@@ -662,7 +669,7 @@ SOURCES = $(libhostname_la_SOURCES) $(chkhostname_SOURCES) \
DIST_SOURCES = $(libhostname_la_SOURCES) $(chkhostname_SOURCES) \
$(lib1500_SOURCES) $(lib1501_SOURCES) $(lib1502_SOURCES) \
$(lib1503_SOURCES) $(lib1504_SOURCES) $(lib1505_SOURCES) \
- $(lib1506_SOURCES) $(lib500_SOURCES) $(lib501_SOURCES) \
+ $(lib1506_SOURCES) $(lib1508_SOURCES) $(lib500_SOURCES) $(lib501_SOURCES) \
$(lib502_SOURCES) $(lib503_SOURCES) $(lib504_SOURCES) \
$(lib505_SOURCES) $(lib506_SOURCES) $(lib507_SOURCES) \
$(lib508_SOURCES) $(lib510_SOURCES) $(lib511_SOURCES) \
@@ -1155,6 +1162,9 @@ lib1505_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1505
lib1506_SOURCES = lib1506.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1506_LDADD = $(TESTUTIL_LIBS)
lib1506_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1506
+lib1508_SOURCES = lib1508.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1508_LDADD = $(TESTUTIL_LIBS)
+lib1508_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1508
@BUILD_LIBHOSTNAME_FALSE@noinst_LTLIBRARIES =
# Makefile.inc provides the source defines (TESTUTIL, SUPPORTFILES,
@@ -1253,6 +1263,9 @@ lib1505$(EXEEXT): $(lib1505_OBJECTS) $(lib1505_DEPENDENCIES) $(EXTRA_lib1505_DEP
lib1506$(EXEEXT): $(lib1506_OBJECTS) $(lib1506_DEPENDENCIES) $(EXTRA_lib1506_DEPENDENCIES)
@rm -f lib1506$(EXEEXT)
$(LINK) $(lib1506_OBJECTS) $(lib1506_LDADD) $(LIBS)
+lib1508$(EXEEXT): $(lib1508_OBJECTS) $(lib1508_DEPENDENCIES) $(EXTRA_lib1508_DEPENDENCIES)
+ @rm -f lib1508$(EXEEXT)
+ $(LINK) $(lib1508_OBJECTS) $(lib1508_LDADD) $(LIBS)
lib500$(EXEEXT): $(lib500_OBJECTS) $(lib500_DEPENDENCIES) $(EXTRA_lib500_DEPENDENCIES)
@rm -f lib500$(EXEEXT)
$(LINK) $(lib500_OBJECTS) $(lib500_LDADD) $(LIBS)
@@ -1520,6 +1533,10 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1506-lib1506.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1506-testutil.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1506-warnless.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1508-first.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1508-lib1508.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1508-testutil.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib1508-warnless.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib500-first.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib500-lib500.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib500-testtrace.Po@am__quote@
@@ -2163,6 +2180,62 @@ lib1506-warnless.obj: ../../lib/warnless.c
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1506_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1506-warnless.obj `if test -f '../../lib/warnless.c'; then $(CYGPATH_W) '../../lib/warnless.c'; else $(CYGPATH_W) '$(srcdir)/../../lib/warnless.c'; fi`
+lib1508-lib1508.o: lib1508.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-lib1508.o -MD -MP -MF $(DEPDIR)/lib1508-lib1508.Tpo -c -o lib1508-lib1508.o `test -f 'lib1508.c' || echo '$(srcdir)/'`lib1508.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-lib1508.Tpo $(DEPDIR)/lib1508-lib1508.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib1508.c' object='lib1508-lib1508.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-lib1508.o `test -f 'lib1508.c' || echo '$(srcdir)/'`lib1508.c
+
+lib1508-lib1508.obj: lib1508.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-lib1508.obj -MD -MP -MF $(DEPDIR)/lib1508-lib1508.Tpo -c -o lib1508-lib1508.obj `if test -f 'lib1508.c'; then $(CYGPATH_W) 'lib1508.c'; else $(CYGPATH_W) '$(srcdir)/lib1508.c'; fi`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-lib1508.Tpo $(DEPDIR)/lib1508-lib1508.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib1508.c' object='lib1508-lib1508.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-lib1508.obj `if test -f 'lib1508.c'; then $(CYGPATH_W) 'lib1508.c'; else $(CYGPATH_W) '$(srcdir)/lib1508.c'; fi`
+
+lib1508-first.o: first.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-first.o -MD -MP -MF $(DEPDIR)/lib1508-first.Tpo -c -o lib1508-first.o `test -f 'first.c' || echo '$(srcdir)/'`first.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-first.Tpo $(DEPDIR)/lib1508-first.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='first.c' object='lib1508-first.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-first.o `test -f 'first.c' || echo '$(srcdir)/'`first.c
+
+lib1508-first.obj: first.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-first.obj -MD -MP -MF $(DEPDIR)/lib1508-first.Tpo -c -o lib1508-first.obj `if test -f 'first.c'; then $(CYGPATH_W) 'first.c'; else $(CYGPATH_W) '$(srcdir)/first.c'; fi`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-first.Tpo $(DEPDIR)/lib1508-first.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='first.c' object='lib1508-first.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-first.obj `if test -f 'first.c'; then $(CYGPATH_W) 'first.c'; else $(CYGPATH_W) '$(srcdir)/first.c'; fi`
