1
0
mirror of https://github.com/irssi/irssi.git synced 2024-12-04 14:46:39 -05:00
Commit Graph

3994 Commits

Author SHA1 Message Date
dequis
7354a74c65 parse_time_interval: Allow negative time in settings
This splits sign parsing out of parse_time_interval_uint() so that the
negative sign is applied outside of the unsigned context where the
number parsing is done, and after all the checks that it's lower than
(1 << 31)

This fixes issues with settings like `server_reconnect_time`,
`server_connect_timeout` and `lag_max_before_disconnect`, which accepted
-1 as a valid value.
2017-06-17 15:34:36 -03:00
dequis
4b1c60b2ec term-terminfo: Avoid switching out of alt screen on unexpected exits
Perl sucks and kills the whole process when there's a version mismatch
in Perl_xs_handshake(). Our atexit handler catches the exit and
deinitializes the terminal, removing the error.

This commit uses the 'quitting' global variable which is set when irssi
is voluntarily quitting, and avoids sending TI_rmcup, which restores the
original screen and makes the error invisible.
2017-06-17 13:47:13 -03:00
ailin-nemui
3246001fb4 Merge pull request #715 from dequis/lastlog-glist-performance
Performance improvements for /lastlog
2017-06-07 00:15:45 +02:00
ailin-nemui
5e9a3ad80c Merge pull request #714 from dequis/dcc-fname-gcc-warnings
fe-dcc-(get|send): Fix some -Wpointer-compare with newer gcc
2017-06-07 00:15:05 +02:00
dequis
e498265328 Performance improvements for /lastlog -before
This avoids the use of g_list_find() to find if a match was already
added to the list of results, by checking the last two added matches
instead.

Checking just the last match isn't enough because a NULL match is added
as a separator (shown as -- in the UI)
2017-06-05 18:11:47 -03:00
dequis
0e44ea8916 Performance improvements for /lastlog with big result sets
This applies to "/lastlog" with no filters (or with filters that don't
filter a lot) and with large amounts of text in the scrollback.

Test case:

    /exec seq 1 500000
    /lastlog -file log.txt

Thanks to morning for reporting this.
2017-06-05 18:10:27 -03:00
dequis
52bb06ccd9 fe-dcc-(get|send): Fix some -Wpointer-compare with newer gcc
The warning itself:

>warning: comparison between pointer and zero character constant [-Wpointer-compare]

Harmless stuff as far as I can tell.

The fix adds a null check that probably isn't needed. The old code that
compared against '\0' worked a lot like a null check so it makes sense
to keep that, while also adding the intended check for empty string.

This was visible with "/dcc close send a" showing an empty filename.
The equivalent for get didn't show the filename in the format string.
2017-06-05 15:58:43 -03:00
Ailin Nemui
fb08fc7f1a Merge remote-tracking branch 'gitlab/security' 2017-06-05 15:12:16 +02:00
ailin-nemui
4edfccfce7 get rid of new_text 2017-06-05 13:46:43 +02:00
ailin-nemui
48899a123d Update iregex-gregex.c
add 2 comments about new_string
2017-06-05 10:23:16 +02:00
ailin-nemui
00354c3651 Update iregex-gregex.c
make helper functions static
2017-06-05 10:10:38 +02:00
Jari Matilainen
f28c64a3dc Make backward compatible with ssl flags 2017-06-04 19:47:30 +02:00
ailin-nemui
78a390f479 abi up 2017-06-04 19:03:40 +02:00
Jari Matilainen
e84adeca15 change ternary operator to if/else statements, add default ssl port support 2017-06-04 17:41:38 +02:00
ailin-nemui
79bbca4644 Refactor regex and implement UTF8 mode for GRegex
- with non-unicode byte to Private Use Area A mapping
- move all ifdefs to iregex.h file only
2017-06-04 00:52:53 +02:00
ailin-nemui
31b9d115b0 Merge pull request #706 from dequis/parse-uint
Add parse_uint function to improve integer overflow handling
2017-06-02 14:47:38 +02:00
Joseph Bisch
1ce9e07be0
Use CXX for fe-fuzz linking 2017-06-01 23:59:19 -04:00
Nei
200eb5922e Merge branch 'fix-gl9' into 'security'
Fix dcc_request where addr is NULL

