progress: count amount of data "delivered" to application

... and apply the CURLOPT_MAXFILESIZE limit (if set) on that as well.
This effectively protects the user against "zip bombs".

Test case 1618 verifies using a 14 byte brotli payload that otherwise
explodes to 102400 zero bytes.

Closes #20787

docs/KNOWN_RISKS.md

@@ -144,3 +144,6 @@ and secure algorithms.
 When asking curl or libcurl to automatically decompress data on arrival, there
 is a risk that the size of the output from the decompression process ends up
 many times larger than the input data size.
+
+Since curl 8.20.0, users can mitigate this risk by setting the max filesize
+option that also covers the decompressed size.

docs/cmdline-opts/max-filesize.md

@@ -37,3 +37,6 @@ threshold during transfer.
 Starting in curl 8.19.0, the maximum size can be specified using a fraction as
 in `2.5M` for two and a half megabytes. It only works with a period (`.`)
 delimiter, independent of what your locale might prefer.
+
+Since 8.20.0, this option also stops ongoing transfers that would reach this
+threshold due to automatic decompression using --compressed.

docs/cmdline-opts/write-out.md

@@ -192,6 +192,11 @@ known as "http_code"). (Added in 7.18.2)
 ## `scheme`
 The URL scheme (sometimes called protocol) that was effectively used. (Added in 7.52.0)
 
+## `size_delivered`
+The total amount of data that were saved or written to stdout. When
+--compressed is used, this is likely different than `size_download`. Includes
+the headers in the count if --include is used.
+
 ## `size_download`
 The total amount of bytes that were downloaded. This is the size of the
 body/data that was transferred, excluding headers.

docs/libcurl/curl_easy_getinfo.md

@@ -304,6 +304,10 @@ RTSP session ID. See CURLINFO_RTSP_SESSION_ID(3)
 
 The scheme used for the connection. See CURLINFO_SCHEME(3)
 
+## CURLINFO_SIZE_DELIVERED
+
+Number of bytes passed to the write callback. See CURLINFO_SIZE_DELIVERED(3)
+
 ## CURLINFO_SIZE_DOWNLOAD
 
 (**Deprecated**) Number of bytes downloaded. See CURLINFO_SIZE_DOWNLOAD(3)

docs/libcurl/opts/CURLINFO_SIZE_DELIVERED.md

@@ -0,0 +1,78 @@
+---
+c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+SPDX-License-Identifier: curl
+Title: CURLINFO_SIZE_DELIVERED
+Section: 3
+Source: libcurl
+See-also:
+  - CURLINFO_SIZE_DOWNLOAD_T (3)
+  - CURLINFO_CONTENT_LENGTH_DOWNLOAD_T (3)
+  - CURLOPT_MAXFILESIZE (3)
+  - curl_easy_getinfo (3)
+  - curl_easy_setopt (3)
+Protocol:
+  - All
+Added-in: 8.20.0
+---
+
+# NAME
+
+CURLINFO_SIZE_DELIVERED - number of delivered bytes
+
+# SYNOPSIS
+
+~~~c
+#include <curl/curl.h>
+
+CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_SIZE_DELIVERED,
+                           curl_off_t *dlp);
+~~~
+
+# DESCRIPTION
+
+Pass a pointer to a *curl_off_t* to receive the total amount of bytes that
+were passed on to the write callback in the download. The amount is only for
+the latest transfer and gets reset again for each new transfer. This counts
+actual payload data, what's also commonly called body. All meta and header
+data is excluded from this amount (unless CURLOPT_HEADER(3) is set).
+
+The delivered size may differ from the size retrieved with
+CURLINFO_SIZE_DOWNLOAD_T(3) when CURLOPT_ACCEPT_ENCODING(3) is used for
+automatic data decompression, as this is then the size of the uncompressed
+body while CURLINFO_SIZE_DOWNLOAD_T(3) returns the size of the download.
+
+# %PROTOCOLS%
+
+# EXAMPLE
+
+~~~c
+int main(void)
+{
+  CURL *curl = curl_easy_init();
+  if(curl) {
+    CURLcode result;
+    curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
+
+    /* Perform the request */
+    result = curl_easy_perform(curl);
+
+    if(result == CURLE_OK) {
+      /* check the size */
+      curl_off_t dl;
+      result = curl_easy_getinfo(curl, CURLINFO_SIZE_DELIVERED, &dl);
+      if(result == CURLE_OK) {
+        printf("Stored %" CURL_FORMAT_CURL_OFF_T " bytes\n", dl);
+      }
+    }
+  }
+}
+~~~
+
+# %AVAILABILITY%
+
+# RETURN VALUE
+
+curl_easy_setopt(3) returns a CURLcode indicating success or error.
+
+CURLE_OK (0) means everything was OK, non-zero means an error occurred, see
+libcurl-errors(3).

docs/libcurl/opts/CURLOPT_MAXFILESIZE.md

@@ -41,6 +41,9 @@ If you want a limit above 2GB, use CURLOPT_MAXFILESIZE_LARGE(3).
 Since 8.4.0, this option also stops ongoing transfers if they reach this
 threshold.
 
+Since 8.20.0, this option also stops ongoing transfers that would reach this
+threshold due to automatic decompression using CURLOPT_ACCEPT_ENCODING(3).
+
 # DEFAULT
 
 0, meaning disabled.

docs/libcurl/opts/CURLOPT_MAXFILESIZE_LARGE.md

@@ -42,6 +42,9 @@ ends up being larger than this given limit.
 Since 8.4.0, this option also stops ongoing transfers if they reach this
 threshold.
 
+Since 8.20.0, this option also stops ongoing transfers that would reach this
+threshold due to automatic decompression using CURLOPT_ACCEPT_ENCODING(3).
+
 # DEFAULT
 
 0, meaning disabled.

docs/libcurl/opts/Makefile.inc

@@ -83,6 +83,7 @@ man_MANS =                                      \
   CURLINFO_RTSP_SERVER_CSEQ.3                   \
   CURLINFO_RTSP_SESSION_ID.3                    \
   CURLINFO_SCHEME.3                             \
+  CURLINFO_SIZE_DELIVERED.3                     \
   CURLINFO_SIZE_DOWNLOAD.3                      \
   CURLINFO_SIZE_DOWNLOAD_T.3                    \
   CURLINFO_SIZE_UPLOAD.3                        \

docs/libcurl/symbols-in-versions

@@ -492,6 +492,7 @@ CURLINFO_RTSP_CSEQ_RECV         7.20.0
 CURLINFO_RTSP_SERVER_CSEQ       7.20.0
 CURLINFO_RTSP_SESSION_ID        7.20.0
 CURLINFO_SCHEME                 7.52.0
+CURLINFO_SIZE_DELIVERED         8.20.0
 CURLINFO_SIZE_DOWNLOAD          7.4.1         7.55.0
 CURLINFO_SIZE_DOWNLOAD_T        7.55.0
 CURLINFO_SIZE_UPLOAD            7.4.1         7.55.0