467222d0ca
fix(ui,db): harden NULL handling, fix CWE-134, optimize iterations
...
CI Code / Code Coverage (push) Failing after 10m34s
CI Code / Check spelling (push) Failing after 10m47s
CI Code / Check coding style (push) Failing after 11m4s
CI Code / Linux (ubuntu) (push) Failing after 11m19s
CI Code / Linux (debian) (push) Failing after 11m28s
CI Code / Linux (arch) (push) Failing after 11m38s
security(CWE-134): fix format string injections + add CI check
fix(ui): subwindow lifecycle, newwin/newpad guards, fallback timestamps
fix(db): sqlite cleanup on failures, sqlite3_close_v2
fix(xmpp): queued_messages loop, barejid leak
perf(core): g_hash_table_iter_init instead of g_hash_table_get_keys
refactor(ui): CLAMP macro in _check_subwin_width
test: XEP-0012 and XEP-0045 functional tests
Author: jabber.developer2
Closes #58 , #85
2026-02-06 19:27:40 +01:00
Steffen Jaeckel
9b1cb6ab85
If config keyfile does not exist, create it.
...
CI / Check spelling (pull_request) Successful in 22s
CI / Check coding style (pull_request) Successful in 36s
CI / Linux (ubuntu) (pull_request) Successful in 14m11s
CI / Linux (debian) (pull_request) Successful in 16m2s
CI / Linux (arch) (pull_request) Successful in 20m21s
CI / Check spelling (push) Successful in 19s
CI / Check coding style (push) Successful in 34s
CI / Linux (debian) (push) Successful in 13m41s
CI / Linux (ubuntu) (push) Successful in 15m3s
CI / Linux (arch) (push) Successful in 20m23s
Fixes #1911
Alternative to #2056
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu >
(cherry picked from commit b12521ca21 )
2025-09-10 14:20:08 +02:00
0d7a859a20
fix: curl parameter type correction
CI / Check coding style (pull_request) Successful in 34s
CI / Check spelling (pull_request) Successful in 24s
CI / Linux (ubuntu) (pull_request) Successful in 10m8s
CI / Linux (debian) (pull_request) Successful in 12m7s
CI / Linux (fedora) (pull_request) Successful in 13m44s
CI / Linux (arch) (pull_request) Successful in 16m39s
2025-06-20 14:58:30 +02:00
Michael Vetter
07dfeec816
Release 0.15.0
2025-03-27 20:06:38 +01:00
Michael Vetter
b5f0cc0bd4
Fix more potential leaks in aesgcm_download
2025-03-13 09:48:27 +01:00
Michael Vetter
569e37f018
Update copyright to 2024
2024-01-22 16:03:48 +01:00
Steffen Jaeckel
fdfe3e2ad9
Rework OMEMO handling on disconnect
...
* Fix missing destruction of `session_store` and mutex
* Replace `glib_hash_table_free()`
The glib API `g_hash_table_destroy()` does exactly the same.
* Use the default libsignal `destroy_func` instead of doing that manually
* Set internal state to `0` after everything is cleaned up
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-12-12 18:26:21 +01:00
Steffen Jaeckel
835ea397ac
Tidy up some code
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-12-12 18:26:21 +01:00
Steffen Jaeckel
ca2df180d8
Introduce a shared implementation for keyfile loading
...
Instead of copy&pasting the same code over again, use a common
implementation.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-09-04 09:59:09 +02:00
Steffen Jaeckel
b7f964fe64
Resolve symlinks recursively in get_file_or_linked()
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-09-04 09:59:09 +02:00
Steffen Jaeckel
d3b6ebb1d7
Less allocations in str_replace()
...
If `n` is the number of `substr` replace operations, the old
implementation did `n+1` allocations and always first copied start,
then replacement, then the remaining (unsearched) part of the original
string.
Now calculate the number of occurences of `substr` before allocating the
resulting string.
Change the algorithm to parse through the original string and only
copy the parts that must be kept into the resulting string plus the
replacements where they belong at.