See merge request !13
2017-05-30 19:39:06 +00:00
Joseph Bisch
528f51bfbe
Fix dcc_request where addr is NULL 2017-05-29 14:53:26 -04:00
Joseph Bisch
30a92754bb
Fix oob read of one byte in get_file_params_count{,_resume}
We can use continue to handle cases such as:
"ab<space><space>c"
2017-05-29 14:43:24 -04:00
ailin-nemui
d61c54c32b do not reset true colour bit on colour reset
fixes #710
2017-05-27 00:12:54 +02:00
dequis
632b0ce5e6 Add parse_uint function to improve integer overflow handling
Originally found by oss-fuzz (issue 525) in get_ansi_color using ubsan.
After a lot of analysis I'm 99% sure this isn't security relevant so
it's fine to handle this publicly.

The fix is mainly adding a function that does it right and use it
everywhere. This is harder than it seems because the strtol() family of
functions doesn't have the friendliest of interfaces.

Aside from get_ansi_color(), there were other pieces of code that used
the same (out*10+(*in-'0')) pattern, like the parse_size() and
parse_time_interval() functions, which are mostly used for settings.
Those are interesting cases, since they multiply the parsed number
(resulting in more overflows) and they write to a signed integer
parameter (which can accidentally make the uints negative without UB)

Thanks to Pascal Cuoq for enlightening me about the undefined behavior
of parse_size (and, in particular, the implementation-defined behavior
of one of the WIP versions of this commit, where something like signed
integer overflow happened, but it was legal). Also for writing
tis-interpreter, which is better than ubsan to verify these things.
2017-05-18 00:21:11 -03:00
Jari Matilainen
0c26aeb9fc Make sure port is only set on /server modify if specified 2017-05-15 23:07:01 +02:00
ailin-nemui
10cea61696 Merge pull request #702 from vague666/server_modify_notls
Added support for -notls and -notls_verify
2017-05-14 09:44:26 +02:00
ailin-nemui
81cf8d8813 Update fe-server.c 2017-05-14 09:43:38 +02:00
Jari Matilainen
4a6fbdbe78 Spaces to tabs 2017-05-14 03:01:01 +02:00
ailin-nemui
371eb7f505 expand macro 2017-05-12 16:27:33 +02:00
ailin-nemui
787e192567 improve nicklist performance 2017-05-12 13:36:48 +02:00
Jari Matilainen
783458e9ba Added code comments 2017-05-11 14:08:45 +02:00
Jari Matilainen
25f9c71f69 Allow -port <num> or irc.host.tld <port num> in /server add and /server modify 2017-05-11 14:02:23 +02:00
Jari Matilainen
f060292a9c Added braces 2017-05-11 11:17:14 +02:00
Jari Matilainen
dbde9f0fe3 Added support for -notls and -notls_verify 2017-05-11 10:57:24 +02:00
LemonBoy
c890ecafa0 Merge pull request #686 from josephbisch/remove-history-wrap
Don't allow command history to wrap around
2017-04-11 15:19:19 +02:00
Joseph Bisch
3297fafcd9
Add syntax info for completion
Allows syntax info to be picked up and displayed by help command.

Fixes #687
2017-04-07 12:56:46 -04:00
Joseph Bisch
405136440c
Remove over_counter
We are no longer using over_counter for any functional purpose, so
remove it.
2017-04-07 08:20:28 -04:00
Joseph Bisch
7c86575b02
Don't allow command history to wrap around
This changes the behavior of the command history to avoid wrapping back
to the bottom once the top of the history is reached.
2017-04-06 20:27:39 -04:00
Joseph Bisch
41776d71f7
Fix strange history behavior when history is empty
If text is being entered and then the user presses the up arrow
followed by the down arrow, the expected behavior is to return to the
text being entered. Prior to this commit that was not the case.

