- add support for separate provider / consumer cmake options in
`find_package` tests. To help test more integration scenarios.
Refs: #20784#20729#20764
- dump generated curl config files in `find_package` tests.
(cmake CONFIG source, `libcurl.pc`, `curl-config`.
- test.sh: use `sha256sum` (was: `openssl`).
Closes#20773
- update action `actions/cache` from 5.0.1 to 5.0.3
- update action `github/codeql-action` from 4.31.9 to 4.32.4
- update pip `filelock` from 3.20.3 to 3.24.3
- update pip `ruff` from 0.14.14 to 0.15.2
Closes#20782Closes#20783
Reported by clang-tidy (seen on Linux with v18, v19, v20, not on macOS):
```
tests/server/dnsd.c:552:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/dnsd.c:556:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/rtspd.c:1183:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/rtspd.c:1187:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/sws.c:2235:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/sws.c:2239:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/tftpd.c:1188:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/tftpd.c:1192:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/util.c:860:21: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
tests/server/util.c:864:21: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
```
Ref: https://github.com/curl/curl/actions/runs/22424827575/job/64930560425?pr=20725
Cherry-picked from #20725Closes#20730
- run tests-clang-tidy when building testbins.
- drop redundant build-certs dependency for test targets.
Already present via testdeps.
Follow-up to aae361242f#20708Closes#20727
To allow building test binaries without test certs, replacing
`_CURL_SKIP_BUILD_CERTS` internal option with a build target that is
similar to `testdeps`, but without building the test certificates.
To make building test binaries a little bit faster, with less noisy
output, and without having to reconfigure the build.
Closes#20708
Prefer `sizeof()` over `strlen()`, static const variables over macros.
Add a couple of `NOLINT`s to silence false positives.
Also sync similar code patterns between libtests.
Cherry-picked from #20720Closes#20723
Tests are build in "unity"-style, by including sources into an umbrella
C files (similar to how CMake unity works). This does not play well with
clang-tidy, which seems to unconditionally ignore C sources included
like this. To fix it, curl's CMake implements a manual clang-tidy
support for tests, which compiles sources one-by-one, while also making
sure sources compile cleanly standalone (e.g. all sources need to
include `first.h`). The manual clang-tidy implementation is fragile, and
performance, in particular when targeting Windows, is abysmal.
This patch introduces an alternate solution, enabled by the
`_CURL_TESTS_CONCAT=ON` option. In this mode, umbrella sources include
the actual sources instead of `#including` them. Allowing to use CMake's
built-in clang-tidy support to compile them, with clang-tidy actually
checking the sources. Making the manual clang-tidy support unnecessary.
In the Windows CI job it results in a 4x performance improvement (4m ->
1m), making it practical to run clang-tidy on tests on Windows, in CI.
The main downside is that clang-tidy doesn't understand the `#line`
directive. Meaning issues found show the wrong filename and line number
next to them. It's not impossible to locate errors this way, but also
not convenient.
Minor/potential downside is that the concatenated source needs to be
reassembled each time an original source is updated. This may result in
more copying on the disk when used in local development. The largest
source is 1.4MB, so probably not a show-stopper on most machines.
Another is the complexity of maintaining two methods in parallel, which
may be necessary till clang-tidy understands `#line`:
https://github.com/llvm/llvm-project/issues/62405
This solution may in theory also enable adding clang-tidy support for
tests in autotools, though I haven't tried.
Targeted for curl CI for now, and used in a GHA/windows job. 100%
experimental, not recommended outside these.
Closes#20667
- vms/curlmsg_vms.h: delete unused/commented code.
- vtls/schannel_verify: sort includes.
- typecheck-gcc.h: fix indent and alignment.
- lib/config-win32.h: drop idle `#undef`.
- spacecheck: check for stray empty lines before after curly braces.
- make literals more readable: 1048576 -> 1024 * 1024
- scope variables.
- use ISO date in a comment.
- drop redundant parentheses.
- drop empty comments.
- unfold lines.
- duplicate/stray spaces in comments.
- fix indent, whitespace, minor typos.
Closes#20690
Examples:
```
lib/vtls/openssl.c:2585:18: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
2585 | msg_type = *(const char *)buf;
lib/vtls/openssl.c:2593:18: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
2593 | msg_type = *(const char *)buf;
tests/server/mqttd.c:514:10: warning: comparison between 'signed char' and 'unsigned char' [bugprone-signed-char-misuse]
514 | if(passwd_flag == (char)(conn_flags & passwd_flag)) {
tests/server/tftpd.c:362:13: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
362 | c = test->rptr[0];
tests/server/tftpd.c:454:9: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
454 | c = *p++; /* pick up a character */
src/tool_urlglob.c:272:46: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
272 | pat->c.ascii.letter = pat->c.ascii.min = min_c;
src/tool_urlglob.c:273:24: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
273 | pat->c.ascii.max = max_c;
tests/libtest/cli_h2_pausing.c:164:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression]
164 | memset(&resolve, 0, sizeof(resolve));
tests/libtest/cli_upload_pausing.c:158:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression]
158 | memset(&resolve, 0, sizeof(resolve));
tests/libtest/first.c:86:15: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse]
86 | coptopt = arg[optpos];
```
Also:
- tests/server/mqttd: drop a redundant and a wrongly signed cast.
