1
0
mirror of https://github.com/irssi/irssi.git synced 2024-10-27 05:20:20 -04:00
Commit Graph

5501 Commits

Author SHA1 Message Date
dequis
52bb06ccd9 fe-dcc-(get|send): Fix some -Wpointer-compare with newer gcc
The warning itself:

>warning: comparison between pointer and zero character constant [-Wpointer-compare]

Harmless stuff as far as I can tell.

The fix adds a null check that probably isn't needed. The old code that
compared against '\0' worked a lot like a null check so it makes sense
to keep that, while also adding the intended check for empty string.

This was visible with "/dcc close send a" showing an empty filename.
The equivalent for get didn't show the filename in the format string.
2017-06-05 15:58:43 -03:00
Ailin Nemui
fb08fc7f1a Merge remote-tracking branch 'gitlab/security' 2017-06-05 15:12:16 +02:00
ailin-nemui
4edfccfce7 get rid of new_text 2017-06-05 13:46:43 +02:00
ailin-nemui
48899a123d Update iregex-gregex.c
add 2 comments about new_string
2017-06-05 10:23:16 +02:00
ailin-nemui
00354c3651 Update iregex-gregex.c
make helper functions static
2017-06-05 10:10:38 +02:00
Jari Matilainen
f28c64a3dc Make backward compatible with ssl flags 2017-06-04 19:47:30 +02:00
ailin-nemui
78a390f479 abi up 2017-06-04 19:03:40 +02:00
Jari Matilainen
e84adeca15 change ternary operator to if/else statements, add default ssl port support 2017-06-04 17:41:38 +02:00
ailin-nemui
79bbca4644 Refactor regex and implement UTF8 mode for GRegex
- with non-unicode byte to Private Use Area A mapping
- move all ifdefs to iregex.h file only
2017-06-04 00:52:53 +02:00
ailin-nemui
31b9d115b0 Merge pull request #706 from dequis/parse-uint
Add parse_uint function to improve integer overflow handling
2017-06-02 14:47:38 +02:00
dx
7843586323 Merge pull request #713 from josephbisch/fix-fe-fuzz-link
Use CXX for fe-fuzz linking
2017-06-02 01:53:09 -03:00
Joseph Bisch
1ce9e07be0
Use CXX for fe-fuzz linking 2017-06-01 23:59:19 -04:00
Nei
200eb5922e Merge branch 'fix-gl9' into 'security'
Fix dcc_request where addr is NULL

See merge request !13
2017-05-30 19:39:06 +00:00
Nei
84503427b0 Merge branch 'fix-gl8' into 'security'
Fix oob read of one byte in get_file_params_count

See merge request !12
2017-05-30 19:38:19 +00:00
ailin-nemui
2d0a9b4ca3 Merge pull request #711 from ailin-nemui/24bit-reset
do not reset true colour bit on colour reset
2017-05-30 13:14:10 +02:00
Joseph Bisch
528f51bfbe
Fix dcc_request where addr is NULL 2017-05-29 14:53:26 -04:00
Joseph Bisch
30a92754bb
Fix oob read of one byte in get_file_params_count{,_resume}
We can use continue to handle cases such as:
"ab<space><space>c"
2017-05-29 14:43:24 -04:00
ailin-nemui
601be18774 Update list.in
Add a more detailed paragraph about service bots

Fixes #699

I would like to add another paragraph about how freenode is 
broken and spits at you the whole list instead of empty list 
if you attempt to use network side filtering......
2017-05-29 11:07:06 +02:00
ailin-nemui
d61c54c32b do not reset true colour bit on colour reset
fixes #710
2017-05-27 00:12:54 +02:00
ailin-nemui
aac20b1513 Merge pull request #707 from mh-source/patch-1
dcc.in: fixed typo 'resolved' -> 'resolves'
2017-05-18 15:39:02 +02:00
dequis
632b0ce5e6 Add parse_uint function to improve integer overflow handling
Originally found by oss-fuzz (issue 525) in get_ansi_color using ubsan.
After a lot of analysis I'm 99% sure this isn't security relevant so
it's fine to handle this publicly.

The fix is mainly adding a function that does it right and use it
everywhere. This is harder than it seems because the strtol() family of
functions doesn't have the friendliest of interfaces.

Aside from get_ansi_color(), there were other pieces of code that used
the same (out*10+(*in-'0')) pattern, like the parse_size() and
parse_time_interval() functions, which are mostly used for settings.
Those are interesting cases, since they multiply the parsed number
(resulting in more overflows) and they write to a signed integer
parameter (which can accidentally make the uints negative without UB)

