加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
backport-pre-CVE-2024-2004.patch 5.31 KB
一键复制 编辑 原始数据 按行查看 历史
sherlock2010 提交于 2024-04-01 07:40 . fix CVE-2024-2004 CVE-2024-2398
From de0cd5e8e7c9a0cbf28c4a9dec998ad4b6dfa08c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 11 Dec 2023 23:17:26 +0100
Subject: [PATCH] test1474: removed
The test was already somewhat flaky and disabled on several platforms,
and after 1da640abb688 even more unstable.
Conflict:Context adapt
Reference:https://github.com/curl/curl/commit/de0cd5e8e7c9a0cbf28c4a9dec998ad4b6dfa08c
---
tests/data/Makefile.inc | 2 +-
tests/data/test1474 | 121 ----------------------------------------
2 files changed, 1 insertion(+), 122 deletions(-)
delete mode 100644 tests/data/test1474
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index de13c525e..6d1a2ad13 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -186,7 +186,7 @@ test1439 test1440 test1441 test1442 test1443 test1444 test1445 test1446 \
test1447 test1448 test1449 test1450 test1451 test1452 test1453 test1454 \
test1455 test1456 test1457 test1458 test1459 test1460 test1461 test1462 \
test1463 test1464 test1465 test1466 test1467 test1468 test1469 test1470 \
-test1471 test1472 test1473 test1474 \
+test1471 test1472 test1473 \
\
test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
diff --git a/tests/data/test1474 b/tests/data/test1474
deleted file mode 100644
index a87044d1a..000000000
--- a/tests/data/test1474
+++ /dev/null
@@ -1,121 +0,0 @@
-<testcase>
-# This test is quite timing dependent and tricky to set up. The time line of
-# test operations looks like this:
-#
-# 1. curl sends a PUT request with Expect: 100-continue and waits only 1 msec
-# for a 100 response.
-# 2. The HTTP server accepts the connection but waits 500 msec before acting
-# on the request.
-# 3. curl doesn't receive the expected 100 response before its timeout expires,
-# so it starts sending the body. It is throttled by a --limit-rate, so it
-# sends the first 64 KiB then stops for 1000 msec due to this
-# throttling.
-# 4. The server sends its 417 response while curl is throttled.
-# 5. curl responds to this 417 response by closing the connection (because it
-# has a half-completed response outstanding) and starting a new one. This
-# new request does not have an Expect: header so it is sent without delay.
-# It's still throttled, however, so it takes about 16 seconds to finish
-# sending.
-# 6. The server receives the response and this time acks it with 200.
-#
-# Because of the timing sensitivity (scheduling delays of 500 msec can cause
-# the test to fail), this test is marked flaky to avoid it being run in the CI
-# builds which are often run on overloaded servers.
-# Increasing the --limit-rate would decrease the test time, but at the cost of
-# becoming even more sensitive to delays (going from 500 msec to 250 msec or
-# less of accepted delay before failure). Adding a --speed-time would increase
-# the 1 second delay between writes to longer, but it would also increase the
-# total time needed by the test, which is already quite high.
-#
-# The assumption in step 3 is also broken on NetBSD 9.3, OpenBSD 7.3 and
-# Solaris 10 as they only usually send about half the requested amount of data
-# (see https://curl.se/mail/lib-2023-09/0021.html).
-<info>
-<keywords>
-HTTP
-HTTP PUT
-Expect
-flaky
-timing-dependent
-</keywords>
-</info>
-# Server-side
-<reply>
-# 417 means the server didn't like the Expect header
-<data>
-HTTP/1.1 417 BAD swsbounce
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Content-Length: 0
-
-</data>
-<data1>
-HTTP/1.1 200 OK
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Content-Length: 10
-
-blablabla
-</data1>
-<datacheck>
-HTTP/1.1 417 BAD swsbounce
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Content-Length: 0
-
-HTTP/1.1 200 OK
-Date: Tue, 09 Nov 2010 14:49:00 GMT
-Server: test-server/fake
-Content-Length: 10
-
-blablabla
-</datacheck>
-<servercmd>
-no-expect
-delay: 500
-connection-monitor
-</servercmd>
-</reply>
-
-# Client-side
-<client>
-<server>
-http
-</server>
-<name>
-HTTP PUT with Expect: 100-continue and 417 response during upload
-</name>
-<command>
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -T %LOGDIR/test%TESTNUMBER.txt --limit-rate 64K --expect100-timeout 0.001
-</command>
-<precheck>
-perl -e "print 'Test does not work on this BSD system' if ( $^O eq 'netbsd' || $^O eq 'openbsd' || ($^O eq 'solaris' && qx/uname -r/ * 100 <= 510));"
-</precheck>
-# Must be large enough to trigger curl's automatic 100-continue behaviour
-<file name="%LOGDIR/test%TESTNUMBER.txt">
-%repeat[132 x S]%%repeat[16462 x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%0a]%
-</file>
-</client>
-
-# Verify data after the test has been "shot"
-<verify>
-<protocol>
-PUT /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Content-Length: 1053701
-Expect: 100-continue
-
-%repeat[132 x S]%%repeat[1021 x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%0a]%%repeat[60 x x]%[DISCONNECT]
-PUT /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
-User-Agent: curl/%VERSION
-Accept: */*
-Content-Length: 1053701
-
-%repeat[132 x S]%%repeat[16462 x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%0a]%
-[DISCONNECT]
-</protocol>
-</verify>
-</testcase>
--
2.33.0
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化