They were disabled in 171b6e73c9.
Enable the functional test suite and replaces the
dependency on libexpect with a custom solution.
The native solution allows for specific optimizations like automatic
ANSI code stripping, which is essential for reliable pattern matching in
an ncurses interface.
Custom PTY management via libutil provides full control over the process
lifecycle, resolving issues where tests would hang indefinitely.
We use forkpty from libutil.
Addiiotnally this commit implements automatic ANSI escape sequence
filtering to improve matching consistency.
This will get rid of the colors in matches. It's still something that we
need to think about more since basically we will not test out
color/theme system this way.
We also add non-blocking poll() and SIGKILL based teardown logic to
ensure clean test termination.
We added the functional tests to both autotools and meson.
They are only build when tests are enabled and stabber + libutil are
present.
Meson will print this out nicely in the summary.
Regards https://github.com/profanity-im/profanity/issues/789
When targeting a specific preference (`/time console off`)
the loop would continue to iterate through the remaining
categories after finding and applying the setting.
Because subsequent items would not match, it always resulted in
"invalid usage" printed as well after the success message.
The /connect command supports several optional parameters
server, port, tls, and auth.
This was implemented in ac410445af but
this change in the command definitions probably were forgotten.
Fix several issues in cmd_ac_complete_filepath:
* Prevent a segfault when input is empty.
* Fix a double free where acstring was managed by both auto_gchar and GArray.
* Fix a memory leak when reassigning inpcp during quote stripping.
* Restore the ability to cycle through files on repeated TAB presses by
caching the last input and skipping updates if the input is already a
known completion.
* Preserve user input style (e.g. ~, ./) in autocompletion strings to
ensure matches are correctly displayed and filtered.
Bug got introduced when "cleaning" code with new compiler flags and
sanitizers: aec8e48268.
Add unit tests so this doesn't happen again.
Before that commit we didn't use the static variable but used
autocomplete_update instead. Now we avoid redundat updates and preserve
the state across tab presses. We should look at this again later.
Fix https://github.com/profanity-im/profanity/issues/2098
Usually we point to the website. But honestly it's cumbersome for
developers to update the website. Let's decide later whether we remove
the section there or how we keep it in sync.
But for now let's just add a detailed build section here.
Especially since now we ship autotools *and* meson.
Also mention the convention that we use `build_run` as the meson build
dir. The quality script will depend on this.
Update the gh workflow to pin clang-format to version 21.
Mention the version we use in CONTRIBUTING.md.
And hint to the workflow file if we want to change it.
Move the `make doublecheck` functionality into a build system agnostic
script.
`scripts/quality-check.sh` can now be used to check for spelling via
codespell, formatting clang-format and run the unit tests.
`make doublecheck` and `meson compile doublecheck` will call this
script.
Sometimes we have issues with different versions of clang-format locally
vs our CI. In this case SKIP_FORMAT env variable can be set.
Use a behavior-driven naming convention for unit tests.
Functions are now named using the pattern: [unit]__[verb]__[scenario]
The __ works as a semantic separator.
Examples:
* jid_create__returns__null_from_null()
* cmd_connect__shows__usage_when_no_server_value
Benefits:
* Easy to find all tests associated with a specific function using the
mandatory prefix.
* Test output in CI now explicitly describes the unit, the expected
outcome, and the scenario being tested.
Also disabled keyhandlers tests due to missing code in src/ui.
For example cmd_account() is located in src/command/cmd_funcs.c.
The unit test was located in tests/unittests/test_cmd_account.c.
Let's move it to a subdirectory like tests/unittests/command/test_cmd_account.c
to correpsond to the same structure.
Only handle self-presence for rooms we are actively managing.
Earlier we blindly react to any self-presence
stanza by calling 'ui_room_join'.
The join could have been initiated by another client or an external
Gateway. In the case of #731 this was Slack.
I remember that more people reported this kind of bug in our MUC.
We then would open a window and the nick would be (null) because we
don't have any nickname for that room set.
So only react on self-presence if we manage the MUC.
Other XMPP clients do the same.
Fix https://github.com/profanity-im/profanity/issues/731
When an OMEMO bundle is received with an empty <prekeys/> element,
`prekeys_list` remains empty. In omemo_start_device_session(),
performing a modulo operation on the length of an empty list
(0) triggered a SIGFPE (Floating point exception).
torsocks likely affected the network environment where such empty
or incomplete bundles could be intercepted.
Fix https://github.com/profanity-im/profanity/issues/1997
Should help us find the following bugs early.
ASan:
* Out-of-bounds accesses
* Use-after-free
* Memory leaks
* Double free / Invalid free
UBSan:
* Undefined Behavior
* Signed integer overflow
* Null pointer dereference
* Pointer misalignment
* Division by zero
* Bit-shifting out of bounds
This needs works during runtime. But let's add it here so that at least
basic --version run is test and as a reminder for developer to add it.
I will also adjust documentation later on.
Simplify how field values are updated and ensure memory is correctly
managed.
The previous implementation relied on manual manipulation of the
GSList internal `data` member and only handled cases where a field
had zero or one existing value.
The function now correctly handles fields that may
already contain multiple values by using 'g_slist_free_full' to
clear the entire list and its contents before setting the new
value.
Adding an explicit NULL check for 'input' at the start of
cmd_ac_complete to prevent a potential crash and resolve
a GCC static analyzer warning.
Quirk Explanation:
The analyzer found a "deref-before-check" warning for:
`if ((strncmp(input, "/", 1) == 0) && (!strchr(input, ' ')))`
The analyzer interpreted 'strchr(input, ' ')' as a point where the
validity of 'input' is being questioned (a "check"), even though it is
actually checking the return value. This is due to GCC's internal model
of certain standard string functions having a 'nonnull' attribute or
being categorized as pointer "interrogations" in its state machine.
Because 'strncmp' dereferences 'input' earlier in the same line, the
analyzer saw a logical contradiction: "You treat it as safe in strncmp,
but then you call a function (strchr) that 'requires/checks' it to be
safe, implying you weren't sure."
Even though we are using with GNU extensions I will add this flag
since I prefer the explicit writing style that we have to use wich
this flag enabled.
Let's build with -fanalyzer in debug mode.
These commits are related to issues found by gccs static analyzer.
Also bulid with -fstack-protector-strong compiler flag.
This flag adds a canary to stack frames, causing the program to terminate immediately if stack corruption is detected.
This helps identify memory safety bugs earlier during development by
turning silent corruption into an immediate crash.
* _rotate_log_file(): guard against NULL mainlogfile before g_strdup/strlen
* log_stderr_init(): move dup2 after malloc checks to avoid fd leak on
allocation failure.
Also remove explicit close(STDERR_FILENO) before dup2
since dup2 closes the target atomically. Close the fd returned by
dup2 immediately.
We were sequentially checking for errors from 'curl_easy_perform',
'ftell', and 'fclose'. Each time overwriting the last one, resulting in
a leak. This commit ensures that 'err' is only set if it is currently
NULL, preserving the first and most specific error encountered.