Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package weechat for openSUSE:Factory checked in at 2025-05-13 20:05:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/weechat (Old) and /work/SRC/openSUSE:Factory/.weechat.new.30101 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "weechat" Tue May 13 20:05:58 2025 rev:83 rq:1276949 version:4.6.3 Changes: -------- --- /work/SRC/openSUSE:Factory/weechat/weechat.changes 2025-04-27 22:54:52.933608623 +0200 +++ /work/SRC/openSUSE:Factory/.weechat.new.30101/weechat.changes 2025-05-13 20:05:59.848161833 +0200 @@ -1,0 +2,14 @@ +Mon May 12 18:32:07 UTC 2025 - Hunter Wardlaw <[email protected]> + +- Update to 4.6.3: + * core: fix integer overflow with decimal numbers in calculation of + expression + * core: fix integer overflow in base32 encoding/decoding + * core: fix integer overflow in function util_version_number + * core: fix buffer overflow in function util_parse_time + * core: fix buffer overflow in function eval_syntax_highlight_colorize + * core: fix buffer overflow in function eval_string_base_encode + * core: fix buffer overflow in function eval_string_range_chars + * core: fix memory leak in function util_parse_delay + +------------------------------------------------------------------- Old: ---- weechat-4.6.2.tar.xz weechat-4.6.2.tar.xz.asc New: ---- weechat-4.6.3.tar.xz weechat-4.6.3.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ weechat.spec ++++++ --- /var/tmp/diff_new_pack.gTWOsp/_old 2025-05-13 20:06:00.664196164 +0200 +++ /var/tmp/diff_new_pack.gTWOsp/_new 2025-05-13 20:06:00.664196164 +0200 @@ -17,7 +17,7 @@ Name: weechat -Version: 4.6.2 +Version: 4.6.3 Release: 0 Summary: Multi-protocol extensible Chat Client License: GPL-3.0-or-later ++++++ weechat-4.6.2.tar.xz -> weechat-4.6.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/CHANGELOG.md new/weechat-4.6.3/CHANGELOG.md --- old/weechat-4.6.2/CHANGELOG.md 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/CHANGELOG.md 2025-05-11 11:22:11.000000000 +0200 @@ -1,5 +1,18 @@ # WeeChat ChangeLog +## Version 4.6.3 (2025-05-11) + +### Fixed + +- core: fix integer overflow with decimal numbers in calculation of expression +- core: fix integer overflow in base32 encoding/decoding +- core: fix integer overflow in function util_version_number +- core: fix buffer overflow in function util_parse_time +- core: fix buffer overflow in function eval_syntax_highlight_colorize +- core: fix buffer overflow in function eval_string_base_encode +- core: fix buffer overflow in function eval_string_range_chars +- core: fix memory leak in function util_parse_delay + ## Version 4.6.2 (2025-04-18) ### Fixed diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/UPGRADING.md new/weechat-4.6.3/UPGRADING.md --- old/weechat-4.6.2/UPGRADING.md 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/UPGRADING.md 2025-05-11 11:22:11.000000000 +0200 @@ -7,6 +7,14 @@ For a list of all changes in each version, please see [CHANGELOG.md](CHANGELOG.md). +## Version 4.6.3 + +### API function util_version_number + +An integer overflow has been fixed in the function +[util_version_number](https://weechat.org/doc/weechat/plugin/#_util_version_number) +which now returns a version up to "127.255.255.255" (0x7FFFFFFF). + ## Version 4.6.0 ### Relay remote commands diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/src/core/core-calc.c new/weechat-4.6.3/src/core/core-calc.c --- old/weechat-4.6.2/src/core/core-calc.c 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/src/core/core-calc.c 2025-05-11 11:22:11.000000000 +0200 @@ -336,9 +336,9 @@ struct t_arraylist *list_values, *list_ops; const char *ptr_expr, *ptr_expr2; char str_result[64], *ptr_operator, *operator; - int index_op, decimals; + int index_op; enum t_calc_symbol last_symbol; - double value, factor, *ptr_value; + double value, factor, decimals, *ptr_value; list_values = NULL; list_ops = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/src/core/core-eval.c new/weechat-4.6.3/src/core/core-eval.c --- old/weechat-4.6.2/src/core/core-eval.c 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/src/core/core-eval.c 2025-05-11 11:22:11.000000000 +0200 @@ -300,6 +300,9 @@ string = NULL; result = NULL; + if (!range || !range[0]) + goto end; + for (i = 0; eval_range_chars[i][0]; i++) { if (strcmp (range, eval_range_chars[i][0]) == 0) @@ -309,11 +312,15 @@ char1 = utf8_char_int (range); /* next char must be '-' */ + if (!range[0]) + goto