+
+lib1508-testutil.o: testutil.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-testutil.o -MD -MP -MF $(DEPDIR)/lib1508-testutil.Tpo -c -o lib1508-testutil.o `test -f 'testutil.c' || echo '$(srcdir)/'`testutil.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-testutil.Tpo $(DEPDIR)/lib1508-testutil.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='testutil.c' object='lib1508-testutil.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-testutil.o `test -f 'testutil.c' || echo '$(srcdir)/'`testutil.c
+
+lib1508-testutil.obj: testutil.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-testutil.obj -MD -MP -MF $(DEPDIR)/lib1508-testutil.Tpo -c -o lib1508-testutil.obj `if test -f 'testutil.c'; then $(CYGPATH_W) 'testutil.c'; else $(CYGPATH_W) '$(srcdir)/testutil.c'; fi`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-testutil.Tpo $(DEPDIR)/lib1508-testutil.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='testutil.c' object='lib1508-testutil.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-testutil.obj `if test -f 'testutil.c'; then $(CYGPATH_W) 'testutil.c'; else $(CYGPATH_W) '$(srcdir)/testutil.c'; fi`
+
+lib1508-warnless.o: ../../lib/warnless.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-warnless.o -MD -MP -MF $(DEPDIR)/lib1508-warnless.Tpo -c -o lib1508-warnless.o `test -f '../../lib/warnless.c' || echo '$(srcdir)/'`../../lib/warnless.c
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-warnless.Tpo $(DEPDIR)/lib1508-warnless.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='../../lib/warnless.c' object='lib1508-warnless.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-warnless.o `test -f '../../lib/warnless.c' || echo '$(srcdir)/'`../../lib/warnless.c
+
+lib1508-warnless.obj: ../../lib/warnless.c
+@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib1508-warnless.obj -MD -MP -MF $(DEPDIR)/lib1508-warnless.Tpo -c -o lib1508-warnless.obj `if test -f '../../lib/warnless.c'; then $(CYGPATH_W) '../../lib/warnless.c'; else $(CYGPATH_W) '$(srcdir)/../../lib/warnless.c'; fi`
+@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib1508-warnless.Tpo $(DEPDIR)/lib1508-warnless.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='../../lib/warnless.c' object='lib1508-warnless.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib1508_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib1508-warnless.obj `if test -f '../../lib/warnless.c'; then $(CYGPATH_W) '../../lib/warnless.c'; else $(CYGPATH_W) '$(srcdir)/../../lib/warnless.c'; fi`
+
lib500-lib500.o: lib500.c
@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lib500_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib500-lib500.o -MD -MP -MF $(DEPDIR)/lib500-lib500.Tpo -c -o lib500-lib500.o `test -f 'lib500.c' || echo '$(srcdir)/'`lib500.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/lib500-lib500.Tpo $(DEPDIR)/lib500-lib500.Po
diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index 82c265d..8bf2be4 100644
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -23,7 +23,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \
lib582 lib583 lib585 lib586 lib587 \
lib590 lib591 lib597 lib598 lib599 \
\
- lib1500 lib1501 lib1502 lib1503 lib1504 lib1505 lib1506
+ lib1500 lib1501 lib1502 lib1503 lib1504 lib1505 lib1506 lib1508
chkhostname_SOURCES = chkhostname.c ../../lib/curl_gethostname.c
chkhostname_LDADD = @CURL_NETWORK_LIBS@
@@ -312,3 +312,7 @@ lib1505_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1505
lib1506_SOURCES = lib1506.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1506_LDADD = $(TESTUTIL_LIBS)
lib1506_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1506
+
+lib1508_SOURCES = lib1508.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+lib1508_LDADD = $(TESTUTIL_LIBS)
+lib1508_CPPFLAGS = $(AM_CPPFLAGS) -DLIB1508
diff --git a/tests/libtest/lib1508.c b/tests/libtest/lib1508.c
new file mode 100644
index 0000000..72f26d1
--- /dev/null
+++ b/tests/libtest/lib1508.c
@@ -0,0 +1,49 @@
+/***************************************************************************
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
+ * \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 2013, Linus Nielsen Feltzing <linus@haxx.se>
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+#include "test.h"
+
+#include "testutil.h"
+#include "warnless.h"
+#include "memdebug.h"
+
+int test(char *URL)
+{
+ int res = 0;
+ CURLM *m = NULL;
+
+ (void)URL;
+
+ global_init(CURL_GLOBAL_ALL);
+
+ multi_init(m);
+
+test_cleanup:
+
+ /* proper cleanup sequence - type PB */
+
+ curl_multi_cleanup(m);
+ curl_global_cleanup();
+
+ printf("We are done\n");
+
+ return res;
+}
--
1.7.1

