At the end of the destroy_vs there two assignments vs->doc_view->vs = NULL and
vs->doc_view = NULL. In the setup_session the copy_vs left the vs "unbound"
with any variable. At least one of these two is wrong.
C99 6.7.4p3 sets some constraints on what can be done in inline
functions, and the Sun C compiler on OpenSolaris is reported to take
those constraints seriously. See the elinks-dev thread "Patch for
porting Elinks to OpenSolaris" that started on 2009-02-18.
look_for_link() used to return 0 both when it found the closing </MAP>
tag, and when it hit the end of the file. In the first case, it also
added *menu to the memory_list; in the second case, it did not. The
caller get_image_map() supposedly distinguished between these cases by
checking whether pos >= eof, and freed *menu separately if so.
However, if the </MAP> was at the very end of the HTML file, so that
not even a newline followed it, then look_for_link() left pos == eof
even though it had found the </MAP> and added *menu to the memory_list.
This made get_image_map() misinterpret the result and mem_free(*menu)
even though *menu had already been freed as part of the memory_list;
thus the crash.
To fix this, make look_for_link() return -1 instead of 0 if it hits
EOF without finding the </MAP>. Then make get_image_map() check the
return value instead of comparing pos to eof. And add a test case,
although not an automated one.
Alternatively, look_for_link() could have been changed to decrement
pos between finding the </MAP> and returning 0. Then, the pos >= eof
comparison in get_image_map() would have been false. That scheme
would however have been a bit more difficult to understand and
maintain, I think.
Reported by Paul B. Mahol.
Before this patch, if you first moved the cursor to link X with
move-cursor-up and similar actions, and then clicked link Y with the
mouse, ELinks would activate link X, i.e. not the one you clicked.
This happened because the NAVIGATE_CURSOR_ROUTING mode was left
enabled and made ELinks ignore the doc_view->vs->current_link
member that ELinks had updated according to the click.
Make ELinks return the session to NAVIGATE_LINKWISE mode, so that
the update takes effect.
Reported by Paul B. Mahol.
c_strcasecmp and c_strncasecmp were taken from GNU coreutils 6.9,
which is copyrighted by the Free Software Foundation and licensed
under GNU GPL version 2 or later. It seems the programs in coreutils
do not normally read commands interactively. So, including coreutils
code in an interactive program such as ELinks could trigger GPLv2
section 2. c), which would require ELinks to display a copyright
notice and a warranty disclaimer each time it is started. Rewrite
those functions to remove the FSF-copyrighted code and make ELinks
not a work based on GNU coreutils.
Avoiding FSF code has the additional benefit that we won't have to ask
FSF for permission if we want to add a licence exception that allows
linking ELinks with OpenSSL. So it seems a good idea even if my
interpretation of GPLv2 2. c) is overly strict. I haven't checked
though whether there are other FSF-copyrighted portions in ELinks.
(cherry picked from commit c56f3928ecf345ec79b35ab8361397fa47092de8)
Add #include directives to fix these errors:
[CC] src/intl/gettext/l10nflist.o
cc1: warnings being treated as errors
.../src/intl/gettext/l10nflist.c: In function ‘_nl_normalize_codeset’:
.../src/intl/gettext/l10nflist.c:352: error: implicit declaration of function ‘c_tolower’
[CC] src/dom/css/scanner.o
cc1: warnings being treated as errors
In file included from .../src/dom/scanner.h:4,
from .../src/dom/css/scanner.h:5,
from .../src/dom/css/scanner.c:12:
.../src/dom/string.h: In function ‘dom_string_casecmp’:
.../src/dom/string.h:25: error: implicit declaration of function ‘c_strncasecmp’
Call stacks reported by valgrind:
==14702== at 0x80DD791: read_from_socket (socket.c:945)
==14702== by 0x8104D0C: read_more_http_data (http.c:1180)
==14702== by 0x81052FE: read_http_data (http.c:1388)
==14702== by 0x80DD69B: read_select (socket.c:910)
==14702== by 0x80D27AA: select_loop (select.c:307)
==14702== by 0x80D1ADE: main (main.c:358)
==14702== Address 0x4F4E598 is 56 bytes inside a block of size 81 free'd
==14702== at 0x402210F: free (vg_replace_malloc.c:233)
==14702== by 0x812BED8: debug_mem_free (memdebug.c:484)
==14702== by 0x80D7C82: done_connection (connection.c:479)
==14702== by 0x80D8A44: abort_connection (connection.c:769)
==14702== by 0x80D99CE: cancel_download (connection.c:1053)
==14702== by 0x8110EB6: abort_download (download.c:143)
==14702== by 0x81115BC: download_data_store (download.c:337)
==14702== by 0x8111AFB: download_data (download.c:446)
==14702== by 0x80D7B33: notify_connection_callbacks (connection.c:458)
==14702== by 0x80D781E: set_connection_state (connection.c:388)
==14702== by 0x80D7132: set_connection_socket_state (connection.c:234)
==14702== by 0x80DD78D: read_from_socket (socket.c:943)
read_from_socket() attempted to read socket->fd in order to set
handlers on it, but the socket had already been freed. Incidentally,
socket->fd was -1, which would have resulted in an assertion failure
if valgrind hadn't caught the bug first.
