| 1 | /*************************************************************************** |
|---|---|
| 2 | * _ _ ____ _ |
| 3 | * Project ___| | | | _ \| | |
| 4 | * / __| | | | |_) | | |
| 5 | * | (__| |_| | _ <| |___ |
| 6 | * \___|\___/|_| \_\_____| |
| 7 | * |
| 8 | * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. |
| 9 | * |
| 10 | * This software is licensed as described in the file COPYING, which |
| 11 | * you should have received as part of this distribution. The terms |
| 12 | * are also available at https://curl.se/docs/copyright.html. |
| 13 | * |
| 14 | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
| 15 | * copies of the Software, and permit persons to whom the Software is |
| 16 | * furnished to do so, under the terms of the COPYING file. |
| 17 | * |
| 18 | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
| 19 | * KIND, either express or implied. |
| 20 | * |
| 21 | ***************************************************************************/ |
| 22 | #include "test.h" |
| 23 | |
| 24 | #include "testutil.h" |
| 25 | #include "warnless.h" |
| 26 | #include "memdebug.h" |
| 27 | |
| 28 | /* The maximum string length limit (CURL_MAX_INPUT_LENGTH) is an internal |
| 29 | define not publicly exposed so we set our own */ |
| 30 | #define MAX_INPUT_LENGTH 8000000 |
| 31 | |
| 32 | static char buffer[MAX_INPUT_LENGTH + 2]; |
| 33 | |
| 34 | int test(char *URL) |
| 35 | { |
| 36 | const struct curl_easyoption *o; |
| 37 | CURL *easy; |
| 38 | int error = 0; |
| 39 | (void)URL; |
| 40 | |
| 41 | curl_global_init(CURL_GLOBAL_ALL); |
| 42 | easy = curl_easy_init(); |
| 43 | if(!easy) { |
| 44 | curl_global_cleanup(); |
| 45 | return 1; |
| 46 | } |
| 47 | |
| 48 | /* make it a zero terminated C string with just As */ |
| 49 | memset(buffer, 'A', MAX_INPUT_LENGTH + 1); |
| 50 | buffer[MAX_INPUT_LENGTH + 1] = 0; |
| 51 | |
| 52 | printf("string length: %d\n", (int)strlen(buffer)); |
| 53 | |
| 54 | for(o = curl_easy_option_next(NULL); |
| 55 | o; |
| 56 | o = curl_easy_option_next(o)) { |
| 57 | if(o->type == CURLOT_STRING) { |
| 58 | CURLcode result; |
| 59 | /* |
| 60 | * Whitelist string options that are safe for abuse |
| 61 | */ |
| 62 | switch(o->id) { |
| 63 | case CURLOPT_PROXY_TLSAUTH_TYPE: |
| 64 | case CURLOPT_TLSAUTH_TYPE: |
| 65 | continue; |
| 66 | default: |
| 67 | /* check this */ |
| 68 | break; |
| 69 | } |
| 70 | |
| 71 | /* This is a string. Make sure that passing in a string longer |
| 72 | CURL_MAX_INPUT_LENGTH returns an error */ |
| 73 | result = curl_easy_setopt(easy, o->id, buffer); |
| 74 | switch(result) { |
| 75 | case CURLE_BAD_FUNCTION_ARGUMENT: /* the most normal */ |
| 76 | case CURLE_UNKNOWN_OPTION: /* left out from the build */ |
| 77 | case CURLE_NOT_BUILT_IN: /* not supported */ |
| 78 | break; |
| 79 | default: |
| 80 | /* all other return codes are unexpected */ |
| 81 | fprintf(stderr, "curl_easy_setopt(%s...) returned %d\n", |
| 82 | o->name, (int)result); |
| 83 | error++; |
| 84 | break; |
| 85 | } |
| 86 | } |
| 87 | } |
| 88 | curl_easy_cleanup(easy); |
| 89 | curl_global_cleanup(); |
| 90 | return error; |
| 91 | } |
| 92 |
Generated on 2022-Oct-20 from project Aseprite revision 1.3x.
Powered by 
Code Browser 2.1
Generator usage only permitted with license.