47
0002-curl-7.29.0-9d0af301.patch
View File

@ -1,47 +0,0 @@
From 8d25353ae1661ce50fe564e733f3ef45004f4bdf Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 5 Mar 2013 17:51:01 +0100
Subject: [PATCH] nss: fix misplaced code enabling non-blocking socket mode
The option needs to be set on the SSL socket. Setting it on the model
takes no effect. Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.
[upstream commit 9d0af3018c5db25f5adda216dbcad6056b4a3107]
---
lib/nss.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/nss.c b/lib/nss.c
index 8a2cb09..a2c5c63 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1237,12 +1237,6 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
goto error;
model = SSL_ImportFD(NULL, model);
- /* make the socket nonblocking */
- sock_opt.option = PR_SockOpt_Nonblocking;
- sock_opt.value.non_blocking = PR_TRUE;
- if(PR_SetSocketOption(model, &sock_opt) != PR_SUCCESS)
- goto error;
-
if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess)
goto error;
if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_SERVER, PR_FALSE) != SECSuccess)
@@ -1415,6 +1409,12 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
goto error;
}
+ /* switch the SSL socket into non-blocking mode */
+ sock_opt.option = PR_SockOpt_Nonblocking;
+ sock_opt.value.non_blocking = PR_TRUE;
+ if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
+ goto error;
+
connssl->state = ssl_connection_complete;
conn->recv[sockindex] = nss_recv;
conn->send[sockindex] = nss_send;
--
1.7.1

39
0003-curl-7.29.0-491e026c.patch
View File

@ -1,39 +0,0 @@
From a2e6eadf6a72f7587eb9bc1ad52383e4c5507b12 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 11 Mar 2013 16:57:25 +0100
Subject: [PATCH 1/2] easy: do not ignore poll() failures other than EINTR
[upstream commit 491e026ccda0e60975fa6e2e9cf3ccca37e18f7b]
---
lib/easy.c | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/lib/easy.c b/lib/easy.c
index c27deff..2e747bb 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -441,11 +441,19 @@ CURLcode curl_easy_perform(CURL *easy)
while(!done && !mcode) {
int still_running;
+ int ret;
- mcode = curl_multi_wait(multi, NULL, 0, 1000, NULL);
+ mcode = curl_multi_wait(multi, NULL, 0, 1000, &ret);
+
+ if(mcode == CURLM_OK) {
+ if(ret == -1) {
+ /* poll() failed not on EINTR, indicate a network problem */
+ code = CURLE_RECV_ERROR;
+ break;
+ }
- if(mcode == CURLM_OK)
mcode = curl_multi_perform(multi, &still_running);
+ }
/* only read 'still_running' if curl_multi_perform() return OK */
if((mcode == CURLM_OK) && !still_running) {
--
1.7.1

