summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-06-06Merge tag '1.0.3'Ailin Nemui
2017-06-05Merge remote-tracking branch 'gitlab/security'Ailin Nemui
2017-06-02Merge pull request #706 from dequis/parse-uintailin-nemui
Add parse_uint function to improve integer overflow handling
2017-06-02Merge pull request #713 from josephbisch/fix-fe-fuzz-linkdx
Use CXX for fe-fuzz linking
2017-06-01Use CXX for fe-fuzz linkingJoseph Bisch
2017-05-30Merge branch 'fix-gl9' into 'security'Nei
Fix dcc_request where addr is NULL See merge request !13
2017-05-30Merge branch 'fix-gl8' into 'security'Nei
Fix oob read of one byte in get_file_params_count See merge request !12
2017-05-30Merge pull request #711 from ailin-nemui/24bit-resetailin-nemui
do not reset true colour bit on colour reset
2017-05-29Fix dcc_request where addr is NULLJoseph Bisch
2017-05-29Fix oob read of one byte in get_file_params_count{,_resume}Joseph Bisch
We can use continue to handle cases such as: "ab<space><space>c"
2017-05-27do not reset true colour bit on colour resetailin-nemui
fixes #710
2017-05-18Merge pull request #707 from mh-source/patch-1ailin-nemui
dcc.in: fixed typo 'resolved' -> 'resolves'
2017-05-18Add parse_uint function to improve integer overflow handlingdequis
Originally found by oss-fuzz (issue 525) in get_ansi_color using ubsan. After a lot of analysis I'm 99% sure this isn't security relevant so it's fine to handle this publicly. The fix is mainly adding a function that does it right and use it everywhere. This is harder than it seems because the strtol() family of functions doesn't have the friendliest of interfaces. Aside from get_ansi_color(), there were other pieces of code that used the same (out*10+(*in-'0')) pattern, like the parse_size() and parse_time_interval() functions, which are mostly used for settings. Those are interesting cases, since they multiply the parsed number (resulting in more overflows) and they write to a signed integer parameter (which can accidentally make the uints negative without UB) Thanks to Pascal Cuoq for enlightening me about the undefined behavior of parse_size (and, in particular, the implementation-defined behavior of one of the WIP versions of this commit, where something like signed integer overflow happened, but it was legal). Also for writing tis-interpreter, which is better than ubsan to verify these things.
2017-05-17dcc.in: fixed typo 'resolved' -&gt; 'resolves'mh
n/t
2017-05-14Merge pull request #702 from vague666/server_modify_notlsailin-nemui
Added support for -notls and -notls_verify
2017-05-14Update fe-server.cailin-nemui
2017-05-14Merge pull request #705 from ailin-nemui/nicklist-performanceailin-nemui
improve nicklist performance
2017-05-12expand macroailin-nemui
2017-05-12improve nicklist performanceailin-nemui
2017-05-11Added code commentsJari Matilainen
2017-05-11Added bracesJari Matilainen
2017-05-11Added support for -notls and -notls_verifyJari Matilainen
2017-05-08Merge pull request #701 from josephbisch/add-fuzz-patchJoseph Bisch
Add fuzz.diff for fuzzing with afl
2017-05-08Add fuzz.diff for fuzzing with aflJoseph Bisch
Authored by dx.
2017-05-04Merge pull request #698 from ailin-nemui/masterailin-nemui
detect Netbsd terminfo
2017-05-04detect Netbsd terminfoailin-nemui
fixes #694
2017-04-11Merge pull request #686 from josephbisch/remove-history-wrapLemonBoy
Don't allow command history to wrap around
2017-04-07Merge pull request #688 from josephbisch/fix-687ailin-nemui
Add syntax info for completion
2017-04-07Add syntax info for completionJoseph Bisch
Allows syntax info to be picked up and displayed by help command. Fixes #687
2017-04-07Remove over_counterJoseph Bisch
We are no longer using over_counter for any functional purpose, so remove it.
2017-04-06Don't allow command history to wrap aroundJoseph Bisch
This changes the behavior of the command history to avoid wrapping back to the bottom once the top of the history is reached.
