aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Prevent global-buffer-overflow in parseURL()Tatsuya Kinoshita2016-11-191-1/+4
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/41 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=ba9d78faeba9024c3e8840579c3b0e959ae2cb0f
* Prevent deref null pointer in HTMLlineproc0()Tatsuya Kinoshita2016-11-191-5/+5
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/42 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=ecfdcbe1131591502c5e7f9ff4f34b24c5a2db97
* Prevent deref null pointer in shiftAnchorPosition()Tatsuya Kinoshita2016-11-191-1/+1
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/40 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=a088e0263c48ba406a7ae0932a1ae64a25be7acd
* Prevent null pointer deref due to bad form idTatsuya Kinoshita2016-11-191-1/+4
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/39 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=9db438094e5f0d84842bcbd248f282594ccb3c89
* Prevent array index out of bounds for symbolTatsuya Kinoshita2016-11-194-7/+8
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/38 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=0c3f5d0e0d9269ad47b8f4b061d7818993913189
* Check indent_level to prevent infinite recursionTatsuya Kinoshita2016-11-191-0/+2
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/37 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=e458def067859615ce4bc7170733d368f49d63c2
* Prevent infinite recursion in HTMLlineproc0Tatsuya Kinoshita2016-11-191-8/+8
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/36 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=ff8510ab954ac5db478964351f6a78891c34f1d8
* Prevent dereference near-null pointer in formUpdateBufferTatsuya Kinoshita2016-11-191-1/+2
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/35 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=e2c7ecec6f9b730ad3c9bf8c8df9212970f183d7
* Prevent crash after allocate string of negative sizeTatsuya Kinoshita2016-11-191-0/+6
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/33 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=af592aa5f154f1b0366513ddc2f545032a7b8721
* Prevent null pointer dereference in HTMLlineproc2bodyTatsuya Kinoshita2016-11-191-2/+2
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/32 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=c6c39973e7d336854e9a2d43119d1220b36e2035 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=a59a35211c63f12951b6266646081b08488b10ea
* Prevent deref null pointer in renderCoTable()Tatsuya Kinoshita2016-11-191-0/+2
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/20#issuecomment-260649537 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=ec99f186380d26ebf791569fdbc56dae60632365
* Prevent infinite recursion with nested table and textareaTatsuya Kinoshita2016-11-193-0/+15
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/20 [CVE-2016-9439] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=2a4a2fb9f116b50e7c80d573db06c0fdc6c69272
* Prevent global-buffer-overflow write in formUpdateBufferTatsuya Kinoshita2016-11-191-1/+3
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/29 [CVE-2016-9429] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=d01de738f599441740437c6600dd5b1ae7155d27
* Fix null pointer dereference in formUpdateBufferTatsuya Kinoshita2016-11-191-0/+4
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/28 [CVE-2016-9443] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=ec9eb22e008a69ea9dc21fdca4b9b836679965ee Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=22d29c3d11bdfec80164789a99c36cc674340914
* Fix potential heap buffer corruption due to StrgrowKuang-che Wu2016-11-191-2/+2
| | | | | | | | | If Str.length = 5 and area_size = 6, the result of Strgrow is still area_size = 6. For such case, Strcat_char and Strinsert_char will overflow one byte. Bug-Debian: https://github.com/tats/w3m/pull/27 [CVE-2016-9442] Origin: https://github.com/tats/w3m/pull/27/commits/c95a43dc92695464be11c8a51811aaa9761546e6
* Prevent segfault due to buffer overflows in addMultirowsFormTatsuya Kinoshita2016-11-191-0/+2
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/21 [CVE-2016-9425] Bug-Debian: https://github.com/tats/w3m/issues/26 [CVE-2016-9428] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=4e464819dd360ffd3d58fa2a89216fe413cfcc74
* Prevent segfault with malformed table_altTatsuya Kinoshita2016-11-191-1/+1
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/24 [CVE-2016-9441] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=a6257663824c63abb3c62c4dd62455fe6f63d958
* Prevent segfault for formUpdateBufferTatsuya Kinoshita2016-11-191-0/+2
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/22 [CVE-2016-9440] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=4a8d16fc8d08206dd7142435054ee38ff41805b7
* Truncate max_width for renderTableTatsuya Kinoshita2016-11-191-0/+4
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/25 [CVE-2016-9426] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=b910f0966d9efea93ea8cef491000a83ffb49c5e
