storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,345 Commits 2 Branches 0 Tags
97595792837e5c10843ab1e547403fce86f67a5a
Commit Graph

105 Commits

Author SHA1 Message Date
NRK
faeebc076c fix all -Wmissing-prototypes warnings 2022-04-29 15:59:13 +06:00
NRK
d9284b1193 fix some -Wstrict-prototypes warnings 2022-04-29 15:59:13 +06:00
Tatsuya Kinoshita
fa57b07002 Merge pull request #229 from rkta/null 
Fix all warnings when building with -Wnull-dereference
 2022-04-19 19:59:19 +09:00
Rene Kita
80642d1fe7 Fix potential null dereference 2022-04-19 10:08:54 +02:00
Rene Kita
9eaf044c02 Check return value of Str... functions 
All these functions, StrmyUFgets, StrISgets, etc. can potentially return
NULL. Add a check for it.
 2022-04-19 10:08:54 +02:00
Rene Kita
1365cc1ecc Check for NULL before dereferencing a pointer 
l is part of the exit condition of the while loop. If we exit the loop
because l is NULL, we cannot dereference it.
 2022-04-19 10:08:54 +02:00
Rene Kita
6432709b80 Check for NULL before dereferencing a pointer 
get_auth_param() returns NULL in case of error.
 2022-04-19 10:08:54 +02:00
Rene Kita
9a2b86088c Fix broken anchor with link number at EOL 
If, while adding the link number, we detect that we need to flush the
line, the anchor will be broken. When returning to the last breakpoint
only the link number will be removed, the internal anchor reference '<a
hseq=... >' remains on the flushed line.

Instead of adding the link number in a separate operation, check if we
just processed an anchor tag and prepend the current token with the link
number.
 2022-04-17 16:04:41 +02:00
Rene Kita
561f27f833 Explicitly cast to unsigned when passing to MD5() 2022-02-20 11:14:54 +01:00
Rene Kita
ab22479fb3 Fix warning for unused variable w/o MENU_SELECT 2022-02-20 11:14:53 +01:00
Rene Kita
4901408ea5 Fix warning for unused variable without USE_M17N 2022-02-20 11:14:53 +01:00
Rene Kita
916104b7f2 Remove unused variable 2022-02-20 11:14:53 +01:00
Rene Kita
4d34f77a4b Ignore tokens that look like HTML, but are not 
This patch fixes issue 200 'heap-buffer-overflow in
shiftAnchorPosition'.

Any input that looks like a tag, but isn't, should just be ignored. HTML
is parsed in a two staged process. Stage 1 inserts internal tags (like
<a hseq=...>). Stage 2 assumes these internal tags are valid input
inserted in the previous stage. If we don't throw away non-valid HTML
tags in stage 1 any website can inject tags that are interpreted as
internal ones. This leads to an out-of-bound read in this test case.

The 'hseq=-90' from the input ends as the value (89 actually) of
'a->hseq' in 'anchor.c:555'. Then 'hl->marks[a->hseq]' is out of bounds
as there are only 30 entries in this list.