143
0004-curl-7.29.0-57ccdfa8.patch
View File

@ -1,143 +0,0 @@
From 37a515d9933a3160a8a868d5a697a42b28f6d792 Mon Sep 17 00:00:00 2001
From: Zdenek Pavlas <zpavlas@redhat.com>
Date: Mon, 11 Mar 2013 14:57:07 +0100
Subject: [PATCH 2/2] curl_global_init: accept the CURL_GLOBAL_ACK_EINTR flag
The flag can be used in pycurl-based applications where using the multi
interface would not be acceptable because of the performance lost caused
by implementing the select() loop in python.
Bug: http://curl.haxx.se/bug/view.cgi?id=1168
Downstream Bug: https://bugzilla.redhat.com/919127
[upstream commit 57ccdfa8d2bb6275388223f4676cd623ebd01697]
---
docs/libcurl/curl_global_init.3 | 4 ++++
docs/libcurl/symbols-in-versions | 1 +
include/curl/curl.h | 1 +
lib/easy.c | 2 ++
lib/select.c | 17 ++---------------
lib/select.h | 6 ++++++
6 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/docs/libcurl/curl_global_init.3 b/docs/libcurl/curl_global_init.3
index d91e1bd..6a08383 100644
--- a/docs/libcurl/curl_global_init.3
+++ b/docs/libcurl/curl_global_init.3
@@ -70,6 +70,10 @@ Initialise nothing extra. This sets no bit.
.B CURL_GLOBAL_DEFAULT
A sensible default. It will init both SSL and Win32. Right now, this equals
the functionality of the \fBCURL_GLOBAL_ALL\fP mask.
+.TP
+.B CURL_GLOBAL_ACK_EINTR
+When this flag is set, curl will acknowledge EINTR condition when connecting
+or when waiting for data. Otherwise, curl waits until full timeout elapses.
.SH RETURN VALUE
If this function returns non-zero, something went wrong and you cannot use the
other curl functions.
diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions
index 1de1ace..37b5e27 100644
--- a/docs/libcurl/symbols-in-versions
+++ b/docs/libcurl/symbols-in-versions
@@ -614,6 +614,7 @@ CURL_GLOBAL_DEFAULT 7.8
CURL_GLOBAL_NOTHING 7.8
CURL_GLOBAL_SSL 7.8
CURL_GLOBAL_WIN32 7.8.1
+CURL_GLOBAL_ACK_EINTR 7.30.0
CURL_HTTP_VERSION_1_0 7.9.1
CURL_HTTP_VERSION_1_1 7.9.1
CURL_HTTP_VERSION_NONE 7.9.1
diff --git a/include/curl/curl.h b/include/curl/curl.h
index 5b39a24..80e4cf5 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -2023,6 +2023,7 @@ typedef enum {
#define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL|CURL_GLOBAL_WIN32)
#define CURL_GLOBAL_NOTHING 0
#define CURL_GLOBAL_DEFAULT CURL_GLOBAL_ALL
+#define CURL_GLOBAL_ACK_EINTR (1<<2)
/*****************************************************************************
diff --git a/lib/easy.c b/lib/easy.c
index 2e747bb..2739598 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -262,6 +262,8 @@ CURLcode curl_global_init(long flags)
}
#endif
+ Curl_ack_eintr = flags & CURL_GLOBAL_ACK_EINTR;
+
init_flags = flags;
/* Preset pseudo-random number sequence. */
diff --git a/lib/select.c b/lib/select.c
index d13e122..db7fb6d 100644
--- a/lib/select.c
+++ b/lib/select.c
@@ -50,11 +50,8 @@
#define elapsed_ms (int)curlx_tvdiff(curlx_tvnow(), initial_tv)
-#ifdef CURL_ACKNOWLEDGE_EINTR
-#define error_not_EINTR (1)
-#else
-#define error_not_EINTR (error != EINTR)
-#endif
+int Curl_ack_eintr = 0;
+#define error_not_EINTR (Curl_ack_eintr || error != EINTR)
/*
* Internal function used for waiting a specific amount of ms
@@ -67,10 +64,6 @@
* Timeout resolution, accuracy, as well as maximum supported
* value is system dependent, neither factor is a citical issue
* for the intended use of this function in the library.
- * On non-DOS and non-Winsock platforms, when compiled with
- * CURL_ACKNOWLEDGE_EINTR defined, EINTR condition is honored
- * and function might exit early without awaiting full timeout,
- * otherwise EINTR will be ignored and full timeout will elapse.
*
* Return values:
* -1 = system call error, invalid timeout value, or interrupted
@@ -133,9 +126,6 @@ int Curl_wait_ms(int timeout_ms)
* A negative timeout value makes this function wait indefinitely,
* unles no valid file descriptor is given, when this happens the
* negative timeout is ignored and the function times out immediately.
- * When compiled with CURL_ACKNOWLEDGE_EINTR defined, EINTR condition
- * is honored and function might exit early without awaiting timeout,
- * otherwise EINTR will be ignored.
*
* Return values:
* -1 = system call error or fd >= FD_SETSIZE
@@ -351,9 +341,6 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
* A negative timeout value makes this function wait indefinitely,
* unles no valid file descriptor is given, when this happens the
* negative timeout is ignored and the function times out immediately.
- * When compiled with CURL_ACKNOWLEDGE_EINTR defined, EINTR condition
- * is honored and function might exit early without awaiting timeout,
- * otherwise EINTR will be ignored.
*
* Return values:
* -1 = system call error or fd >= FD_SETSIZE
diff --git a/lib/select.h b/lib/select.h
index 00789bb..c00afe1 100644
--- a/lib/select.h
+++ b/lib/select.h
@@ -81,6 +81,12 @@ int Curl_socket_check(curl_socket_t readfd, curl_socket_t readfd2,
int Curl_poll(struct pollfd ufds[], unsigned int nfds, int timeout_ms);
+/* On non-DOS and non-Winsock platforms, when Curl_ack_eintr is set,
+ * EINTR condition is honored and function might exit early without
+ * awaiting full timeout. Otherwise EINTR will be ignored and full
+ * timeout will elapse. */
+extern int Curl_ack_eintr;
+
int Curl_wait_ms(int timeout_ms);
#ifdef TPF
--
1.7.1

