4855debd8a
- Use malloc + strncpy instead of Curl_memdup to dupe the string before
null terminating it.
Prior to this change if Curl_strndup was passed a length longer than
the allocated string then it could copy out of bounds.
This change is for posterity. Curl_strndup was added in the parent
commit and currently none of the calls to it pass a length that would
cause it to read past the allocated length of the input.
Follow-up to
|
||
|---|---|---|
| .circleci | ||
| .github | ||
| .reuse | ||
| CMake | ||
| docs | ||
| include | ||
| lib | ||
| LICENSES | ||
| m4 | ||
| packages | ||
| plan9 | ||
| projects | ||
| scripts | ||
| src | ||
| tests | ||
| winbuild | ||
| .azure-pipelines.yml | ||
| .cirrus.yml | ||
| .dcignore | ||
| .dir-locals.el | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| acinclude.m4 | ||
| appveyor.yml | ||
| buildconf | ||
| buildconf.bat | ||
| CHANGES | ||
| CMakeLists.txt | ||
| configure.ac | ||
| COPYING | ||
| curl-config.in | ||
| GIT-INFO | ||
| libcurl.def | ||
| libcurl.pc.in | ||
| MacOSX-Framework | ||
| Makefile.am | ||
| Makefile.dist | ||
| maketgz | ||
| README | ||
| README.md | ||
| RELEASE-NOTES | ||
| SECURITY.md | ||
Curl is a command-line tool for transferring data specified with URL syntax. Find out how to use curl by reading the curl.1 man page or the MANUAL document. Find out how to install Curl by reading the INSTALL document.
libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl.3 man page to learn how.
You can find answers to the most frequent questions we get in the FAQ document.
Study the COPYING file for distribution terms.
Contact
If you have problems, questions, ideas or suggestions, please contact us by posting to a suitable mailing list.
All contributors to the project are listed in the THANKS document.
Commercial support
For commercial support, maybe private and dedicated help with your problems or applications using (lib)curl visit the support page.
Website
Visit the curl website for the latest news and downloads.
Git
To download the latest source from the Git server, do this:
git clone https://github.com/curl/curl.git
(you will get a directory named curl created, filled with the source code)
Security problems
Report suspected security problems via our HackerOne page and not in public.
Notice
Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms.
Backers
Thank you to all our backers! 🙏 Become a backer.
Sponsors
Support this project by becoming a sponsor.