Fixes #462
2017-04-05 11:00:25 -04:00
Joseph Bisch
a4cc4e0ad7
Fix off by one error with char_expandos 2017-03-31 15:37:48 -04:00
Stephen Oberholtzer
2b9be6e2ed Intentation/whitespace fixes
Change several instances of space-indentation to tabs, matching the
surrounding code.
2017-03-21 10:27:39 -04:00
Stephen Oberholtzer
70f9db3cbd Fix delay at startup when running against glib 2.49.3+
In glib v2.49.3, an optimization was made to eliminate certain
unnecessary wakeups.  (The specific change was made in
e4ee3079c5afc3c1c3d2415f20c3e8605728f074). Before this change, the
first call to g_main_iteration would always complete immediately.
In Irssi, this effectively reversed the order of the main loop, causing
the reload_config check and the dirty_check to run *before* the first
blocking call to g_main_iteration.

With the new logic, the first g_main_iteration call now blocks,
preventing the screen from being refreshed until the user starts typing
or a timer goes off.  (It also delays processing of SIGHUP, but I
expect that is not a common situation.)

This commit reorders the main loop to wait at the end of the loop,
rather than the beginning, addressing the problem.

(This closes Debian bug #856201.)
2017-03-21 09:37:23 -04:00
ailin-nemui
966efced3c up abi ver 2017-03-14 09:54:28 +01:00
ailin-nemui
e2e02160cd Merge pull request #645 from LemonBoy/keyboard-misc
Timeout feature for keys
2017-03-11 23:11:43 +01:00
Ailin Nemui
77b2631c78 Merge branch 'netjoin-timeout' into 'master'
fe-netjoin: remove irc servers on "server disconnected" signal

Closes #7

See merge request !10
2017-03-10 17:18:18 +01:00
dequis
93c158d815 expand_escape: expand double backslash as a backslash 2017-03-08 20:01:05 -03:00
ailin-nemui
d57c64adeb Merge pull request #667 from ailin-nemui/fix-dcc-get
fix dcc get

fixes #656
2017-03-08 09:45:40 +01:00
ailin-nemui
ddba68ad77 Merge pull request #659 from ailin-nemui/foreach_dontspam
make foreach send commands
2017-03-07 23:37:23 +01:00
ailin-nemui
7bd1b80687 fix dcc get
fixes #656
2017-03-07 23:27:08 +01:00
ailin-nemui
62fd3ac180 Revert "Quote the filename when dcc requests are auto accepted." 2017-03-06 11:27:55 +01:00
ailin-nemui
29f27cfb39 Merge pull request #658 from LemonBoy/dcc-autoaccept
Quote the filename when dcc requests are auto accepted.
2017-03-04 21:43:21 +01:00
LemonBoy
dc99f8d7a5 Properly check the command arguments in tail place.
A command requiring an argument and given in tail position would not
raise an error but silently set the value to the empty string ''.
2017-03-04 21:37:13 +01:00
Nei
7ef22687f9 Merge branch 'd-minor' into 'master'
Prevent some potential null-pointer deferences.

See merge request !9
2017-03-04 20:35:17 +00:00
Stephen Oberholtzer
5c4e6304ce Don't emit the script destroyed signal before script is actually destroyed
The script unloading code originally worked like this:

1. Destroy package
2. Emit 'script destroyed' signal
3. Unhook script's signal handlers

If a script added a 'script destroyed' signal handler, unloading
that script would cause the 'script destroyed' signal to be sent to the
(already destroyed) package.  This would cause a script error, which would
trigger a script unload, which would start the whole process over again,
until we run out of heap or stack space and segfault.

This commit simply reorders the operations so that the 'script destroyed'
signal is sent *after* the script is fully destroyed.
2017-02-28 23:48:56 -05:00
dequis
7c09b72848 fe-netjoin: remove irc servers on "server disconnected" signal 2017-02-27 23:43:37 -03:00
ailin-nemui
fa1a056291 Merge pull request #647 from dequis/fix-early-ison-take-2
notify-ison: Don't send ison before the connection is done
2017-02-27 14:45:41 +01:00
ailin-nemui
9aaa6449a0 make foreach send commands 2017-02-27 13:43:58 +01:00
LemonBoy
027acffb42 Handle file names with quotes.
Let's repurpose escape_string and make it more flexible by letting us
choose the characters to escape.
2017-02-22 11:49:09 +01:00
LemonBoy
db85ab7c90 Quote the filename when dcc requests are auto accepted.
PR #453 forces the user to quote the filenames given to /DCC commands
when they contain spaces but the autoget functionality didn't get
updated so the filename was always passed without quotes.