Thanks to Pascal Cuoq for enlightening me about the undefined behavior
of parse_size (and, in particular, the implementation-defined behavior
of one of the WIP versions of this commit, where something like signed
integer overflow happened, but it was legal). Also for writing
tis-interpreter, which is better than ubsan to verify these things.
2017-05-18 00:21:11 -03:00
mh
5045f4766a dcc.in: fixed typo 'resolved' -&gt; 'resolves'
n/t
2017-05-17 12:17:27 +02:00
Jari Matilainen
0c26aeb9fc Make sure port is only set on /server modify if specified 2017-05-15 23:07:01 +02:00
ailin-nemui
10cea61696 Merge pull request #702 from vague666/server_modify_notls
Added support for -notls and -notls_verify
2017-05-14 09:44:26 +02:00
ailin-nemui
81cf8d8813 Update fe-server.c 2017-05-14 09:43:38 +02:00
ailin-nemui
476f19f123 Merge pull request #705 from ailin-nemui/nicklist-performance
improve nicklist performance
2017-05-14 09:40:55 +02:00
Jari Matilainen
4a6fbdbe78 Spaces to tabs 2017-05-14 03:01:01 +02:00
ailin-nemui
371eb7f505 expand macro 2017-05-12 16:27:33 +02:00
ailin-nemui
787e192567 improve nicklist performance 2017-05-12 13:36:48 +02:00
Jari Matilainen
783458e9ba Added code comments 2017-05-11 14:08:45 +02:00
Jari Matilainen
25f9c71f69 Allow -port <num> or irc.host.tld <port num> in /server add and /server modify 2017-05-11 14:02:23 +02:00
Jari Matilainen
f060292a9c Added braces 2017-05-11 11:17:14 +02:00
Jari Matilainen
dbde9f0fe3 Added support for -notls and -notls_verify 2017-05-11 10:57:24 +02:00
Joseph Bisch
689e80c087 Merge pull request #701 from josephbisch/add-fuzz-patch
Add fuzz.diff for fuzzing with afl
2017-05-08 13:51:38 -04:00
Joseph Bisch
0c760b0c1b
Add fuzz.diff for fuzzing with afl
Authored by dx.
2017-05-08 13:45:13 -04:00
ailin-nemui
f24ad9a366 Merge pull request #698 from ailin-nemui/master
detect Netbsd terminfo
2017-05-04 12:31:32 +02:00
ailin-nemui
c8a19e1124 detect Netbsd terminfo
fixes #694
2017-05-04 12:27:23 +02:00
LemonBoy
c890ecafa0 Merge pull request #686 from josephbisch/remove-history-wrap
Don't allow command history to wrap around
2017-04-11 15:19:19 +02:00
ailin-nemui
411ace0a15 Merge pull request #688 from josephbisch/fix-687
Add syntax info for completion
2017-04-07 21:22:48 +02:00
Joseph Bisch
3297fafcd9
Add syntax info for completion
Allows syntax info to be picked up and displayed by help command.

Fixes #687
2017-04-07 12:56:46 -04:00
Joseph Bisch
405136440c
Remove over_counter
We are no longer using over_counter for any functional purpose, so
remove it.
2017-04-07 08:20:28 -04:00
Joseph Bisch
7c86575b02
Don't allow command history to wrap around
This changes the behavior of the command history to avoid wrapping back
to the bottom once the top of the history is reached.
2017-04-06 20:27:39 -04:00
ailin-nemui
3f69e71804 Merge pull request #685 from josephbisch/fix-462
Fix strange history behavior when history is empty
2017-04-06 17:37:23 +02:00
Joseph Bisch
41776d71f7
Fix strange history behavior when history is empty
If text is being entered and then the user presses the up arrow
followed by the down arrow, the expected behavior is to return to the
text being entered. Prior to this commit that was not the case.

Fixes #462
2017-04-05 11:00:25 -04:00
ailin-nemui
590056d3c3 Merge pull request #677 from rrebello/openssl-misc
OpenSSL support detection and documentation fixes
2017-04-04 12:27:50 +02:00
Joseph Bisch
d5e23f97a7 Merge branch 'off-by-one-fix' into 'master'
Fix off by one error with char_expandos

See merge request !11
2017-03-31 20:06:14 +00:00
Joseph Bisch
a4cc4e0ad7
Fix off by one error with char_expandos 2017-03-31 15:37:48 -04:00
ailin-nemui
3d4ba86a91 Merge pull request #680 from Stevie-O/slow-startup-with-glib-2.49.3
Fix slow startup with glib 2.49.3
2017-03-21 15:47:16 +01:00
Stephen Oberholtzer
2b9be6e2ed Intentation/whitespace fixes
Change several instances of space-indentation to tabs, matching the
surrounding code.
2017-03-21 10:27:39 -04:00
Stephen Oberholtzer
70f9db3cbd Fix delay at startup when running against glib 2.49.3+
In glib v2.49.3, an optimization was made to eliminate certain
unnecessary wakeups.  (The specific change was made in
e4ee3079c5afc3c1c3d2415f20c3e8605728f074). Before this change, the
first call to g_main_iteration would always complete immediately.
In Irssi, this effectively reversed the order of the main loop, causing
the reload_config check and the dirty_check to run *before* the first
blocking call to g_main_iteration.

With the new logic, the first g_main_iteration call now blocks,
preventing the screen from being refreshed until the user starts typing
or a timer goes off.  (It also delays processing of SIGHUP, but I
expect that is not a common situation.)

This commit reorders the main loop to wait at the end of the loop,
rather than the beginning, addressing the problem.

(This closes Debian bug #856201.)
2017-03-21 09:37:23 -04:00