Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package weechat for openSUSE:Factory checked in at 2026-07-06 12:32:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/weechat (Old) and /work/SRC/openSUSE:Factory/.weechat.new.1982 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "weechat" Mon Jul 6 12:32:57 2026 rev:95 rq:1363873 version:4.9.3 Changes: -------- --- /work/SRC/openSUSE:Factory/weechat/weechat.changes 2026-06-09 14:26:51.232814132 +0200 +++ /work/SRC/openSUSE:Factory/.weechat.new.1982/weechat.changes 2026-07-06 12:35:29.233988238 +0200 @@ -1,0 +2,14 @@ +Sun Jul 5 14:25:38 UTC 2026 - Hunter Wardlaw <[email protected]> + +- Update to 4.9.3: + * core: fix buffer overflow in connection to SOCKS5 proxy (#2325) + * core: fix possible buffer overflow in command /color alias (#2330) + * core: fix possible buffer overflow in list of commands displayed + by /help (#2330) + * api: do not free dynamic string on error in function string_dyn_concat + * relay/api: fix memory leak in resources "handshake", "input" and + "completion" (GHSA-wmpc-m6g9-fwj8) + * relay: fix read of uncompressed websocket frame (#2331) + * xfer: fix out-of-bounds write in xfer file transfer resume (#2326) + +------------------------------------------------------------------- Old: ---- weechat-4.9.2.tar.xz weechat-4.9.2.tar.xz.asc New: ---- weechat-4.9.3.tar.xz weechat-4.9.3.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ weechat.spec ++++++ --- /var/tmp/diff_new_pack.XgXDzq/_old 2026-07-06 12:35:31.918081502 +0200 +++ /var/tmp/diff_new_pack.XgXDzq/_new 2026-07-06 12:35:31.922081641 +0200 @@ -17,7 +17,7 @@ Name: weechat -Version: 4.9.2 +Version: 4.9.3 Release: 0 Summary: Multi-protocol extensible Chat Client License: GPL-3.0-or-later ++++++ weechat-4.9.2.tar.xz -> weechat-4.9.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/.poexam/poexam.toml new/weechat-4.9.3/.poexam/poexam.toml --- old/weechat-4.9.2/.poexam/poexam.toml 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/.poexam/poexam.toml 2026-07-05 15:40:23.000000000 +0200 @@ -7,9 +7,11 @@ "checks", ] ignore = [ + "acronyms", "brackets", "double-quotes", "double-words", + "functions", "header", "html-tags", "paths", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/CHANGELOG.md new/weechat-4.9.3/CHANGELOG.md --- old/weechat-4.9.2/CHANGELOG.md 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/CHANGELOG.md 2026-07-05 15:40:23.000000000 +0200 @@ -6,6 +6,18 @@ # WeeChat ChangeLog +## Version 4.9.3 (2026-07-05) + +### Fixed + +- core: fix buffer overflow in connection to SOCKS5 proxy ([#2325](https://github.com/weechat/weechat/issues/2325)) +- core: fix possible buffer overflow in command /color alias ([#2330](https://github.com/weechat/weechat/issues/2330)) +- core: fix possible buffer overflow in list of commands displayed by /help ([#2330](https://github.com/weechat/weechat/issues/2330)) +- api: do not free dynamic string on error in function string_dyn_concat +- relay/api: fix memory leak in resources "handshake", "input" and "completion" ([GHSA-wmpc-m6g9-fwj8](https://github.com/weechat/weechat/security/advisories/GHSA-wmpc-m6g9-fwj8)) +- relay: fix read of uncompressed websocket frame ([#2331](https://github.com/weechat/weechat/issues/2331)) +- xfer: fix out-of-bounds write in xfer file transfer resume ([#2326](https://github.com/weechat/weechat/issues/2326)) + ## Version 4.9.2 (2026-06-07) ### Fixed @@ -25,9 +37,9 @@ - core: fix option weechat.look.color_real_white not applied when color is "white" on 16+ colors terminals ([#1742](https://github.com/weechat/weechat/issues/1742)) - irc: fix tag in message with list of names when joining a channel -- relay: limit size of decompressed websocket frame with permessage-deflate to prevent memory exhaustion ([GHSA-v2v4-45wm-5cr3](https://github.com/weechat/weechat/security/advisories/GHSA-v2v4-45wm-5cr3)) -- relay: fix timing attack on password authentication ([GHSA-vhv8-g2r9-cwcc](https://github.com/weechat/weechat/security/advisories/GHSA-vhv8-g2r9-cwcc)) -- api, relay: fix timing attack on TOTP validation ([GHSA-vhv8-g2r9-cwcc](https://github.com/weechat/weechat/security/advisories/GHSA-vhv8-g2r9-cwcc)) +- relay: limit size of decompressed websocket frame with permessage-deflate to prevent memory exhaustion ([GHSA-v2v4-45wm-5cr3](https://github.com/weechat/weechat/security/advisories/GHSA-v2v4-45wm-5cr3), [CVE-2026-53524](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-53524)) +- relay: fix timing attack on password authentication ([GHSA-vhv8-g2r9-cwcc](https://github.com/weechat/weechat/security/advisories/GHSA-vhv8-g2r9-cwcc), [CVE-2026-53525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-53525)) +- api, relay: fix timing attack on TOTP validation ([GHSA-vhv8-g2r9-cwcc](https://github.com/weechat/weechat/security/advisories/GHSA-vhv8-g2r9-cwcc), [CVE-2026-53525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-53525)) ## Version 4.9.0 (2026-03-29) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/en/weechat_plugin_api.en.adoc new/weechat-4.9.3/doc/en/weechat_plugin_api.en.adoc --- old/weechat-4.9.2/doc/en/weechat_plugin_api.en.