mercuryworkshop-mirror/libcurl.js
1
0
Fork 0
mirror of https://github.com/ading2210/libcurl.js.git synced 2025-05-11 13:30:01 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix buffer overflow error and update dependencies

Browse source
This commit is contained in:
ading2210 2025-01-24 14:39:37 -05:00
parent fe72717db8
commit 94aaca8f22
4 changed files with 14 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

12
README.md
View file

@ -41,7 +41,7 @@ This is a port of [libcurl](https://curl.se/libcurl/) to WebAssembly for use in
- Works inside web workers without needing special permissions or headers
- Works in all major browsers (Chromium >= 64, Firefox >= 65, Safari >= 14)
- Has the ability to create multiple independent sessions
- Small footprint size (672KB after compression) and low runtime memory usage
- Small footprint size (552KB after compression) and low runtime memory usage
- Support for Brotli and gzip compressed responses
## Building:
@ -53,15 +53,15 @@ cd libcurl.js/client
```
Make sure you have emscripten, git, and the various C build tools installed. The only OS supported for building libcurl.js is Linux. On Debian-based systems, you can run the following command to install all the dependencies:
```
sudo apt install make cmake emscripten autoconf automake libtool pkg-config wget xxd jq
sudo apt install python3 make cmake emscripten autoconf automake libtool pkg-config wget xxd jq
```
Emscripten versions 3.1.6 and 3.1.72 have been tested and known to work.
Emscripten versions 3.1.6 and 3.1.72 have been tested and known to work. If you are using Debian 12 or Ubuntu 24.04, Emscripten 3.1.6 is what is provided in the distro's repository.
The build script will generate `client/out/libcurl.js` as well as `client/out/libcurl.mjs`, which is an ES6 module. You can supply the following arguments to the build script to control the build:
- `release` - Use all optimizations.
- `single_file` - Include the WASM binary in the outputted JS using base64.
- `asan` - Use the Clang AddressSanitizer to catch possible memory bugs
- `all` - Build twice, once normally, and once as a single file.
- `asan` - Use the Clang AddressSanitizer to catch possible memory bugs during runtime.
- `all` - Build twice, once normally, and once as a single file. This enables the release mode.
Note: non-release builds will have the `-dev` version suffix and ASan builds will have the `-asan` suffix.
@ -312,4 +312,4 @@ This project is licensed under the [GNU LGPL v3](https://www.gnu.org/licenses/lg
>
> \- From [tldrlegal.com](https://www.tldrlegal.com/license/gnu-lesser-general-public-license-v3-lgpl-3)
Do note that the code present in the Wisp server submodule is a seperate project and is still licensed under the GNU AGPL v3. The server-related code in this repository is just a wrapper to run the Wisp server.
Do note that the code present in the Wisp server submodule is a separate project and is still licensed under the GNU AGPL v3. The server-related code in this repository is just a wrapper to run the Wisp server.

10
client/libcurl/certs.c
View file

@ -23,18 +23,18 @@ void generate_pem() {
//calculate total length of the pem file
cacert_pem_len = 0;
for (int i = 0; i < cert_count; i++) {
int cert_len = cert_lengths[i];
for (int i = 0; i < _cert_count; i++) {
int cert_len = _cert_lengths[i];
int b64_len = ((4 * cert_len / 3) + 3) & ~3;
cacert_pem_len += begin_cert_len + end_cert_len + b64_len;
}
cacert_pem = malloc(cacert_pem_len);
cacert_pem = malloc(cacert_pem_len + 1);
//loop for base64 encoding each part
int offset = 0;
for (int i = 0; i < cert_count; i++) {
for (int i = 0; i < _cert_count; i++) {
unsigned char* cert = _certs[i];
int cert_len = cert_lengths[i];
int cert_len = _cert_lengths[i];
int b64_len = ((4 * cert_len / 3) + 3) & ~3;
strcpy((char*) (cacert_pem + offset), begin_cert_str);

6
client/tools/gen_cert.py
View file

@ -1,7 +1,6 @@
import sys
import base64
import re
import hashlib
with open(sys.argv[1]) as f:
pem_file = f.read()
@ -13,15 +12,14 @@ certs_b64 = [s.replace("\n", "") for s in certs_b64]
certs_str = "\n".join(cert_template.format(b64=s) for s in certs_b64)
total_len = len(certs_str)
print(hashlib.sha256(certs_str.encode()).hexdigest(), file=sys.stderr)
header_part_template = """
static uint8_t _cert_{num}[] = {array};
"""
header_end_template = """
uint8_t* _certs[] = {certs_array};
uint16_t cert_lengths[] = {lengths_array};
uint16_t cert_count = {cert_count};
uint16_t _cert_lengths[] = {lengths_array};
uint16_t _cert_count = {cert_count};
"""
header_file = "#include <stdint.h>"

2
client/tools/nghttp2.sh
View file

@ -10,7 +10,7 @@ PREFIX=$(realpath build/nghttp2-wasm)
cd build
rm -rf nghttp2
git clone -b v1.63.0 --depth=1 https://github.com/nghttp2/nghttp2
git clone -b v1.64.0 --depth=1 https://github.com/nghttp2/nghttp2
cd nghttp2
rm -rf $PREFIX