54
0101-curl-7.29.0-multilib.patch → 0101-curl-7.30.0-multilib.patch
View File

@ -1,3 +1,9 @@
From 2a4754a3a7cf60ecc36d83cbe50b8c337cb87632 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Fri, 12 Apr 2013 12:04:05 +0200
Subject: [PATCH] prevent multilib conflicts on the curl-config script
---
curl-config.in | 16 +++-------------
docs/curl-config.1 | 4 +++-
libcurl.pc.in | 1 +
@ -8,46 +14,46 @@ index 150004d..95d0759 100644
--- a/curl-config.in
+++ b/curl-config.in
@@ -75,7 +75,7 @@ while test $# -gt 0; do
;;
;;
--cc)
- echo "@CC@"
+ echo "gcc"
;;
- echo "@CC@"
+ echo "gcc"
;;
--prefix)
@@ -142,24 +142,14 @@ while test $# -gt 0; do
;;
;;
--libs)
- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
- CURLLIBDIR="-L@libdir@ "
- else
- CURLLIBDIR=""
- fi
- if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
- echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
- else
- echo ${CURLLIBDIR}-lcurl
- fi
+ pkg-config libcurl --libs
;;
- if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
- CURLLIBDIR="-L@libdir@ "
- else
- CURLLIBDIR=""
- fi
- if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
- echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@
- else
- echo ${CURLLIBDIR}-lcurl
- fi
+ pkg-config libcurl --libs
;;
--static-libs)
- echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
;;
- echo @libdir@/libcurl.@libext@ @LDFLAGS@ @LIBCURL_LIBS@
;;
--configure)
- echo @CONFIGURE_OPTIONS@
+ pkg-config libcurl --variable=configure_options | sed 's/^"//;s/"$//'
;;
- echo @CONFIGURE_OPTIONS@
+ pkg-config libcurl --variable=configure_options | sed 's/^"//;s/"$//'
;;
*)
diff --git a/docs/curl-config.1 b/docs/curl-config.1
index c4f4e2b..3e0ea60 100644
index 14a9d2b..ffcc004 100644
--- a/docs/curl-config.1
+++ b/docs/curl-config.1
@@ -65,7 +65,9 @@ be listed using uppercase and are separa
@@ -65,7 +65,9 @@ be listed using uppercase and are separated by newlines. There may be none,
one, or several protocols in the list. (Added in 7.13.0)
.IP "--static-libs"
Shows the complete set of libs and other linker options you will need in order

