diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2023-02-13 15:19:29 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2023-02-13 15:58:39 +0300 |
commit | 95c1e6db8f94b4ace8296812e08e99eb7733ad2f (patch) | |
tree | 622cdee9954077b57f54fbe87c46be7c8c406f3b /curl/curl | |
parent | 4a2a63f21ed1cdcb516625cdc8203f0ad20f4042 (diff) |
Upgrade to 7.87.0
That in particular fixes CVE-2022-32221 CVE-2022-43552.
Diffstat (limited to 'curl/curl')
l--------- | curl/curl/curl_ctype.c | 1 | ||||
-rw-r--r-- | curl/curl/tool_hugehelp.c | 28 | ||||
-rw-r--r-- | curl/curl/tool_main.c | 46 |
3 files changed, 24 insertions, 51 deletions
diff --git a/curl/curl/curl_ctype.c b/curl/curl/curl_ctype.c deleted file mode 120000 index 23515cd..0000000 --- a/curl/curl/curl_ctype.c +++ /dev/null @@ -1 +0,0 @@ -lib/curl_ctype.c
\ No newline at end of file diff --git a/curl/curl/tool_hugehelp.c b/curl/curl/tool_hugehelp.c deleted file mode 100644 index 8d741f6..0000000 --- a/curl/curl/tool_hugehelp.c +++ /dev/null @@ -1,28 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ - -#include "tool_setup.h" -#include "tool_hugehelp.h" - -void hugehelp(void) {} diff --git a/curl/curl/tool_main.c b/curl/curl/tool_main.c index 15caf3c..9b8d498 100644 --- a/curl/curl/tool_main.c +++ b/curl/curl/tool_main.c @@ -33,6 +33,10 @@ #include <signal.h> #endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif + #ifdef USE_NSS #include <nspr.h> #include <plarenas.h> @@ -50,7 +54,6 @@ #include "tool_doswin.h" #include "tool_msgs.h" #include "tool_operate.h" -#include "tool_panykey.h" #include "tool_vms.h" #include "tool_main.h" #include "tool_libinfo.h" @@ -84,29 +87,30 @@ int _CRT_glob = 0; /* if we build a static library for unit tests, there is no main() function */ #ifndef UNITTESTS +#if defined(HAVE_PIPE) && defined(HAVE_FCNTL) /* * Ensure that file descriptors 0, 1 and 2 (stdin, stdout, stderr) are * open before starting to run. Otherwise, the first three network * sockets opened by curl could be used for input sources, downloaded data * or error logs as they will effectively be stdin, stdout and/or stderr. + * + * fcntl's F_GETFD instruction returns -1 if the file descriptor is closed, + * otherwise it returns "the file descriptor flags (which typically can only + * be FD_CLOEXEC, which is not set here). */ -static void main_checkfds(void) +static int main_checkfds(void) { -#ifdef HAVE_PIPE - int fd[2] = { STDIN_FILENO, STDIN_FILENO }; - while(fd[0] == STDIN_FILENO || - fd[0] == STDOUT_FILENO || - fd[0] == STDERR_FILENO || - fd[1] == STDIN_FILENO || - fd[1] == STDOUT_FILENO || - fd[1] == STDERR_FILENO) - if(pipe(fd) < 0) - return; /* Out of handles. This isn't really a big problem now, but - will be when we try to create a socket later. */ - close(fd[0]); - close(fd[1]); -#endif + int fd[2]; + while((fcntl(STDIN_FILENO, F_GETFD) == -1) || + (fcntl(STDOUT_FILENO, F_GETFD) == -1) || + (fcntl(STDERR_FILENO, F_GETFD) == -1)) + if(pipe(fd)) + return 1; + return 0; } +#else +#define main_checkfds() 0 +#endif #ifdef CURLDEBUG static void memory_tracking_init(void) @@ -298,7 +302,10 @@ int main(int argc, char *argv[]) } #endif - main_checkfds(); + if(main_checkfds()) { + fprintf(stderr, "curl: out of file descriptors\n"); + return CURLE_FAILED_INIT; + } #if defined(HAVE_SIGNAL) && defined(SIGPIPE) (void)signal(SIGPIPE, SIG_IGN); @@ -323,11 +330,6 @@ int main(int argc, char *argv[]) fflush(NULL); #endif -#ifdef __NOVELL_LIBC__ - if(!getenv("_IN_NETWARE_BASH_")) - tool_pressanykey(); -#endif - #ifdef __VMS vms_special_exit(result, vms_show); #else |