Now we also only have to go through the original string twice plus we only
do a single allocation.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-09-01 12:12:44 +02:00
Michael Vetter
22b1d14b67
Add helper function to create version string
...
And remove all the duplicate code.
Depending on the situation prof_get_version() will return:
* 0.13.1
* 0.13.1dev
* 0.13.1dev.master.69d8c1f9
2023-07-25 20:58:15 +02:00
John Hernandez
09f217d667
Improve documentation
2023-07-13 21:22:42 +02:00
John Hernandez
8304ac86ff
g_free() to auto_gfree, introduce auto_guchar
...
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
e1d137f4e6
Change char->free to auto_char char for autocleanup
...
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain `char` functions/variables to `gchar`
Related to #1819 .
Edited by @jubalh.
2023-07-11 13:26:37 +02:00
Michael Vetter
6247c28e31
Merge pull request #1842 from H3rnand3zzz/feature/plugins-download
...
New Feature: Plugins Download
2023-06-06 18:35:18 +02:00
John Hernandez
95e06ad169
Add url support (downloading) to /plugins install
...
Additional changes include code refactoring.
2023-05-16 15:57:07 +02:00
John Hernandez
7f3fca2bd0
Cleanup: gchar as gchar instead of char
...
Use gchar instead of char in most of the cases where gchar is intended.
Reason: improve compatibility and stability. Issue #1819
Minor refactoring.
2023-05-04 16:15:09 +02:00
Michael Vetter
e59c401c84
Adapt to g_string_free glib 2.75.3 change
...
glib 2.75.3 changes warning behaviour of `g_string_free()`.
See:
* https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3219
* https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3226
Use this opportunity to replace the use of GString with
`g_strdup_printf()` where possible.
Otherwise correctly take the return value of `g_string_free()`
which is nicer anyways.
2023-03-21 10:53:10 +01:00
Steffen Jaeckel
7167760bdd
fix #1761 by changing the implementation from recursive
...
... to an iterative approach
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-03-11 15:05:03 +01:00
Steffen Jaeckel
99ffaf0a00
introduce auto_gcharv
...
This also fixes memory leaks in `_omemo_autocomplete()`.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-01-19 10:40:25 +01:00
Steffen Jaeckel
698aefa005
fix memory leaks in OMEMO
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-01-18 20:11:13 +01:00
Steffen Jaeckel
b1b6c6f62d
add /strophe command to modify libstrophe-specific settings
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-01-18 17:04:41 +01:00
Michael Vetter
3adc399da0
Update copyright year
2023-01-10 10:37:25 +01:00
Marouane L
2d11a35ee1
Spawn external programs asynchronously
...
Drawback is that we can't check the exitcode anymore.
But we were unsure why/when we need this, see:
https://github.com/profanity-im/profanity/pull/1760/files#r980868708
Fixes https://github.com/profanity-im/profanity/issues/1759
2022-10-12 12:25:00 +02:00
nandesu-utils
e1ed012f72
support for formatting in avatar executable
...
in before it just used the input command line as it was but this fixes
this by adding formatting using `format_call_external_argv` which is
already used in `url open` executable.
2022-09-06 12:51:27 +02:00
nandesu-utils
056b19eb91
refactored call_external code
...
unluckily here the code neglected the fact that glib will set an error
to a location that was pointed by the error pointer if it is not null.
but it was of an undefined value hence profanity crashed. now it is null
as it must be.
also spawn error is returned when glib could not spawn the task for
some reason like the executable file does not exist but if the exit
status was non-zero it neglected the exit error and tried to output a
spawn error instead. now we check whether the process that we
instantiated has exited successfully
also now code uses `g_spawn_check_wait_status` which
`g_spawn_check_exit_status` has been aliased to.
2022-08-27 16:25:15 +03:00
Michael Vetter
932e7826aa
common: dont use GError twice
...
We need to use a new one or call `g_clear_error()`.
Fix segfault in https://github.com/profanity-im/profanity/issues/1738
2022-08-02 14:13:28 +02:00
Michael Vetter
9df4bd29ea
Check for error before trying to append it
...