Ref: https://clang.llvm.org/extra/clang-tidy/checks/bugprone/signed-char-misuse.htmlCloses#20654
Also:
- include code to verify a C++-specific public header regression
reported in 8.19.0-rc2.
- curl/curl.h: mention C++ global namespace in comment.
- GHA/dist: add CI job for C++. Runtime: 15 seconds.
Follow-up to ee9b000438#20686
Ref: #20682Closes#20687
It looks like a case that can never happen in practice.
Seen on mingw-w64 with experimental concatenated (vs. #included) test
sources:
```
tests/server/util.c:662:16: error: Null pointer passed as 1st
argument to string length function [clang-analyzer-unix.cstring.NullArg]
662 | size_t len = strlen(unix_socket);
| ^
```
Ref: https://github.com/curl/curl/actions/runs/22267482855/job/64416261156#step:10:273Closes#20668
- make sure that errors for specific options in config files identify
the file, line number and shows the error about the correct option
- improve some error message wording
- add warning for leading single quote of arguments in config files
(verified in test 1712)
- adjust test error outputs accordingly
test1712 introduces mode=warn
Use the mode="warn" attribute if the output curl warning output, as it
then makes the check without newlines and the prefix to better handle
that the lines may wrap at different points depending on the lengths of
the lines and terminal width.
Fixes#20598Closes#20666
Reported by clang-tidy `bugprone-sizeof-expression`.
Silencing:
```
tests/libtest/cli_h2_pausing.c:164:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression]
164 | memset(&resolve, 0, sizeof(resolve));
| ^
tests/libtest/cli_upload_pausing.c:158:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression]
158 | memset(&resolve, 0, sizeof(resolve));
| ^
```
Ref: https://clang.llvm.org/extra/clang-tidy/checks/bugprone/sizeof-expression.htmlCloses#20649
A NULL dereference cannot happen with existing use of this code.
linux-mingw, CM clang-tidy:
```
/home/runner/work/curl/curl/tests/server/sockfilt.c:720:24: error: Access
to field 'tv_sec' results in a dereference of a null pointer (loaded from
variable 'tv') [clang-analyzer-core.NullDereference,-warnings-as-errors]
720 | tv->tv_sec = 0;
| ~~ ^
```
Ref: https://github.com/curl/curl/actions/runs/22191200093/job/64179197235?pr=20631#step:10:283
Cherry-picked from #20631Closes#20639
Also enable `bugprone-suspicious-realloc-usage` clang-tidy option
to verify.
Fixing:
```
tests/server/rtspd.c:328:37: error: 'req->rtp_buffer' may be set to null if 'realloc' fails,
which may result in a leak of the original buffer
[bugprone-suspicious-realloc-usage,-warnings-as-errors]
328 | req->rtp_buffer = realloc(req->rtp_buffer,
| ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~
```
Ref: https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-realloc-usage.htmlCloses#20621
Any failf() that fill the errorbuf need to be forgotten once happy
eyeballing finds a succssful winner. Because the errorbuf, once set, is
not overwritten with future error information.
Adds test_05_05 to verify.
Reported-by: Tim Friedrich Brüggemann
Fixes#20608Closes#20613
- move macro to `curl_setup.h` (from curlx), and rename.
It's required by src, test servers, libtests. Also used by unit/tunit,
(which is fixable but this patch doesn't touch it.)
- special-case it for Windows/Cygwin/MS-DOS.
- build: drop `setmode()`/`_setmode()` detection.
This also avoids detecting the different `setmode()` on BSDs,
and a lot of complexity and overhead.
- use `CURL_O_BINARY`.
Follow-up to 250d613763#15787
Follow-up to 5e70566094#15169Closes#20539
To comply with official documentation. Also to make code compile with
`NO_OLDNAMES` (mingw-w64) or `_CRT_DECLARE_NONSTDC_NAMES=0` (MSVC) set.
Ref: #15652Closes#20516
- de-dupe lib/src strdup/memdup functions into curlx.
- introduce `CURLX_STRDUP_LOW()` for mapping `strdup()`, and to do it at
one place within the code, in `curl_setup.h`.
- tests/server: use `curlx_strdup()`. (Also to fix building without
a system `strdup()`.)
- curlx/curlx.h: shorten and tidy up.
- adjust Windows build path to not need `HAVE_STRDUP`.
- build: stop detecting `HAVE_STRDUP` on Windows.
Closes#20497
