Commits · 177cbff6af7b9845d592fb0497464d70ee423418 · derf / feh

Sep 01, 2017
- fixed inotify for thumbnail mode · 177cbff6
  Sven Willner authored 7 years ago
  
  177cbff6
Aug 24, 2017
- added inotify support · 2a981df1
  Sven Willner authored 7 years ago
  
  2a981df1
Aug 23, 2017
- Add terminal-input support for space and return · 3b53d965
  Birte Kristina Friesel authored 7 years ago
  
  3b53d965
- Put terminal into (mostly) raw mode when reading commands from stdin · 84c27062
  Birte Kristina Friesel authored 7 years ago
  
  Also, restore the previous terminal mode on exit
  84c27062
Aug 22, 2017
- Add experimental support for (remote) control via stdin · aaa67e2d
  Birte Kristina Friesel authored 7 years ago
  
  aaa67e2d
Aug 21, 2017
- Release v2.19.3 · fd524633
  Birte Kristina Friesel authored 7 years ago
  
  View commits for tag 2.19.3 2.19.3
  
  fd524633
Aug 19, 2017
- Make feh abort immediately if an index image could not be created (#306) · be4c0b01
  Birte Kristina Friesel authored 7 years ago
  
  be4c0b01
- Save --geometry flags in .fehbg if specified (closes #313) · 9ffb418a
  Birte Kristina Friesel authored 7 years ago
  
  9ffb418a
Aug 12, 2017
- Release v2.19.2 · 19655b45
  Birte Kristina Friesel authored 7 years ago
  
  View commits for tag 2.19.2 2.19.2
  
  19655b45
Aug 10, 2017
- Fix segfault in feh_event_handle_keypress for certain key inputs · b7cf37bc
  Birte Kristina Friesel authored 7 years ago
  
  Turns out that it is undefined behaviour to pass a value to isctype functions which does not fit inside a char. Closes #312
  b7cf37bc
Aug 05, 2017
- Show ImageMagick output on the terminal unless --quiet is specified · 0c5ed692
  Birte Kristina Friesel authored 7 years ago
  
  (cf #309)
  0c5ed692
Jul 25, 2017
- Release v2.19.1 · 42ef8d98
  Birte Kristina Friesel authored 7 years ago
  
  View commits for tag 2.19.1 2.19.1
  
  42ef8d98
Jun 21, 2017
- changelog · 40649b76
  Birte Kristina Friesel authored 7 years ago
  
  40649b76
Jun 20, 2017
- Make key names in KEYS section more consistent with X11 keysyms (#304) · 964171b8
  Birte Kristina Friesel authored 7 years ago
  
  964171b8
Jun 19, 2017
- Fix Shift modifier not being recognized for tab, space and similar keys · 428c7eed
  Birte Kristina Friesel authored 7 years ago
  
  Closes #303
  428c7eed
Jun 18, 2017
- Use X11-style key names in the feh(1) KEYS section · 5888d94b
  Birte Kristina Friesel authored 7 years ago
  
  closes #302
  5888d94b
Jun 06, 2017
- release v2.19 · 117d64d6
  Birte Kristina Friesel authored 7 years ago
  
  View commits for tag 2.19 2.19
  
  117d64d6
- install feh icons with the correct permissions (644) (closes #301) · 3c6c943c
  Birte Kristina Friesel authored 7 years ago
  
  3c6c943c
Jun 01, 2017
- feh(1): files are saved in the current working directory (closes #300) · 9b027e6c
  Birte Kristina Friesel authored 7 years ago
  
  9b027e6c
Apr 16, 2017
- feh(1): Note that --fullscreen and --scale-down do not affect thumbnail lists · 03d816e3
  Birte Kristina Friesel authored 7 years ago
  
  closes #270
  03d816e3
- Merge branch 'Ferada-xdg-thumbnails' · b79cb3cf
  Birte Kristina Friesel authored 7 years ago
  
  b79cb3cf
- Thumbnail generation: Handle HOME-less users (and some other edge cases) · a22f1452
  Birte Kristina Friesel authored 7 years ago
  
  a22f1452
Apr 06, 2017
- Fix indentation. · cc6d820e
  Olof-Joachim Frahm authored 7 years ago
  
  cc6d820e
Apr 05, 2017
- Use temporary file to create thumbnail. · 848c5f8a
  Olof-Joachim Frahm authored 7 years ago
  