2017-04-06Merge pull request #685 from josephbisch/fix-462ailin-nemui
Fix strange history behavior when history is empty
2017-04-05Fix strange history behavior when history is emptyJoseph Bisch
If text is being entered and then the user presses the up arrow followed by the down arrow, the expected behavior is to return to the text being entered. Prior to this commit that was not the case. Fixes #462
2017-04-04Merge pull request #677 from rrebello/openssl-miscailin-nemui
OpenSSL support detection and documentation fixes
2017-03-31Merge branch 'off-by-one-fix' into 'master' Joseph Bisch
Fix off by one error with char_expandos See merge request !11
2017-03-31Fix off by one error with char_expandosJoseph Bisch
2017-03-21Merge pull request #680 from Stevie-O/slow-startup-with-glib-2.49.3ailin-nemui
Fix slow startup with glib 2.49.3
2017-03-21Intentation/whitespace fixesStephen Oberholtzer
Change several instances of space-indentation to tabs, matching the surrounding code.
2017-03-21Fix delay at startup when running against glib 2.49.3+Stephen Oberholtzer
In glib v2.49.3, an optimization was made to eliminate certain unnecessary wakeups. (The specific change was made in e4ee3079c5afc3c1c3d2415f20c3e8605728f074). Before this change, the first call to g_main_iteration would always complete immediately. In Irssi, this effectively reversed the order of the main loop, causing the reload_config check and the dirty_check to run *before* the first blocking call to g_main_iteration. With the new logic, the first g_main_iteration call now blocks, preventing the screen from being refreshed until the user starts typing or a timer goes off. (It also delays processing of SIGHUP, but I expect that is not a common situation.) This commit reorders the main loop to wait at the end of the loop, rather than the beginning, addressing the problem. (This closes Debian bug #856201.)
2017-03-20Remove outdated information from INSTALLRodrigo Rebello
Disabling SSL support is no longer an option.
2017-03-20Get back to using pkg-config to check for OpenSSLRodrigo Rebello
Commit 6300dfec7 removed the option to disable SSL support from the configure script since it became a requirement, but it also removed the use of pkg-config for finding the OpenSSL library and its dependencies. This had the unfortunate consequence of breaking the correct detection of library flags in many static linking scenarios. In some cases, for example, OpenSSL might have been built with zlib, which requires `-lz` to be passed to the linker when doing a static link of the irssi executable. Thus, pkg-config becomes an invaluable tool in such situations, since no guessing work is needed as the OpenSSL .pc file provides all the necessary flags. So, this commit re-inserts the PKG_CHECK_MODULES macro in the configure script when looking for OpenSSL. The test using AC_CHECK_LIB remains, but only as a last resort in case the one using pkg-config fails. Also, because the macro AM_PATH_GLIB_2_0 contains an unconditional call to PKG_PROG_PKG_CONFIG, the OpenSSL checks are moved so that they come after the Glib ones in order to avoid doubly checking for the pkg-config binary (PKG_CHECK_MODULES skips that check if it has been performed before, but PKG_PROG_PKG_CONFIG does not).
2017-03-14up abi verailin-nemui
2017-03-11Merge pull request #645 from LemonBoy/keyboard-miscailin-nemui
Timeout feature for keys
2017-03-10Merge branch 'integrate/1.0.2'Ailin Nemui
2017-03-10tag as 1.0.2Ailin Nemui
(cherry picked from commit 2a53853f369b47e42e32e183c8109e3d63808899)
2017-03-10amend forgotten fixailin-nemui
(cherry picked from commit 0ada284a257cfb08da984a78dab24c3ddaf09ec7)
2017-03-10Merge pull request #652 from LemonBoy/trailing-argailin-nemui
Properly check the command arguments in tail place. commit 5a92a3926fab4def4bcb7d14642b93184eeb4f71 Merge: 647ef193a896cc8a97d9bc664a6337b8b779f3c4 e4601b4b43af6177375c90a423546d892fbf6bfd Rebased: e4601b4b43af6177375c90a423546d892fbf6bfd dc99f8d7a5f90eebd4c52cef8d186bf20e2a9912
2017-03-10Merge branch 'netjoin-timeout' into 'master'Ailin Nemui
fe-netjoin: remove irc servers on "server disconnected" signal Closes #7 See merge request !10
2017-03-10Merge pull request #669 from dequis/expand-double-backslashailin-nemui
expand_escape: expand double backslash as a backslash
2017-03-08expand_escape: expand double backslash as a backslashdequis