987b03da39
core: use util functions to parse integers in nicklist functions
2026-06-20 17:30:41 +02:00
a1f1443fd8
core: use util functions to parse integers in function gui_line_hook_update
2026-06-20 17:30:41 +02:00
ca8312a48c
core: use function util_parse_int in function gui_key_grab_init
2026-06-20 17:30:41 +02:00
971f7b1660
core: use function util_parse_int in function gui_hotlist_clear_level_string
2026-06-20 17:30:41 +02:00
643f2fab5b
core: use function util_parse_int in function gui_focus_info_hashtable_gui_focus_info_cb
2026-06-20 17:30:41 +02:00
5f36c52935
core: use function util_parse_int in color functions
2026-06-20 17:30:41 +02:00
92219ba132
core: use function util_parse_longlong in function gui_chat_hsignal_quote_line_cb
2026-06-20 17:30:41 +02:00
905a68739e
doc/api: note that colors param is supported nicks endpoint
2026-06-20 17:18:23 +02:00
3200a05c00
relay/api: fix memory leak in resources "handshake", "input" and "completion"
2026-06-17 21:54:15 +02:00
861f589fc2
core: update ChangeLog ( #2326 )
2026-06-17 21:31:03 +02:00
c40261aed1
xfer: fix out-of-bounds write in xfer_dcc_resume_hash ( #2326 )
2026-06-17 21:29:45 +02:00
770e733303
ci: switch from Ubuntu 24.04 to 26.04
2026-06-15 21:55:54 +02:00
9bd2aaa25d
core: mute compiler warning on calls to dup() function
2026-06-15 08:22:03 +02:00
4e206ee3ae
trigger: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:55:20 +02:00
7ff71d2b0e
spell: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:55:10 +02:00
203fdca3e8
script: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:54:40 +02:00
e3ba25df19
relay: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:54:10 +02:00
64566629c5
irc: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:52:12 +02:00
7e3afaf46d
core, api: use "const char *" variables for result of string functions with const parameter
2026-06-15 07:52:10 +02:00
cf702d541f
api: change type of parameter "pos_option_name" to "const char **" in function config_search_with_string
2026-06-15 07:29:33 +02:00
a8067751eb
doc/plugin: fix parameters of mkdir functions
...
The directory parameter is always `const char *` and not `char *`.
2026-06-15 07:29:28 +02:00
a696a100d8
core: update ChangeLog ( #2325 )
2026-06-12 13:02:05 +02:00
e60786d059
core: fix buffer overflow in function network_pass_socks5proxy ( #2325 )
...
bound the configured proxy username and password before they are copied into the fixed stack buffer in network_pass_socks5proxy, otherwise a login longer than the buffer (a long password or token) overruns it while building the SOCKS5 auth request.
2026-06-12 13:00:17 +02:00
d78105ddf5
core: add CVE IDs in ChangeLog
2026-06-09 22:10:17 +02:00
2a8c86242b
core: update German translations
2026-06-09 10:42:23 +02:00
dd9ef2f4d9
tests: add missing include of string.h
2026-06-08 23:17:19 +02:00
4c6c55befe
core: update translations
2026-06-08 23:15:00 +02:00
de878b2303
relay/api: remove error 400 which is never returned in response to GET /api/scripts
2026-06-08 23:11:27 +02:00
80a47b6731
relay/api: add missing fields in script object in OpenAPI document
2026-06-08 23:11:06 +02:00
551c12e049
relay/api: add resource GET /api/scripts
2026-06-08 23:04:40 +02:00
12016c4c05
script: add info "script_languages"
2026-06-08 18:54:06 +02:00
3aeaa70e64
ci: bump poexam to version 0.0.11
2026-06-07 21:56:22 +02:00
66e633e27e
core: add version 4.9.2
2026-06-07 11:51:55 +02:00
436bbeceff
tests: increase buffer size for injection of fake IRC message
2026-06-07 08:47:36 +02:00
c307087e2d
core: update ChangeLog ( #2324 )
2026-06-06 11:19:14 +02:00
51a1149852
relay: fix out-of-bounds read in relay_http_print_log_request ( #2324 )
2026-06-06 11:18:06 +02:00
d74993a42c
relay: limit size of partial message received while reading an HTTP request to prevent memory exhaustion
...
A relay client could send data with no end-of-line (an unterminated method
or header line) and dribble its payload, making WeeChat accumulate it in the
partial message buffer that grew without limit, until all memory was
exhausted. This path is reachable before authentication during websocket
initialization with the "weechat" and "irc" protocols.
The accumulated partial message is now bounded by
RELAY_HTTP_PARTIAL_MESSAGE_MAX_LENGTH: once the limit is reached, the extra
data is ignored.
2026-06-06 09:36:22 +02:00
51464e400f
core: add links to issues in ChangeLog ( #2321 , #2322 )
2026-06-06 07:20:41 +02:00
1c5e6c3fc2
core: update ChangeLog ( #2323 )
2026-06-06 07:20:38 +02:00
e563dfc903
doc: add build of Serbian API Relay doc
2026-06-06 07:09:04 +02:00
befbcceb7f
relay/api: add field "last_read_line_id" in GET /api/buffers
2026-06-06 07:04:46 +02:00
56f9ad68fb
xfer: fix out-of-bounds read in xfer_chat_recv_cb on empty line ( #2323 )
2026-06-06 07:01:18 +02:00
328f86affc
irc: fix out-of-bounds read in DCC command with quoted filename
2026-06-04 23:17:58 +02:00
f4dc30ec58
tests: add tests on function xfer_file_find_filename
2026-06-04 23:17:58 +02:00
23291acb7b
xfer: replace directory separator in remote nick by underscore in download filename
2026-06-04 22:38:08 +02:00
b802681230
api: fix infinite loop in function string_replace when the search string is empty
2026-06-03 21:15:16 +02:00
3687ce0f0f
relay: limit size of received websocket frame and HTTP body to prevent memory exhaustion
...
A relay client could announce a huge websocket frame (or HTTP body via
"Content-Length") and dribble its payload, making WeeChat accumulate it
in a buffer that grew without limit, until all memory was exhausted. The
websocket frame path is reachable before authentication with the
"weechat" and "irc" protocols.
The announced websocket frame length and HTTP "Content-Length" are now
bounded by WEBSOCKET_FRAME_MAX_LENGTH and RELAY_HTTP_BODY_MAX_LENGTH: an
oversized websocket frame closes the connection, and an oversized body is
rejected.
2026-06-01 21:56:34 +02:00
1211510ded
irc: limit size of data received from the server to prevent memory exhaustion
...
A malicious or compromised IRC server could send data with no end-of-line
(or a flood of "005" messages), making WeeChat accumulate it in a buffer
that grew without limit, until all memory was exhausted.
The unterminated received message and the accumulated "005" (ISUPPORT)
data are now bounded by IRC_SERVER_RECV_MSG_MAX_LENGTH and
IRC_SERVER_ISUPPORT_MAX_LENGTH: extra data is ignored once the limit is
reached.
2026-06-01 21:53:03 +02:00
07871f123f
core: fix possible integer truncation in function eval_string_split ( #2320 )
2026-06-01 10:25:35 +02:00
a0cf82d4a6
core: replace Bash/Ubuntu with WSL in README
2026-05-31 17:24:41 +02:00
Sébastien Helleu