- test 1030: remove, duplicate of 154
- test 1105: make name unique
- test 161: make name reflect what it tests
- test 2074: correct the name
- test 310: improve name
- test 358: correct the name
- test 409: removed, duplicate of 401
- test 472: clarify the test name (how it differs from 439)
- test 1509: update name
- test 527: duplicate of 526
- test 758: separate the name from 530
- test 611: duplicate of 608, remove
- test 639: adjust the name
- test 688: minor name tweak to clarify
- test 708: enhance name
- test 800/847: clarify the names
- test 1520: dedupe the name
- test 962: enhance name
- test 1196/2203: enhanced names
- test 1211: name tweak
- test 1256/1257: enhance the names
- test 1483: fix name
- test 1541: fix name
- test 1553: fix name
- test 1609: removed, exact duplicate of 1607
- test 2200: fix name
- test 3031: corret the name
- test 3016/3203: fix names and keywords
- test 3201/3220: enhance names
- test 3212: fix name
- add missing FILE keywords
- drop FAILURE as keyword
Closes#21936
- drop more uses of the word "just". (not enforced here)
- drop some uses of the "will" word.
- "then" -> "than".
- tests/http/testenv/curl.py: fix copy-paste typo in error message.
- pytest: replace `shutdownh` with `shutdown` in test names.
Spotted by GitHub Code Quality.
- comment typos.
- whitespace and newlines fixes.
Closes#21830
A malicious or compromised FTP server could include control characters
(e.g. bare \r, or bytes 0x01-0x1f/0x7f) inside the quoted directory path
of its 257 PWD response. That string is stored verbatim as
ftpc->entrypath and later sent unescaped in a CWD command on connection
reuse via Curl_pp_sendf(), which performs no sanitization before
appending \r\n.
Reject the entire path if any control character is encountered during
extraction so that tainted data never reaches a subsequent FTP command.
Add test case 3217 and 3218 to verify. Adjusted test 1152 accordingly.
Closes#20949
To formalize they are now XML-compliant (with some asterisks.)
Also to help syntax highlighters work on them to make their content more
readable.
Also:
- Delete empty comment decorations.
- GHA/checksrc: simplify XML check.
- runtests: fail to load test data with XML prolog missing.
Follow-up to bfe6eb1c06#19927
Follow-up to 87ba80a6dfCloses#19946
To make special newlines more explicit and visible.
Mostly in `<protocol>` sections, some in `<data*>` and `<upload>`.
Reducing the number of `tests/data/test*`:
- CRLF newlines from 21535 to 11337.
- files with mixed newlines from 1335 to 707.
Also delete empty `<protocol>` sections.
Closes#19284
- QUIT is not an important FTP command
- curl only sends it "best effort", meaning it might not be sent
- it is a known "flaky" thing in test output because of this
Closes#14404
Instead of providing a fixed single synthetic response in the test
server itself. To allow us to better use *different* directory listings
in different test cases. In this change, most listings remain the same
as before.
The wildcard match tests still use synthetic responses but we should fix
that as well.
Updated numerous test cases to use this.
Closes#14295
The threee tags `<name>`, `</name>` and `<command>` were frequently used
with a leading space that this removes. The reason this habbit is so
widespread in testcases is probably that they have been copy and pasted.
Hence, fixing them all now might curb this practice from now on.
Closes#12028
... a single double quote could leave the entry path buffer without a zero
terminating byte. CVE-2017-1000254
Test 1152 added to verify.
Reported-by: Max Dymond
Bug: https://curl.haxx.se/docs/adv_20171004.html