  848c5f8a
- `sizeof(char)` is defined to be 1. · c42d5542
  Olof-Joachim Frahm authored 7 years ago
  
  c42d5542
- Use XDG_CACHE_HOME for thumbnails. · c41e7244
  Olof-Joachim Frahm authored 7 years ago
  
  c41e7244
Apr 04, 2017
- version bump · 1535aed1
  Birte Kristina Friesel authored 7 years ago
  
  View commits for tag 2.18.3 2.18.3
  
  1535aed1
Apr 03, 2017
- changelog · e507ef3e
  Birte Kristina Friesel authored 7 years ago
  
  e507ef3e
Apr 02, 2017

replace _emalloc with emalloc (is the same unless DMALLOC is used) · 03a64923
Birte Kristina Friesel authored 7 years ago

03a64923
Merge pull request #290 from stoeckmann/emalloc · 3b23637b
derf authored 7 years ago
```
Check malloc return value for NULL.
```
3b23637b
Merge pull request #289 from stoeckmann/memory-leak · d10e9221
derf authored 7 years ago
```
Fixed memory leak on file name collision.
```
d10e9221
Merge pull request #288 from stoeckmann/strncpy · b6bc4ef7
derf authored 7 years ago
```
Always terminate strncpy results with '\0'.
```
b6bc4ef7
Merge pull request #287 from stoeckmann/empty-file · 78a840ed
derf authored 7 years ago
```
Avoid out of boundary read on empty/broken file.
```
78a840ed

Check malloc return value for NULL. · b95c1ea6


If malloc cannot allocate enough memory, it could return NULL. This is
not necessarily true for default Linux settings, but can be provoked
there as well by adjusting proc entries. Other systems like the *BSD
ones definitely do this.

The function _emalloc exists for exactly this purpose, so use it instead
of calling malloc directly.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

b95c1ea6

Fixed memory leak on file name collision. · 08dbe8e2

Tobias Stoeckmann authored 7 years ago

If feh_unique_filename encounters a file that already exists, the memory
for the temporary filename is not released. As this happens in /tmp at
some code places, an attacker could use this to spray the memory of feh,
or simply triggering an out of memory condition.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

08dbe8e2

Avoid out of boundary read on empty/broken file. · bdee6af0

Tobias Stoeckmann authored 7 years ago

If ereadfile encounters an empty file or the file could not be read, an
out ouf boundary read (and possible write) occurs. Always check the
return value of fread to be > 0 before processing the result buffer.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

bdee6af0

Always terminate strncpy results with '\0'. · 575b9345

Tobias Stoeckmann authored 7 years ago


The strncpy function does not guarantee to end the resulting character
sequence with a terminating nul character if not enough space is
available. This could be triggered by supplying a sufficiently long
output_file option.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

575b9345

Apr 01, 2017
- changelog · 1e042038
  Birte Kristina Friesel authored 7 years ago
  
  1e042038
Mar 28, 2017
- Merge pull request #286 from stoeckmann/ipc · a5e60401
  derf authored 7 years ago
  
  Fix double-free/OOB-write while receiving IPC data
  a5e60401
Mar 23, 2017

Fix double-free/OOB-write while receiving IPC data · f7a547b7

Tobias Stoeckmann authored 7 years ago

If a malicious client pretends to be the E17 window manager, it is
possible to trigger an out of boundary heap write while receiving an
IPC message.

The length of the already received message is stored in an unsigned
short, which overflows after receiving 64 KB of data. It's comparably
small amount of data and therefore achievable for an attacker.

When len overflows, realloc() will either be called with a small value
and therefore chars will be appended out of bounds, or len + 1 will be
exactly 0, in which case realloc() behaves like free(). This could be
abused for a later double-free attack as it's even possible to overwrite
the free information -- but this depends on the malloc implementation.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

f7a547b7