To fix this, add a list of weak references to sockets.
read_from_socket() registers a weak reference on entry and unregisters
it before exit. done_socket() breaks any weak references to the
specified socket. read_from_socket() then checks whether the weak
reference was broken, and doesn't access the socket any more if so.
(cherry picked from commit 00f583181220b3cac7e2585fbbd0aacb793f1ece)
test/align.html: from www.czech-tv.cz
test/css/idnes_mail.html: apparently from idnes.cz
test/erreurs_en.htm: unclear origin
test/javascript_broken.html: presumably from www.hotjobs.com
test/poocs.net.html: presumably from poocs.net
I did not find in the source tree a licence to distribute any of these.
(cherry picked from commit 22975bb0ecde74efe1d59ed7dd0ddd6cd4e4aa42)
ELinks attempted to display a message box on file_download.term, but
it had already closed that terminal and freed the struct terminal. To
fix this, reset file_download.term pointers to NULL when the terminal
is about to be destroyed. Also, assert in download_data_store() that
file_download.term is either NULL or in the global "terminals" list.
Reported by أحمد المحمودي.
test/optgroup.html was added on 2004-04-17 with no comment about licensing.
I contacted the author via <http://iccl.fi/feedback.cgi?id=mail>, asking
for a licence. The author noted that a developer of ELinks had originally
asked on the #debian.fi channel whether the file could be used, and he had
allowed it then. That permission grant had not been recorded in the source
tree though, and it is not clear whether modification had been allowed.
Anyway, the author now explicitly grants us the GNU free documentation
licence on this file, and is willing to consider other licences.
(cherry picked from commit fe78a0249a4f9db341659e062c5ae8ee3b5382d2)
ELinks used to call the MD5 code in libgnutls-openssl, part of
GNUTLS-EXTRA, which was licensed under GNU GPL version 2 or later.
In GnuTLS 2.2.0 however, the license of GNUTLS-EXTRA has been changed
to GNU GPL version 3 or later. This is no longer compatible with
GNU GPL version 2 as used in the current ELinks, because GPLv2 clause
2. b) requires the whole work to be licensed under GPLv2, and GPLv3
does not allow that.
If anyone is still using a pre-2.2 GnuTLS, he or she can tweak
configure.in to check the version or just assume it's old enough.
There is not much reason to do so though, as including the MD5 code
in ELinks seems to cost only about 4 kilobytes on i686.
In document.forms, each struct form has form_num and form_end members
that reserve a subrange of [0, INT_MAX] to that form. Previously,
multiple forms in the list could have form_end == INT_MAX and thus
overlap each other. Prevent that by adjusting form_end of each form
newly added to the list.
Revert 438f039bda7d424f79502b3f83e99cedcb7f7ae9,
"check_html_form_hierarchy: Old code was buggy.", which made
check_html_form_hierarchy attach controls to the wrong forms.
Instead, construct the dummy form ("for those Flying Dutchmans") at
form_num == 0 always before adding any real forms to the list.
This prevents the assertion failure by ensuring that every possible
form_control.position is covered by some form, if there are any forms.