Closes #656.
2017-02-21 15:17:37 +01:00
LemonBoy
9cae98e642 Execute what's left in the input queue when the timeout expires.
Similar to how vim behaves.
2017-02-18 15:57:55 +01:00
ailin-nemui
540639e0fa Merge pull request #627 from LemonBoy/ssl-expiry
Check whether the client certificate is expired.
2017-02-15 15:49:00 +01:00
LemonBoy
c067f8e99b Do not alias /server <hostname> to /server connect <hostname>
Closes #559.
2017-02-14 23:02:05 +01:00
LemonBoy
98ead50b4e Prevent some potential null-pointer deferences.
Spotted by our friend scan-build.
2017-02-14 14:46:14 +01:00
dequis
15736ba5ab notify-ison: Don't send ison before the connection is done 2017-02-11 00:07:03 -03:00
ailin-nemui
653c7fb05a Merge pull request #622 from ailin-nemui/starttls
provide net_start_ssl api
2017-02-06 12:38:20 +01:00
ailin-nemui
28df637055 provide net_start_ssl api
fixes #615
2017-02-05 23:08:42 +01:00
ailin-nemui
ff5dd3673e Merge pull request #628 from LemonBoy/openssl-compat
Support OpenSSL 1.1.0.
2017-02-05 22:20:31 +01:00
LemonBoy
73e8a065bd Support OpenSSL 1.1.0.
- X509_get_notBefore becomes X509_get0_notBefore
- X509_get_notAfter becomes X509_get0_notAfter
- ASN1_STRING_data becomes ASN1_STRING_get0_data (and drops the const)
- The whole library is now initialized by OPENSSL_init_ssl

Closes #597
2017-02-03 13:29:19 +01:00
Nei
aab24cf4a4 Merge branch 'dub-the-wub' into 'master'
Prevent a memory leak during the processing of the SASL response.

See merge request !8
2017-02-03 11:49:16 +00:00
ailin-nemui
1ee25d2286 Merge pull request #590 from LemonBoy/hi-minor
Minor cleanup in the highlighting signal.
2017-01-31 14:18:48 +01:00
ailin-nemui
4031b92b9b Merge pull request #626 from ailin-nemui/textbuffer_monospace
support storing and replaying the monospace attribute in textbuffer
2017-01-31 14:17:44 +01:00
LemonBoy
19c5178996 Prevent a memory leak during the processing of the SASL response.
We also get rid of an allocation in the process of doing so.
2017-01-24 22:19:50 +01:00
LemonBoy
697dd19d88 Check whether the client certificate is expired.
Right now we only warn the user, the connection keeps going.
Fixes #211
2017-01-22 21:58:55 +01:00
ailin-nemui
876c1dd93e implement break_wide
for more pleasant east asian mixed display
2017-01-20 10:32:23 +01:00
Joseph Bisch
c8dafe2a76
Add SUPPRESS_PRINTF_FALLBACK
There are some cases (such as fuzzing with fe-fuzz) where suppressing
printf output may be desirable.
2017-01-16 12:56:33 -05:00
Hanno
677fb1f55c
perl_parse needs NULL terminated parameter list. 2017-01-15 22:20:23 +01:00
LemonBoy
305b02fc63 Merge pull request #613 from ailin-nemui/fix_completion
fix regression in completion
2017-01-13 22:36:44 +01:00
Alexander Færøy
7732bbed5e Merge pull request #610 from josephbisch/fe-fuzz
Add frontend for fuzzing
2017-01-13 00:16:30 +01:00
Joseph Bisch
fe1ea4b80a
Fix fe-fuzz nits 2017-01-12 18:11:09 -05:00
dx
b15c27cc63 Revert "Don't reset wait_cmd during connection registration (fixes early ISON)" 2017-01-10 03:09:36 -03:00
Joseph Bisch
abdae2d5fc
Don't duplicate module-formats.* in fe-fuzz 2017-01-09 08:19:01 -05:00
ailin-nemui
17fc77565e fix regression in completion
fixes #609
2017-01-09 13:19:37 +01:00
LemonBoy
38ea52d09f Merge pull request #608 from tijko/master
Follow g_strsplit with call to g_strfreev
2017-01-08 21:55:39 +01:00
Joseph Bisch
cf46907256
Add frontend for fuzzing
Use the following configure command:

