summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--NEWS18
-rw-r--r--src/irc/dcc/dcc-get.c6
-rw-r--r--src/irc/dcc/dcc-resume.c2
3 files changed, 26 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index af330804..b0a895ad 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,23 @@
v1.1-head 2017-xx-xx The Irssi team <staff@irssi.org>
+v1.0.3 2017-06-06 The Irssi team <staff@irssi.org>
+ - Fix out of bounds read when scanning expandos (GL!11).
+ - Fix invalid memory access with quoted filenames in DCC
+ (GL#8, GL!12).
+ - Fix null-pointer dereference on DCC without address (GL#9, GL!13).
+ - Improve integer overflow handling. Originally reported by
+ oss-fuzz#525 (#706).
+ - Improve nicklist performance from O(N^2) to O(N) (#705).
+ - Fix initial screen redraw delay. By Stephen Oberholtzer
+ (#680, bdo#856201).
+ - Fix incorrect reset of true colours when resetting background. (#711).
+ - Fix missing -notls option in /SERVER. By Jari Matilainen (#117, #702).
+ - Fix minor history glitch on overcounter (#462, #685).
+ - Improved OpenSSL detection at compile time. By Rodrigo Rebello (#677).
+ - Improved NetBSD Terminfo detection. By Maya Rashish (#694, #698).
+ - Add missing syntax info for COMPLETION (#687, #688).
+ - Minor typo correction in help. By Michael Hansen (#707).
+
v1.0.2 2017-03-10 The Irssi team <staff@irssi.org>
- Prevent some null-pointer crashes (GL!9).
- Fix compilation with OpenSSL 1.1.0 (#628, #597).
diff --git a/src/irc/dcc/dcc-get.c b/src/irc/dcc/dcc-get.c
index 73c1b864..107f68fa 100644
--- a/src/irc/dcc/dcc-get.c
+++ b/src/irc/dcc/dcc-get.c
@@ -382,6 +382,8 @@ int get_file_params_count(char **params, int paramcount)
if (*params[0] == '"') {
/* quoted file name? */
for (pos = 0; pos < paramcount-3; pos++) {
+ if (strlen(params[pos]) == 0)
+ continue;
if (params[pos][strlen(params[pos])-1] == '"' &&
get_params_match(params, pos+1))
return pos+1;
@@ -428,6 +430,10 @@ static void ctcp_msg_dcc_send(IRC_SERVER_REC *server, const char *data,
int p_id = -1;
int passive = FALSE;
+ if (addr == NULL) {
+ addr = "";
+ }
+
/* SEND <file name> <address> <port> <size> [...] */
/* SEND <file name> <address> 0 <size> <id> (DCC SEND passive protocol) */
params = g_strsplit(data, " ", -1);
diff --git a/src/irc/dcc/dcc-resume.c b/src/irc/dcc/dcc-resume.c
index 36f84ddf..ce0ac925 100644
--- a/src/irc/dcc/dcc-resume.c
+++ b/src/irc/dcc/dcc-resume.c
@@ -62,6 +62,8 @@ int get_file_params_count_resume(char **params, int paramcount)
if (*params[0] == '"') {
/* quoted file name? */
for (pos = 0; pos < paramcount-2; pos++) {
+ if (strlen(params[pos]) == 0)
+ continue;
if (params[pos][strlen(params[pos])-1] == '"' &&
get_params_match_resume(params, pos+1))
return pos+1;