Add a function assert_forms_list_ok, which checks that the set of
forms actually covers the [0, INT_MAX] range without overlapping,
as intended. Call that from check_html_form_hierarchy to detect
any corruption.
I have tested this code (before any cherry-picking) with:
- bug 613 attachment 210: didn't crash
- bug 714 attachment 471: didn't crash
- bug 961 attachment 382: didn't crash
- bug 698 attachment 239: all the submit buttons showed the right URLs
- bug 698 attachment 470: the submit button showed the right URL
(cherry picked from commit 386a5d517b5996112bc5a75b1a1b917c7adffe88,
with conflicts)
This change avoids the following error:
gcc -DHAVE_CONFIG_H -I../../.. -I/home/Kalle/src/elinks-0.11/src -I/home/Kalle/prefix/include -I/usr/include/smjs -I/usr/include -I/usr/include/lua50 -I/usr/include -I/usr/include -O0 -ggdb -Wall -Wall -Werror -fno-strict-aliasing -Wno-pointer-sign -Wno-address -fno-strict-overflow -o search.o -c /home/Kalle/src/elinks-0.11/src/viewer/text/search.c
cc1: warnings being treated as errors
/home/Kalle/src/elinks-0.11/src/viewer/text/search.c:257: warning: 'get_search_region_from_search_nodes' defined but not used
make[3]: *** [search.o] Error 1
make[3]: Leaving directory `/home/Kalle/build/i686-pc-linux-gnu/elinks-0.11/src/viewer/text'
get_search_region_from_search_nodes is called only from
search_for_pattern, which already was inside #ifdef HAVE_REGEX_H.
If a newline has a backslash in front of it, then str_rd replaces it
with a space. However, the newline was in the original config file,
so the line number must still be incremented.
(cherry picked from commit 76d803bbb9aa0e26810bf81f3600e31ec3f7de06)
Previously, it only pretended to rewrite the configuration file, so it
set or cleared OPT_MUST_SAVE but never changed or output any options.
Now, it actually sets the options when ELinks is loading the
configuration file. Also, when ELinks is rewriting the configuration
file, it now compares the values in the included file to the current
values of the options, and sets or clears OPT_MUST_SAVE accordingly.
(cherry picked from commit 054852ae234342765ab69da0eb95a18f96bd6028)
So, if elinks.conf contains a "set" command for an alias and ELinks
updates that, it now knows it doesn't have to append another "set"
command for the underlying option.
(cherry picked from commit 92b430f3dc0ffad07cf3cff5fc650b4ae4938675)
So if ELinks is rewriting a configuration file that contains a "set"
command for a negated alias, then it properly writes the value of the
alias, rather than the value of the underlying option.
(cherry picked from commit c47d3798a360b9b2a92aa76b9ea1ccc139a5dc24)
That is, let the setter function of the underlying option store the
negated value. Previously, redir_set used to tweak the value of the
option after it has already called the underlying setter.
(cherry picked from commit 2dbe6ec34f6ccafbbc1e2b2b06be03ac98adb014)
Also, replace OPT_WATERMARK with OPT_MUST_SAVE, which has the opposite
meaning.
Watermarking of aliases does not yet work correctly in this version.
Neither does the "include" command.
(cherry picked from commit 7cdbc908d8fe19744284a4f0fb5deb6b01758177)
Previously, they were reset by smart_config_string(), which was not
called if the value of the option was saved by rewriting an existing
command in elinks.conf. Also, it is better to reset the flags only
after the file operations have actually succeeded.
(cherry picked from commit 6bd961246ac4c5c8eb8e2de657053dca6fc13630)
Previously, ELinks set the OPT_WATERMARK flag in all deleted options
when config.saving_style was 2, thus mostly preventing them from being
saved. This had the unfortunate consequence that if you started with
no elinks.conf, set config.saving_style = 2, deleted some built-in
option (e.g. a URL rewriting rule), saved the settings, and restarted
ELinks, then the built-in option would reappear.
(cherry picked from commit ab8ef9698fd1eba9f1e81e7413b5ed355077d4fa)
So there is no need to substitute a '\0' into the string, and undo
that afterwards.
(cherry picked from commit 912cff79754ac1d2193039f0f6ad740a01e7a41a)