end; ptr_char = utf8_next_char (range); if (!ptr_char || !ptr_char[0] || (ptr_char[0] != '-')) goto end; /* next char is the char2 */ + if (!range[0]) + goto end; ptr_char = utf8_next_char (ptr_char); if (!ptr_char || !ptr_char[0]) goto end; @@ -894,7 +901,7 @@ ptr_string++; length = strlen (ptr_string); - result = malloc ((length * 4) + 1); + result = malloc ((length * 4) + 8 + 1); if (!result) goto end; @@ -1572,7 +1579,8 @@ else if (ptr_value[0] == '-') color--; } - ptr_value++; + if (ptr_value[0]) + ptr_value++; if (config_num_eval_syntax_colors > 0) { string_dyn_concat ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/src/core/core-string.c new/weechat-4.6.3/src/core/core-string.c --- old/weechat-4.6.2/src/core/core-string.c 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/src/core/core-string.c 2025-05-11 11:22:11.000000000 +0200 @@ -3570,7 +3570,8 @@ string_base32_encode (const char *from, int length, char *to) { unsigned char base32_table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"; - int count, value, next, bits_left, pad, index; + unsigned int value; + int count, next, bits_left, pad, index; int length_padding[8] = { 0, 0, 6, 0, 4, 3, 0, 2 }; if (!from || !to) @@ -3648,7 +3649,8 @@ string_base32_decode (const char *from, char *to) { const char *ptr_from; - int value, bits_left, count; + int bits_left, count; + unsigned int value; unsigned char c; if (!from || !to) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/src/core/core-util.c new/weechat-4.6.3/src/core/core-util.c --- old/weechat-4.6.2/src/core/core-util.c 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/src/core/core-util.c 2025-05-11 11:22:11.000000000 +0200 @@ -285,7 +285,8 @@ int util_parse_time (const char *datetime, struct timeval *tv) { - char *string, *pos, *pos2, str_usec[16], *error, str_date[128]; + char *string, *pos, *pos2, str_usec[16], *error; + char str_date[128], str_date2[256]; struct tm tm_date, tm_date_gm, tm_date_local, *local_time; time_t time_now, time_gm, time_local; long long value; @@ -445,10 +446,10 @@ local_time = localtime (&time_now); strftime (str_date, sizeof (str_date), "%Y-%m-%dT", local_time); - strcat (str_date, string); + snprintf (str_date2, sizeof (str_date2), "%s%s", str_date, string); /* initialize structure, because strptime does not do it */ memset (&tm_date, 0, sizeof (struct tm)); - pos = strptime (str_date, "%Y-%m-%dT%H:%M:%S", &tm_date); + pos = strptime (str_date2, "%Y-%m-%dT%H:%M:%S", &tm_date); if (pos) { if (use_local_time) @@ -571,7 +572,6 @@ if ((pos > string_delay) && pos[0]) { - str_number = string_strndup (string_delay, pos - string_delay); if (strcmp (pos, "us") == 0) factor = 1ULL; else if (strcmp (pos, "ms") == 0) @@ -584,6 +584,7 @@ factor = 1000ULL * 1000ULL * 60ULL * 60ULL; else return 0; + str_number = string_strndup (string_delay, pos - string_delay); } else { @@ -670,7 +671,9 @@ { if (number < 0) number = 0; - else if (number > 0xFF) + else if ((i == 0) && (number > 0x7F)) + number = 0x7F; + else if ((i > 0) && (number > 0xFF)) number = 0xFF; version_int[i] = number; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/tests/unit/core/test-core-util.cpp new/weechat-4.6.3/tests/unit/core/test-core-util.cpp --- old/weechat-4.6.2/tests/unit/core/test-core-util.cpp 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/tests/unit/core/test-core-util.cpp 2025-05-11 11:22:11.000000000 +0200 @@ -537,4 +537,9 @@ LONGS_EQUAL(0x01010100, util_version_number ("1.1.1")); LONGS_EQUAL(0x01010200, util_version_number ("1.1.2")); LONGS_EQUAL(0x01020304, util_version_number ("1.2.3.4")); + LONGS_EQUAL(0x7EFFFFFF, util_version_number ("126.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("127.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("128.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("255.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("999999999.999999999.999999999.999999999"));; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.6.2/version.sh new/weechat-4.6.3/version.sh --- old/weechat-4.6.2/version.sh 2025-04-18 20:39:02.000000000 +0200 +++ new/weechat-4.6.3/version.sh 2025-05-11 11:22:11.000000000 +0200 @@ -39,8 +39,8 @@ # devel-number the devel version as hex number ("0x04010000" for "4.1.0-dev") # -weechat_stable="4.6.2" -weechat_devel="4.6.2" +weechat_stable="4.6.3" +weechat_devel="4.6.3" stable_major=$(echo "${weechat_stable}" | cut -d"." -f1) stable_minor=$(echo "${weechat_stable}" | cut -d"." -f2)