2
0102-curl-7.29.0-debug.patch → 0102-curl-7.30.0-debug.patch
View File

@ -12,7 +12,7 @@ diff --git a/configure b/configure
index 8f079a3..53b4774 100755
--- a/configure
+++ b/configure
@@ -15759,18 +15759,11 @@ $as_echo "yes" >&6; }
@@ -15950,18 +15950,11 @@ $as_echo "yes" >&6; }
gccvhi=`echo $gccver | cut -d . -f1`
gccvlo=`echo $gccver | cut -d . -f2`
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`

2
0108-curl-7.29.0-utf8.patch → 0108-curl-7.30.0-utf8.patch
View File

@ -14,7 +14,7 @@ diff --git a/CHANGES b/CHANGES
index 4568408..5fc1652 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1910,7 +1910,7 @@ Daniel Stenberg (12 Nov 2012)
@@ -4312,7 +4312,7 @@ Daniel Stenberg (12 Nov 2012)
- [Gabriel Sjoberg brought this change]

7
curl-7.29.0.tar.lzma.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlESLQcACgkQeOEcayedXJEj8ACgrkSpZGzKYB1YW0E5x8YQA80z
188An0r1HNF+LSiTz5Gez17XMpliVGNS
=DH6L
-----END PGP SIGNATURE-----

7
curl-7.30.0.tar.lzma.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlFntDMACgkQeOEcayedXJE9vwCg2icVm/xDjGiK9lDvBN2Yck5h
jwIAn2UNo1J6RyA3TRqpnXWMXr1Jjq4g
=7Wds
-----END PGP SIGNATURE-----

29
curl.spec
View File

@ -1,29 +1,17 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl
Version: 7.29.0
Release: 4%{?dist}
Version: 7.30.0
Release: 1%{?dist}
License: MIT
Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
Source2: curlbuild.h
# fix a SIGSEGV when closing an unused multi handle (#914411)
Patch1: 0001-curl-7.29.0-da3fc1ee.patch
# switch SSL socket into non-blocking mode after handshake
Patch2: 0002-curl-7.29.0-9d0af301.patch
# do not ignore poll() failures other than EINTR
Patch3: 0003-curl-7.29.0-491e026c.patch
# curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag
Patch4: 0004-curl-7.29.0-57ccdfa8.patch
# patch making libcurl multilib ready
Patch101: 0101-curl-7.29.0-multilib.patch
Patch101: 0101-curl-7.30.0-multilib.patch
# prevent configure script from discarding -g in CFLAGS (#496778)
Patch102: 0102-curl-7.29.0-debug.patch
Patch102: 0102-curl-7.30.0-debug.patch
# use localhost6 instead of ip6-localhost in the curl test-suite
Patch104: 0104-curl-7.19.7-localhost6.patch
@ -36,7 +24,7 @@ Patch107: 0107-curl-7.21.4-libidn-valgrind.patch
# Fix character encoding of docs, which are of mixed encoding originally so
# a simple iconv can't fix them
Patch108: 0108-curl-7.29.0-utf8.patch
Patch108: 0108-curl-7.30.0-utf8.patch
Provides: webclient
URL: http://curl.haxx.se/
@ -112,10 +100,6 @@ documentation of the library, too.
%setup -q
# upstream patches
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
# Fedora patches
%patch101 -p1
@ -233,6 +217,9 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4
%changelog
* Fri Apr 12 2013 Kamil Dudka <kdudka@redhat.com> 7.30.0-1
- new upstream release (fixes CVE-2013-1944)
* Tue Mar 12 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-4
- do not ignore poll() failures other than EINTR (#919127)
- curl_global_init() now accepts the CURL_GLOBAL_ACK_EINTR flag (#919127)

2
sources
View File

@ -1 +1 @@
48eab66844553c37433fb861cf8ab5c9 curl-7.29.0.tar.lzma
e47049eaabfbed194bef7ae4960fdc37 curl-7.30.0.tar.lzma