* Fix uninitialised values for <i> and <dd>Tatsuya Kinoshita2016-11-192-0/+7
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/16 [CVE-2016-9435] [CVE-2016-9436] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=33509cc81ec5f2ba44eb6fd98bd5c1b5873e46bd
* Fix table rowspan and colspanKuang-che Wu2016-11-191-0/+4
| | | | | Origin: https://github.com/tats/w3m/pull/19 Bug-Debian: https://github.com/tats/w3m/issues/8 [CVE-2016-9422]
* Prevent segfault with malformed input_altTatsuya Kinoshita2016-11-191-3/+3
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/18 [CVE-2016-9438] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=010b68580dc50ce183df11cc79721936ab5c4f25
* Prevent segfault with incorrect button typeTatsuya Kinoshita2016-11-191-0/+11
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/17 [CVE-2016-9437] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=67be73b03a5ad581e331ec97cb275cd8a52719ed
* Prevent segfault with incorrect form_int fidTatsuya Kinoshita2016-11-191-2/+3
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/15 [CVE-2016-9434] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=3d4eeda9ec0cb91e23bab7dc260d4c515119eb4b
* Prevent segfault when iso2022 parsingTatsuya Kinoshita2016-11-191-7/+14
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/14 [CVE-2016-9433] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=9cf6926c5d947371dc9e44f32bc7a2fbfca5d469
* Prevent segfault for formUpdateBufferTatsuya Kinoshita2016-11-191-2/+2
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/13 [CVE-2016-9432] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=807e8b7fbffca6dcaf5db40e35f05d05c5cf02d3 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=7b88478227978a8d673b4dd0e05eee410cc33330
* Prevent negative array index for selectnumber and textareanumberTatsuya Kinoshita2016-11-192-6/+10
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/12 [CVE-2016-9424] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=a25fd09f74fb83499396935a96d63bb7cb8e2c58
* Prevent segfault for formUpdateBufferTatsuya Kinoshita2016-11-191-0/+2
| | | | | | Bug-Debian: https://github.com/tats/w3m/issues/9 [CVE-2016-9423] Bug-Debian: https://github.com/tats/w3m/issues/10 [CVE-2016-9431] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=9f0bdcfdf061db3520bd1f112bdc5e83acdec4be
* Prevent segfault with malformed input typeTatsuya Kinoshita2016-11-191-4/+6
| | | | | Bug-Debian: https://github.com/tats/w3m/issues/7 [CVE-2016-9430] Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=59b91cd8e30c86f23476fa81ae005cabff49ebb6
* Fix segfault on bogus text for wc_N_to_johab1Tatsuya Kinoshita2016-11-191-3/+3
| | | | | Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820373 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=5a159af05d8556a3f9f8f1a42d8fc153ffbc9694
* Fix segfault on bogus textTatsuya Kinoshita2016-11-1912-12/+99
| | | | | | | Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820162 Origin: https://anonscm.debian.org/cgit/collab-maint/w3m.git/commit/?id=7bb2a4671503c41d63989dcef9ef54dea0c73b43 Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1324348 cf. https://lists.fedoraproject.org/pipermail/package-announce/2016-April/182697.html
* Merge branch 'bug/changelog'v0.5.3+debian-19Tatsuya Kinoshita2014-10-211-0/+11
|\
| * Update ChangeLogTatsuya Kinoshita2014-10-211-0/+11
|/
* Merge branch 'feature/debian-version'Tatsuya Kinoshita2014-10-211-1/+1
|\
| * Update to 0.5.3+debian-19Tatsuya Kinoshita2014-10-211-1/+1
| |
* | Merge branch 'feature/lang-de'Tatsuya Kinoshita2014-10-212-1/+904
|\ \
| * | Correct LINGUAS to a whitespace separated listTatsuya Kinoshita2014-10-211-2/+1
| | |
| * | Add German translationMarkus Hiereth2014-10-212-0/+904
| | | | | | | | | | | | Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763964
* | | Merge branch 'bug/changelog'Tatsuya Kinoshita2014-10-151-0/+25
|\ \ \
| * | | Update ChangeLogTatsuya Kinoshita2014-10-151-0/+25
|/ / /
* | | Merge branch 'feature/debian-version'Tatsuya Kinoshita2014-10-151-1/+1
|\ \ \ | | |/ | |/|
| * | Update to 0.5.3+debian-18Tatsuya Kinoshita2014-10-151-1/+1
| | |
* | | Merge branch 'bug/ssl-init'Tatsuya Kinoshita2014-10-151-2/+2
|\ \ \
| * | | Update README.SSL to follow default valuesTatsuya Kinoshita2014-10-151-2/+2
| | | |
* | | | Merge branch 'bug/autotools-config'Tatsuya Kinoshita2014-10-151-2/+7
|\ \ \ \
| * | | | Update config.sub with autotools-dev 20140911.1Tatsuya Kinoshita2014-10-151-2/+7
| | | | |
* | | | | Merge branch 'bug/ssl-init'Tatsuya Kinoshita2014-10-151-2/+2
|\ \ \ \ \ | | |/ / / | |/| | |
| * | | | Disable SSLv3 by default [CVE-2014-3566]Tatsuya Kinoshita2014-10-151-1/+1
| | | | | | | | | | | | | | | | | | | | cf. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
| * | | | Force ssl_verify_server on and disable SSLv2 supportLudwig Nussel2014-10-151-2/+2
| | |_|/ | |/| | | | | | | | | | Origin: http://www.openwall.com/lists/oss-security/2010/06/14/4
* | | | Merge branch 'feature/debian-version'Tatsuya Kinoshita2014-10-131-1/+1
|\ \ \ \ | | |_|/ | |/| |