From 40eb257d0d04cf47c10a882de7261ef8d3f7f48e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Tue, 17 Sep 2019 09:02:45 +0200 Subject: [PATCH 1/4] doc: update German auto-generated file --- doc/de/autogen/user/weechat_options.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/de/autogen/user/weechat_options.adoc b/doc/de/autogen/user/weechat_options.adoc index aa86de834..d5d7da7dc 100644 --- a/doc/de/autogen/user/weechat_options.adoc +++ b/doc/de/autogen/user/weechat_options.adoc @@ -915,7 +915,7 @@ ** Standardwert: `+100+` * [[option_weechat.look.nick_color_force]] *weechat.look.nick_color_force* -** Beschreibung: pass:none[force color for some nicks: hash computed with nickname to find color will not be used for these nicks (format is: "nick1:color1;nick2:color2"); look up for nicks is with exact case then lower case, so it's possible to use only lower case for nicks in this option; color can include background with the format "text,background", for example "yellow,red"] +** Beschreibung: pass:none[erzwingt für einen Nick eine spezielle Farbe. Die standardmäßig, mittels Streuwertfunktion aus dem Nicknamen, generierte Farbe findet für diese Nicks keine Anwendung (Format:"Nick1:Farbe1;Nick2:Farbe2"). Zuerst wird beim Namen des Nick nach Groß- und Kleinschreibung unterschieden. Sollte der Nick nicht gefunden werden findet keine Unterscheidung mehr statt. Somit ist es möglich die Nicks, für diese Einstellung, ausschließlich in Kleinschrift aufzuführen; die Farbauswahl kann auch eine Hintergrundfarbe beinhalten "Textfarbe,Hintergrundfarbe", zum Beispiel "yellow,red"] ** Typ: Zeichenkette ** Werte: beliebige Zeichenkette ** Standardwert: `+""+` From 63a05d72d90cce719b45cc9ab8248da12905d9b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Tue, 17 Sep 2019 21:21:28 +0200 Subject: [PATCH 2/4] buflist: fix extra spaces between buffers when conditions are used to hide buffers (closes #1403) This is a regression introduced in version 2.6 by commit bf21ca072d5250b1196e62db61f3ba675ee89b52. --- ChangeLog.adoc | 5 +++++ src/plugins/buflist/buflist-bar-item.c | 15 ++++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/ChangeLog.adoc b/ChangeLog.adoc index 458d30184..b85d29556 100644 --- a/ChangeLog.adoc +++ b/ChangeLog.adoc @@ -18,7 +18,12 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes] [[v2.7]] == Version 2.7 (under dev) +Bug fixes:: + + * buflist: fix extra spaces between buffers when conditions are used to hide buffers (regression introduced in version 2.6) (issue #1403) + Build:: + * core: remove file FindTCL.cmake * core: display an error on missing dependency in CMake (issue #916, issue #956) diff --git a/src/plugins/buflist/buflist-bar-item.c b/src/plugins/buflist/buflist-bar-item.c index c3f108507..fc4a6f8ff 100644 --- a/src/plugins/buflist/buflist-bar-item.c +++ b/src/plugins/buflist/buflist-bar-item.c @@ -359,13 +359,6 @@ buflist_bar_item_buflist_cb (const void *pointer, void *data, ptr_buffer, "name"); } - if (weechat_config_boolean (buflist_config_look_add_newline) - && *buflist[0]) - { - if (!weechat_string_dyn_concat (buflist, "\n")) - goto error; - } - /* current buffer */ current_buffer = (ptr_buffer == ptr_current_buffer); weechat_hashtable_set (buflist_hashtable_extra_vars, @@ -588,6 +581,14 @@ buflist_bar_item_buflist_cb (const void *pointer, void *data, line_number_current_buffer = line_number; prev_number = number; + /* add newline between each buffer (if needed) */ + if (weechat_config_boolean (buflist_config_look_add_newline) + && *buflist[0]) + { + if (!weechat_string_dyn_concat (buflist, "\n")) + goto error; + } + /* build string */ line = weechat_string_eval_expression ( (current_buffer) ? ptr_format_current : ptr_format, From f7b84fcc67baf6221b89ffcb75a946ae045cb0df Mon Sep 17 00:00:00 2001 From: Tobias Stoeckmann Date: Tue, 17 Sep 2019 21:26:52 +0200 Subject: [PATCH 3/4] Fixed segfault during excessive evaluation. It is possible to trigger a segmentation fault while processing an evaluation of repeating string. On a Linux 64 bit system, enter this (or adjust arguments for 32 bit accordingly): /eval -n ${repeat:1073741824,----} It will overflow an integer calculation because int instead of size_t is used. Proper check of int limitations fixes this issue. I haven't changed this specific piece of code to size_t because it would crash in other parts of the code tree instead. For now, int is a limitating factor when it comes to strings (and should be enough for sane use cases). Signed-off-by: Tobias Stoeckmann --- src/core/wee-string.c | 5 +++++ tests/unit/core/test-core-string.cpp | 3 +++ 2 files changed, 8 insertions(+) diff --git a/src/core/wee-string.c b/src/core/wee-string.c index 19a25b28b..5025958a1 100644 --- a/src/core/wee-string.c +++ b/src/core/wee-string.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -224,6 +225,10 @@ string_repeat (const char *string, int count) return strdup (string); length_string = strlen (string); + + if (count >= INT_MAX / length_string) + return NULL; + length_result = (length_string * count) + 1; result = malloc (length_result); if (!result) diff --git a/tests/unit/core/test-core-string.cpp b/tests/unit/core/test-core-string.cpp index 11ec19b4d..a1dda1af2 100644 --- a/tests/unit/core/test-core-string.cpp +++ b/tests/unit/core/test-core-string.cpp @@ -26,6 +26,7 @@ extern "C" #ifndef HAVE_CONFIG_H #define HAVE_CONFIG_H #endif +#include #include #include #include @@ -300,6 +301,8 @@ TEST(CoreString, Reverse) TEST(CoreString, Repeat) { POINTERS_EQUAL(NULL, string_repeat (NULL, 1)); + POINTERS_EQUAL(NULL, string_repeat ("----", INT_MAX / 4)); + STRCMP_EQUAL("", string_repeat ("", 1)); STRCMP_EQUAL("", string_repeat ("x", -1)); From d26893a70de8293a1f489172894b4cd97c6c0e79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Tue, 17 Sep 2019 21:29:28 +0200 Subject: [PATCH 4/4] core: update ChangeLog (closes #1400) --- ChangeLog.adoc | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog.adoc b/ChangeLog.adoc index b85d29556..172b9e891 100644 --- a/ChangeLog.adoc +++ b/ChangeLog.adoc @@ -20,6 +20,7 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes] Bug fixes:: + * core: fixed segfault during excessive evaluation in function string_repeat (issue #1400) * buflist: fix extra spaces between buffers when conditions are used to hide buffers (regression introduced in version 2.6) (issue #1403) Build::