lib1911.c 3.0 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. #include "test.h"
  25. #include "testutil.h"
  26. #include "warnless.h"
  27. #include "memdebug.h"
  28. /* The maximum string length limit (CURL_MAX_INPUT_LENGTH) is an internal
  29. define not publicly exposed so we set our own */
  30. #define MAX_INPUT_LENGTH 8000000
  31. static char buffer[MAX_INPUT_LENGTH + 2];
  32. CURLcode test(char *URL)
  33. {
  34. const struct curl_easyoption *o;
  35. CURL *easy;
  36. int error = 0;
  37. (void)URL;
  38. curl_global_init(CURL_GLOBAL_ALL);
  39. easy = curl_easy_init();
  40. if(!easy) {
  41. curl_global_cleanup();
  42. return (CURLcode)1;
  43. }
  44. /* make it a null-terminated C string with just As */
  45. memset(buffer, 'A', MAX_INPUT_LENGTH + 1);
  46. buffer[MAX_INPUT_LENGTH + 1] = 0;
  47. printf("string length: %d\n", (int)strlen(buffer));
  48. for(o = curl_easy_option_next(NULL);
  49. o;
  50. o = curl_easy_option_next(o)) {
  51. if(o->type == CURLOT_STRING) {
  52. CURLcode result;
  53. /*
  54. * Whitelist string options that are safe for abuse
  55. */
  56. CURL_IGNORE_DEPRECATION(
  57. switch(o->id) {
  58. case CURLOPT_PROXY_TLSAUTH_TYPE:
  59. case CURLOPT_TLSAUTH_TYPE:
  60. case CURLOPT_RANDOM_FILE:
  61. case CURLOPT_EGDSOCKET:
  62. continue;
  63. default:
  64. /* check this */
  65. break;
  66. }
  67. )
  68. /* This is a string. Make sure that passing in a string longer
  69. CURL_MAX_INPUT_LENGTH returns an error */
  70. result = curl_easy_setopt(easy, o->id, buffer);
  71. switch(result) {
  72. case CURLE_BAD_FUNCTION_ARGUMENT: /* the most normal */
  73. case CURLE_UNKNOWN_OPTION: /* left out from the build */
  74. case CURLE_NOT_BUILT_IN: /* not supported */
  75. case CURLE_UNSUPPORTED_PROTOCOL: /* detected by protocol2num() */
  76. break;
  77. default:
  78. /* all other return codes are unexpected */
  79. fprintf(stderr, "curl_easy_setopt(%s...) returned %d\n",
  80. o->name, result);
  81. error++;
  82. break;
  83. }
  84. }
  85. }
  86. curl_easy_cleanup(easy);
  87. curl_global_cleanup();
  88. return error == 0 ? CURLE_OK : TEST_ERR_FAILURE;
  89. }