Related to https://github.com/profanity-im/profanity/issues/1738
2022-08-02 08:55:18 +02:00
Michael Vetter
1330ad4e1e
Update copyright year
2022-05-09 15:43:33 +02:00
Steffen Jaeckel
705b6f7806
use g_mkdir_with_parents() instead of home-baked solution
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2022-03-14 13:17:46 +01:00
Michael Vetter
8e588d6764
Fix random string generation
...
Our variable `alphabet` contains 62 alphanumeric symbols + '\0'.
When we use sizeof(alphabet) we will get 63 due to that.
But we want to choose a random numbers from the 62 alphanumeric letters only.
This mistake caused us to have strings with a max length of `length`
instead of the exact length.
When doing https://github.com/profanity-im/profanity/issues/1520
this caused our algo for muc reflection to not catch since we expect the
random ID to be exactly 15 symbols long in `message_is_sent_by_us()`.
2021-04-17 22:37:21 +02:00
Michael Vetter
1ec606540e
Get rid of asprintf and _GNU_SOURCE define
...
_GNU_SOURCE was even in some files where it was not needed at all
(http*).
Let's replace asprintf() with g_strdup_printf().
2021-03-30 17:38:13 +02:00
Maximilian Wuttke
1576ac11cb
Remove "file://" from file names
...
Rationale: When copying an image in some application, a URL instead of a
path is copied to the clipboard.
2021-03-09 20:45:29 +01:00
Michael Vetter
8c08e64f37
Update copyright
2021-01-08 16:36:30 +01:00
William Wennerström
0437fae1a8
Do not inherit stdin of main process
...
I see no reason to inherit the stdin, so let's have it disabled.
2020-12-15 15:48:51 +01:00
William Wennerström
32cfea4bd2
Refactor call_external
2020-12-11 15:51:01 +01:00
William Wennerström
073412b845
Remove stray +2 for path string in get_expanded_path
2020-12-09 19:24:15 +01:00
Michael Vetter
b525befe67
Allocate memory for realpath in both cases
...
Forgot about that :(
2020-12-09 16:22:06 +01:00
Michael Vetter
a2291b36c4
Expand ~ in unique_filename_from_url()
...
unique_filename_from_url() is used for `/url save`.
It doesn't recognize ~ by itself, we need to expand it first.
Mentioned in
https://github.com/profanity-im/profanity/pull/1375#pullrequestreview-547892462
2020-12-09 08:44:26 +01:00
William Wennerström
ac03037847
Rework url to filename
2020-12-06 17:02:09 +01:00
William Wennerström
1d2c0a8836
Move unique_filename_from_url functions to common
2020-12-04 16:13:13 +01:00
William Wennerström
3a6597ee29
Refactor for threaded external executable for built-in download methods
2020-12-03 16:54:06 +01:00
Michael Vetter
35aecd425f
Declare counter var inside loop
...
We require c99/gnu99 anyways.
2020-11-09 11:33:33 +01:00
Michael Vetter
3d307fe341
Get rid of str_contains()
...
We can use strchr() here.
2020-11-02 18:52:25 +01:00
nia
52e9be4abc
Basic support for building on NetBSD.
...
- Add NetBSD as a recognized platform without -ldl.
- Allow building with NetBSD libcurses instead of ncurses.
- Portability to NetBSD sh - use POSIX '=' instead of '=='.
2020-09-04 12:55:20 +02:00
Michael Vetter
a2726b6a7d
Apply coding style
2020-07-07 14:18:57 +02:00
Michael Vetter
a4cadf78fa
Revert "Apply coding style"
...
This reverts commit 9b55f2dec0 .
Sorting the includes creates some problems.
2020-07-07 13:53:30 +02:00
Michael Vetter
9b55f2dec0
Apply coding style
...
Regards https://github.com/profanity-im/profanity/issues/1396
2020-07-07 09:43:28 +02:00
Michael Vetter
f4159d8168
get_mentions() Use gchar instead of char
2020-07-02 12:17:23 +02:00