storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,395 Commits 2 Branches 0 Tags
44ab1f73e33dec872b208b2d2dd1a9696f270925
Commit Graph

114 Commits

Author SHA1 Message Date
Tatsuya Kinoshita
b9c022a810 Only read a first title 
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020215
 2023-01-07 09:57:51 +09:00
Tatsuya Kinoshita
de325360b8 Revert "Only read title when in head" 
This reverts commit 0189e8aa5c.
 2023-01-07 09:24:03 +09:00
Tatsuya Kinoshita
f00b565208 Indentation fix for HTMLtagproc1 2023-01-07 00:31:11 +09:00
Robert Alm Nilsson
0189e8aa5c Only read title when in head 
Before this change, it was possible that w3m would interpret a title tag
under e.g. an svg tag as the page title.
 2023-01-06 23:36:06 +09:00
Tatsuya Kinoshita
4ae311f02a Merge pull request #257 from rkta/failed_system_call 
Handle failed system calls
 2023-01-06 19:38:58 +09:00
Rene Kita
7c7af9e70c Move declarations to appropiate header files 
This is in preparation for the next patch.
 2023-01-04 13:59:49 +01:00
Rene Kita
da9722e3b7 Check LESSOPEN to avoid undefined behaviour 
Like less, w3m can use an input preprocessor when displaying files. The
preprocessor command is taken from the environment variable LESSOPEN.
The command line in LESSOPEN should include one occurrence of the string
"%s", which will be replaced by the filename when the input preprocessor
command is invoked. Giving more than one "%s" - or a any other
conversion specifier - will lead to undefined behaviour.

Add a check to make sure the command given has only one "%s".

This fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991608
 2023-01-04 13:59:13 +01:00
Rene Kita
8df395e7a2 Refactor lessopen_stream 
Use early returns to spare a level of indentation.
 2023-01-04 13:59:13 +01:00
Rene Kita
e6b8a4e250 Fix potential null pointer dereference 
Found when compiling with '-O3 -flto'.
 2022-12-25 11:55:58 +01:00
NRK
faeebc076c fix all -Wmissing-prototypes warnings 2022-04-29 15:59:13 +06:00
NRK
d9284b1193 fix some -Wstrict-prototypes warnings 2022-04-29 15:59:13 +06:00
Tatsuya Kinoshita
fa57b07002 Merge pull request #229 from rkta/null 
Fix all warnings when building with -Wnull-dereference
 2022-04-19 19:59:19 +09:00
Rene Kita
80642d1fe7 Fix potential null dereference 2022-04-19 10:08:54 +02:00
Rene Kita
9eaf044c02 Check return value of Str... functions 
All these functions, StrmyUFgets, StrISgets, etc. can potentially return
NULL. Add a check for it.
 2022-04-19 10:08:54 +02:00
Rene Kita
1365cc1ecc Check for NULL before dereferencing a pointer 
l is part of the exit condition of the while loop. If we exit the loop
because l is NULL, we cannot dereference it.
 2022-04-19 10:08:54 +02:00
Rene Kita
6432709b80 Check for NULL before dereferencing a pointer 
get_auth_param() returns NULL in case of error.
 2022-04-19 10:08:54 +02:00
Rene Kita
9a2b86088c Fix broken anchor with link number at EOL 
If, while adding the link number, we detect that we need to flush the
line, the anchor will be broken. When returning to the last breakpoint
only the link number will be removed, the internal anchor reference '<a
hseq=... >' remains on the flushed line.

Instead of adding the link number in a separate operation, check if we
just processed an anchor tag and prepend the current token with the link
number.
 2022-04-17 16:04:41 +02:00
Rene Kita
561f27f833 Explicitly cast to unsigned when passing to MD5() 2022-02-20 11:14:54 +01:00
Rene Kita
ab22479fb3 Fix warning for unused variable w/o MENU_SELECT 2022-02-20 11:14:53 +01:00
Rene Kita
4901408ea5 Fix warning for unused variable without USE_M17N 2022-02-20 11:14:53 +01:00
Rene Kita
916104b7f2 Remove unused variable 2022-02-20 11:14:53 +01:00
Rene Kita
4d34f77a4b Ignore tokens that look like HTML, but are not 
This patch fixes issue 200 'heap-buffer-overflow in
shiftAnchorPosition'.

Any input that looks like a tag, but isn't, should just be ignored. HTML
is parsed in a two staged process. Stage 1 inserts internal tags (like
<a hseq=...>). Stage 2 assumes these internal tags are valid input
inserted in the previous stage. If we don't throw away non-valid HTML
tags in stage 1 any website can inject tags that are interpreted as
internal ones. This leads to an out-of-bound read in this test case.

The 'hseq=-90' from the input ends as the value (89 actually) of
'a->hseq' in 'anchor.c:555'. Then 'hl->marks[a->hseq]' is out of bounds
as there are only 30 entries in this list.