$ ./configure --with-fuzzer --with-fuzzer-lib=/path/to/libFuzzer.a \
      CC=clang CXX=clang++

Places an irssi-fuzz in src/fe-fuzz/ after build.

Also can specify SANFLAGS to override the chosen sanitizer flags
(defaults to "-g -fsanitize=address -fsanitize-coverage=trace-pc-guard").
2017-01-07 20:01:07 -05:00
Tim Konick
5917bc6f75 Follow g_strsplit with call to g_strfreev 2017-01-07 14:31:35 -08:00
dequis
1831a8e1a7 Don't reset wait_cmd during connection registration (fixes early ISON) 2017-01-06 12:49:56 -03:00
dequis
752f484c6c Add OPENSSL_NO_EC for solaris 11.3, see issue #598
Original patch by 'Slarky'

According to that ticket, the next major version of solaris won't need
this. Consider reverting this when solaris 11.3 stops being relevant.
2017-01-06 11:47:24 -03:00
Martijn Dekker
c9c45e4f89 make irssi --with-perl build with separate object directory
irssi 1.0.0 will not build if Perl is enabled and a separate
object code directory is used. The problem was a relative path
to an internal Perl dependency in four Makefile.PL.in files.
2017-01-06 12:24:36 +01:00
ailin-nemui
33107be748 fix GRegex GError problem 2017-01-05 13:06:55 +01:00
Nei
7a112e0217 Merge branch 'master' into 'security'
Sync to master

See merge request !6
2017-01-03 13:30:39 +01:00
ailin-nemui
01163710e7 Merge pull request #585 from ailin-nemui/win_seq
g_sequence backing for window list
2017-01-03 12:45:50 +01:00
Ailin Nemui
1f72b8e66a up abi version 2017-01-03 12:29:52 +01:00
Ailin Nemui
f5cbbebc2e switch for gregex and regex.h 2017-01-03 12:29:11 +01:00
Nei
1b99299ed2 Merge branch 'percent_flag' into 'security'
fix %[

See merge request !5
2017-01-02 17:01:47 +00:00
Nei
124bcd4804 Merge branch '4-use-after-free-when-receiving-numeric-432-invalid-nick' into 'security'
avoid server_disconnect

See merge request !4
2017-01-02 17:01:29 +00:00
Nei
c3cca5ecf3 Merge branch '1-null-pointer-dereference-in-irc_nickcmp_rfc1459' into 'security'
bail out if nick is NULL

See merge request !3
2017-01-02 17:01:05 +00:00
Nei
24d2d039b5 Merge branch '3-out-of-bounds-read-with-invalid-utf8-in-term_addstr' into 'security'
Fix oob read on invalid utf8 in term_addstr

See merge request !2
2017-01-02 17:00:44 +00:00
Nei
7daa7a6aa9 Merge branch '2-out-of-bounds-read-of-one-byte-with-x1b-48-in-truecolor-builds' into 'security'
check for end of string in ansi 48

See merge request !1
2017-01-02 17:00:15 +00:00
LemonBoy
5dcf291f21 Use the RAW flag when building the regexps.
Also, plugged a memory leak when retrieving the match position.
2017-01-02 17:50:14 +01:00
LemonBoy
5eaead761f Rebase against master. 2017-01-02 17:50:14 +01:00
LemonBoy
3fcd3cd2b9 Remove the regexp_compiled field.
It was made redundant by the introduction of the pointer to the GRegex
structure.
Silence the compiler warning in textbuffer.c about preg being
initialized by setting it to NULL.
2017-01-02 17:50:14 +01:00
LemonBoy
8e5db471e4 Use GLib's regexp interface (backed by PCRE) 2017-01-02 17:50:14 +01:00