This is the test input:
<table>0<br <>0<xmp>È«<div><inteRnal><input_alt fid=0><dl>0<dl>0<button value='">0000000000000000000000000000000000000000ÿ000'><A hseq=-90 href=>0<hR align=middle>
 2022-02-12 12:37:06 +01:00
bptato
fa02254a6a Fix description title rendering (again) 2021-10-19 20:37:07 +02:00
bptato
3e5aa3790b Revert changes introducing #198 stack-overflow in HTMLlineproc0 2021-10-19 19:55:58 +02:00
Tatsuya Kinoshita
c3784c9d26 New option disable_center to disable center alignment 
Bug-Debian: https://github.com/tats/w3m/issues/175
Bug-Debian: https://github.com/tats/w3m/issues/185
 2021-07-03 15:00:18 +09:00
Tatsuya Kinoshita
56ce2a2cc8 Prevent integer overflow due to fontstat 2021-04-24 23:39:52 +09:00
bptato
694a10271d Return Str from base64_encode, fix extraction of first gif frame for animations in put_image_kitty 2021-04-04 17:57:13 +02:00
Tatsuya Kinoshita
58b26000a2 Limit size and number of tables to prevent integer overflow 2021-04-03 19:40:24 +09:00
bptato
116e10749c Nested <dl>s 2021-02-13 18:02:26 +01:00
bptato
77ecf9b46b Fix <dl compact> 2021-02-13 17:26:30 +01:00
bptato
b2081866fd Improve description list rendering 2021-02-13 16:51:48 +01:00
bptato
a3bd98c888 Support brotli content encoding 2021-02-10 20:23:56 +01:00
bptato
d277e80771 Some cleanup for base64_encode 2021-02-02 23:59:42 +01:00
bptato
e4570e8b6e Support iTerm2 graphics protocol, replace encodeB with base64_encode 2021-02-02 22:14:46 +01:00
Tatsuya Kinoshita
794351356e Disable <section> behaves as <hr> 
Because displaying horizontal rules are redundantly and unneeded,
especially when sections are nested.
 2021-01-18 22:17:31 +09:00
Ambrose Li
ec722e7a53 q_level was never initialized, causing random test failures. This should fix that 2020-12-17 21:51:42 -05:00
bptato
aea44d3194 Fix Gopher binaries causing w3m to be stuck in download mode; try to guess Gopher image type and fallback to png 2020-12-02 23:20:08 +01:00
bptato
7dcc7ccff1 Add support for Gopher items 5 and I 2020-12-02 22:54:49 +01:00
Tatsuya Kinoshita
249f2fa3ff Fix compilation errors when USE_GOPHER and not USE_M17N 2020-11-11 19:30:35 +09:00
bptato
469c4084aa Remove unnecessary file_unquote call 2020-11-07 23:23:33 +01:00
bptato
171db89cc2 Support Gopher items search (7) and binary file (9) 2020-11-07 23:12:35 +01:00
bptato
26876fc89b Moved back filetype indicator to the beginning of file names 2020-10-21 16:31:05 +02:00
bptato
16e0b6aa63 Improved gopher directory display 2020-10-21 13:30:01 +02:00
bptato
4bc97ce307 Improved gopher support 2020-10-21 12:56:36 +02:00
Tatsuya Kinoshita
f8b3efef9c Merge pull request #147 from acli/20200825_section 
Rudimentary support for the section tag
 2020-08-30 09:59:02 +09:00
Tatsuya Kinoshita
6339dd9f13 Merge pull request #146 from acli/20200821_a_CLEANED 
Patch to make w3m’s handling of the a element HTML5 compatible (when the stream is HTML5)
 2020-08-30 09:57:45 +09:00
Ambrose Li
b9488ffe60 Somehow the wrong quotes were used. This should fix the failing tests. 2020-08-29 15:23:36 -04:00
Ambrose Li
4d8ba3fe21 wip from about a week ago. Need to stash these away for now to check the q branch 2020-08-29 04:26:12 -04:00
Ambrose Li
48c9ec565d In HTML5 anchors should not be closed when encountering divs, for example, but should be closed when encountering buttons, for example. Many sites that use HTML5-style anchors end up having links displayed with zero-length link texts. The proposed patch correct this behaviour by detecting whether the document is HTML5, then suppressing the close-anchor action in CLOSE_A if it's an HTML5 document. A new macro handles the HTML5-specific cases where anchors are not already always closed. 
This also fixes a bug in the tokenizing FSM in etc.c that prevented the !doctype element from being recognized; the fix is necessary because HTML5 detection depends on checking the !doctype element.
 2020-08-24 23:48:09 -04:00
Ambrose Li
9f18e67a9b Cleaned version of 20200823_q branch. Changes the behaviour of the q tag (when m17n and Unicode are configured) to use "smart" quotes if the display charset can handle them. Falls back to old behaviour (ASCII quotes with left/right quote semantics for 6/0 and 2/6) if display charset is us-ascii. 
Also changes the behaviour of conv_entity() to convert left/right quotes and some dashes because named entities are needed for the new code for the q tag.
 2020-08-23 22:20:43 -04:00
Ambrose Li
73949a3e12 Rudimentary support for figure, figcaption 2020-08-21 04:26:26 -04:00
Jia Zhouyang
996287e2fd Add error handling code for fopen 
Check the return value of fopen, and add proper error handling code.
 2018-03-04 20:50:49 +08:00
Kyle J. McKay
d398b40332 file.c: compute correct base URL when not absolute 
When a server makes use of the PATH_INFO feature in a CGI,
the returned pages may often have a <base href="..." /> tag
specifying the URL of the CGI itself as the base.

However, to avoid hard-coding the scheme and host into such
a base href, the href value will often omit the scheme, host
and port.

Make sure that when parsing any such base href value that
any omitted components are taken from the current URL rather
than taken as being from a bare, absolute file:/// URL.

Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
 2017-08-23 11:48:38 -07:00
Tatsuya Kinoshita
aa2077e06f Prevent heap-use-after-free read in HTMLlineproc0() 
Bug-Debian: https://github.com/tats/w3m/issues/81
 2016-12-18 01:20:14 +09:00
Tatsuya Kinoshita
7a2675b4a5 Prevent infinite loop in feed_textarea() 
Bug-Debian: https://github.com/tats/w3m/issues/85
 2016-12-18 00:44:36 +09:00
Tatsuya Kinoshita
6eea841d3a Prevent overflow beyond the end of string in caller of get_mclen() 
Bug-Debian: https://github.com/tats/w3m/issues/59
Bug-Debian: https://github.com/tats/w3m/issues/73
Bug-Debian: https://github.com/tats/w3m/issues/74
Bug-Debian: https://github.com/tats/w3m/issues/76
Bug-Debian: https://github.com/tats/w3m/issues/79
Bug-Debian: https://github.com/tats/w3m/issues/80
Bug-Debian: https://github.com/tats/w3m/issues/83
Bug-Debian: https://github.com/tats/w3m/issues/84
 2016-12-16 00:44:44 +09:00
Tatsuya Kinoshita
107810c145 Revert "Prevent overflow beyond the end of string in proc_mchar()" 
This reverts commit 512ed467d1.
 2016-12-15 22:55:23 +09:00
Tatsuya Kinoshita
2aa21dc328 Revert "Prevent overflow beyond the end of string in proc_mchar()" 
This reverts commit e79d0ec2a0.
 2016-12-15 22:42:12 +09:00
Tatsuya Kinoshita
e79d0ec2a0 Prevent overflow beyond the end of string in proc_mchar() 
Bug-Debian: https://github.com/tats/w3m/issues/80
cf. https://github.com/tats/w3m/issues/59
 2016-12-13 23:04:18 +09:00