This is the test input:
<table>0<br <>0<xmp>È«<div><inteRnal><input_alt fid=0><dl>0<dl>0<button value='">0000000000000000000000000000000000000000ÿ000'><A hseq=-90 href=>0<hR align=middle>
 2022-02-12 12:37:06 +01:00
bptato
fa02254a6a Fix description title rendering (again) 2021-10-19 20:37:07 +02:00
bptato
3e5aa3790b Revert changes introducing #198 stack-overflow in HTMLlineproc0 2021-10-19 19:55:58 +02:00
Tatsuya Kinoshita
c3784c9d26 New option disable_center to disable center alignment 
Bug-Debian: https://github.com/tats/w3m/issues/175
Bug-Debian: https://github.com/tats/w3m/issues/185
 2021-07-03 15:00:18 +09:00
Tatsuya Kinoshita
56ce2a2cc8 Prevent integer overflow due to fontstat 2021-04-24 23:39:52 +09:00
bptato
694a10271d Return Str from base64_encode, fix extraction of first gif frame for animations in put_image_kitty 2021-04-04 17:57:13 +02:00
Tatsuya Kinoshita
58b26000a2 Limit size and number of tables to prevent integer overflow 2021-04-03 19:40:24 +09:00
bptato
116e10749c Nested <dl>s 2021-02-13 18:02:26 +01:00
bptato
77ecf9b46b Fix <dl compact> 2021-02-13 17:26:30 +01:00
bptato
b2081866fd Improve description list rendering 2021-02-13 16:51:48 +01:00
bptato
a3bd98c888 Support brotli content encoding 2021-02-10 20:23:56 +01:00
bptato
d277e80771 Some cleanup for base64_encode 2021-02-02 23:59:42 +01:00
bptato
e4570e8b6e Support iTerm2 graphics protocol, replace encodeB with base64_encode 2021-02-02 22:14:46 +01:00
Tatsuya Kinoshita
794351356e Disable <section> behaves as <hr> 
Because displaying horizontal rules are redundantly and unneeded,
especially when sections are nested.
 2021-01-18 22:17:31 +09:00
Ambrose Li
ec722e7a53 q_level was never initialized, causing random test failures. This should fix that 2020-12-17 21:51:42 -05:00
bptato
aea44d3194 Fix Gopher binaries causing w3m to be stuck in download mode; try to guess Gopher image type and fallback to png 2020-12-02 23:20:08 +01:00
bptato
7dcc7ccff1 Add support for Gopher items 5 and I 2020-12-02 22:54:49 +01:00
Tatsuya Kinoshita
249f2fa3ff Fix compilation errors when USE_GOPHER and not USE_M17N 2020-11-11 19:30:35 +09:00
bptato
469c4084aa Remove unnecessary file_unquote call 2020-11-07 23:23:33 +01:00
bptato
171db89cc2 Support Gopher items search (7) and binary file (9) 2020-11-07 23:12:35 +01:00
bptato
26876fc89b Moved back filetype indicator to the beginning of file names 2020-10-21 16:31:05 +02:00
bptato
16e0b6aa63 Improved gopher directory display 2020-10-21 13:30:01 +02:00
bptato
4bc97ce307 Improved gopher support 2020-10-21 12:56:36 +02:00
Tatsuya Kinoshita
f8b3efef9c Merge pull request #147 from acli/20200825_section 
Rudimentary support for the section tag
 2020-08-30 09:59:02 +09:00
Tatsuya Kinoshita
6339dd9f13 Merge pull request #146 from acli/20200821_a_CLEANED 
Patch to make w3m’s handling of the a element HTML5 compatible (when the stream is HTML5)
 2020-08-30 09:57:45 +09:00
Ambrose Li
b9488ffe60 Somehow the wrong quotes were used. This should fix the failing tests. 2020-08-29 15:23:36 -04:00
Ambrose Li
4d8ba3fe21 wip from about a week ago. Need to stash these away for now to check the q branch 2020-08-29 04:26:12 -04:00
Ambrose Li
48c9ec565d In HTML5 anchors should not be closed when encountering divs, for example, but should be closed when encountering buttons, for example. Many sites that use HTML5-style anchors end up having links displayed with zero-length link texts. The proposed patch correct this behaviour by detecting whether the document is HTML5, then suppressing the close-anchor action in CLOSE_A if it's an HTML5 document. A new macro handles the HTML5-specific cases where anchors are not already always closed. 
This also fixes a bug in the tokenizing FSM in etc.c that prevented the !doctype element from being recognized; the fix is necessary because HTML5 detection depends on checking the !doctype element.
 2020-08-24 23:48:09 -04:00
Ambrose Li
9f18e67a9b Cleaned version of 20200823_q branch. Changes the behaviour of the q tag (when m17n and Unicode are configured) to use "smart" quotes if the display charset can handle them. Falls back to old behaviour (ASCII quotes with left/right quote semantics for 6/0 and 2/6) if display charset is us-ascii. 
Also changes the behaviour of conv_entity() to convert left/right quotes and some dashes because named entities are needed for the new code for the q tag.
 2020-08-23 22:20:43 -04:00