aniani/irssi
1
0
Fork 0
mirror of https://github.com/irssi/irssi.git synced 2024-12-04 14:46:39 -05:00
Code

Merge branch 'security' into 'master'

Browse Source 
Security

Closes GL#18, GL#19, GL#20, GL#21

See merge request irssi/irssi!29
This commit is contained in:
Nei 2018-01-04 22:29:29 +00:00
commit 9df3d92598
4 changed files with 28 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/misc.c
View File

@ -703,8 +703,11 @@ int expand_escape(const char **data)
*data += 2; *data += 2;
return strtol(digit, NULL, 16); return strtol(digit, NULL, 16);
case 'c': case 'c':
/* control character (\cA = ^A) */ /* check for end of string */
(*data)++; if ((*data)[1] == '\0')
return 0;
/* control character (\cA = ^A) */
(*data)++;
return i_toupper(**data) - 64; return i_toupper(**data) - 64;
case '0': case '1': case '2': case '3': case '0': case '1': case '2': case '3':
case '4': case '5': case '6': case '7': case '4': case '5': case '6': case '7':

4
src/core/special-vars.c
View File

@ -384,6 +384,7 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item,
} }
nest_free = FALSE; nest_value = NULL; nest_free = FALSE; nest_value = NULL;
#if 0 /* this code is disabled due to security issues until it is fixed */
if (**cmd == '(' && (*cmd)[1] != '\0') { if (**cmd == '(' && (*cmd)[1] != '\0') {
/* subvariable */ /* subvariable */
int toplevel = nested_orig_cmd == NULL; int toplevel = nested_orig_cmd == NULL;
@ -412,6 +413,9 @@ char *parse_special(char **cmd, SERVER_REC *server, void *item,
if (toplevel) nested_orig_cmd = NULL; if (toplevel) nested_orig_cmd = NULL;
} }
#else
if (nested_orig_cmd) nested_orig_cmd = NULL;
#endif
if (**cmd != '{') if (**cmd != '{')
brackets = FALSE; brackets = FALSE;

18
src/fe-common/core/completion.c
View File

@ -187,12 +187,18 @@ char *word_complete(WINDOW_REC *window, const char *line, int *pos, int erase, i
char *old; char *old;
old = linestart; old = linestart;
linestart = *linestart == '\0' ? /* we want to move word into linestart */
g_strdup(word) : if (*linestart == '\0') {
g_strdup_printf("%s%c%s", linestart = g_strdup(word);
/* do not accidentally duplicate the word separator */ } else {
line == wordstart - 1 ? "" : linestart, GString *str = g_string_new(linestart);
old_wordstart[-1], word); if (old_wordstart[-1] != str->str[str->len - 1]) {
/* do not accidentally duplicate the word separator */
g_string_append_c(str, old_wordstart[-1]);
}
g_string_append(str, word);
linestart = g_string_free(str, FALSE);
}
g_free(old); g_free(old);
g_free(word); g_free(word);

8
src/irc/core/channel-events.c
View File

@ -138,7 +138,13 @@ static void channel_change_topic(IRC_SERVER_REC *server, const char *channel,
g_free_not_null(chanrec->topic_by); g_free_not_null(chanrec->topic_by);
chanrec->topic_by = g_strdup(setby); chanrec->topic_by = g_strdup(setby);
chanrec->topic_time = settime; if (chanrec->topic_by == NULL) {
/* ensure invariant topic_time > 0 <=> topic_by != NULL.
this could be triggered by a topic command without sender */
chanrec->topic_time = 0;
} else {
chanrec->topic_time = settime;
}
signal_emit("channel topic changed", 1, chanrec); signal_emit("channel topic changed", 1, chanrec);
} }