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/en/weechat_plugin_api.en.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -3474,6 +3474,8 @@ The pointer _*string_ can change if the string is reallocated (if there is not enough space to concatenate the string). +In case of error, the dynamic string is left unchanged. + Prototype: [source,c] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/en/weechat_relay_api.en.adoc new/weechat-4.9.3/doc/en/weechat_relay_api.en.adoc --- old/weechat-4.9.2/doc/en/weechat_relay_api.en.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/en/weechat_relay_api.en.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -1028,6 +1028,13 @@ confused with the buffer number, which is different) * `buffer_name` (string, **required**): buffer name +Query parameters: + +* `colors` (string, optional, default: `ansi`): how to return strings with color codes: +** `ansi`: return ANSI color codes +** `weechat`: return WeeChat internal color codes +** `strip`: strip colors + Request example: get nicks of a buffer: [source,shell] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/fr/weechat_plugin_api.fr.adoc new/weechat-4.9.3/doc/fr/weechat_plugin_api.fr.adoc --- old/weechat-4.9.2/doc/fr/weechat_plugin_api.fr.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/fr/weechat_plugin_api.fr.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -3532,6 +3532,8 @@ Le pointeur _*string_ peut changer si la chaîne est réallouée (s'il n'y a pas assez de place pour concaténer la chaîne). +En cas d'erreur, la chaîne dynamique reste inchangée. + Prototype : [source,c] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/fr/weechat_relay_api.fr.adoc new/weechat-4.9.3/doc/fr/weechat_relay_api.fr.adoc --- old/weechat-4.9.2/doc/fr/weechat_relay_api.fr.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/fr/weechat_relay_api.fr.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -1040,6 +1040,14 @@ confondre avec le numéro du tampon, qui est différent) * `buffer_name` (chaîne, **obligatoire**) : nom du tampon +Paramètres de requête : + +* `colors` (chaîne, facultatif, par défaut : `ansi`) : comment les chaînes avec + des couleurs sont retournées : +** `ansi` : retourner les codes couleur ANSI +** `weechat` : retourner les codes couleur internes WeeChat +** `strip` : supprimer les couleurs + Exemple de requête : obtenir les pseudos d'un tampon : [source,shell] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/it/weechat_plugin_api.it.adoc new/weechat-4.9.3/doc/it/weechat_plugin_api.it.adoc --- old/weechat-4.9.2/doc/it/weechat_plugin_api.it.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/it/weechat_plugin_api.it.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -3635,6 +3635,9 @@ The pointer _*string_ can change if the string is reallocated (if there is not enough space to concatenate the string). +// TRANSLATION MISSING +In case of error, the dynamic string is left unchanged. + Prototipo: [source,c] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/ja/weechat_plugin_api.ja.adoc new/weechat-4.9.3/doc/ja/weechat_plugin_api.ja.adoc --- old/weechat-4.9.2/doc/ja/weechat_plugin_api.ja.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/ja/weechat_plugin_api.ja.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -3586,6 +3586,9 @@ 文字列が再確保された場合 (文字列を連結するのに十分なサイズが確保されていなかった場合) にはポインタ _*string_ が変わる可能性があります。 +// TRANSLATION MISSING +In case of error, the dynamic string is left unchanged. + プロトタイプ: [source,c] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/sr/weechat_plugin_api.sr.adoc new/weechat-4.9.3/doc/sr/weechat_plugin_api.sr.adoc --- old/weechat-4.9.2/doc/sr/weechat_plugin_api.sr.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/sr/weechat_plugin_api.sr.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -3356,6 +3356,9 @@ Показивач на стринг _*string_ може да се промени ако се стринг реалоцира (у случају да нема довољно простора за надовезивање стринга). +// TRANSLATION MISSING +In case of error, the dynamic string is left unchanged. + Прототип: [source,c] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/doc/sr/weechat_relay_api.sr.adoc new/weechat-4.9.3/doc/sr/weechat_relay_api.sr.adoc --- old/weechat-4.9.2/doc/sr/weechat_relay_api.sr.adoc 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/doc/sr/weechat_relay_api.sr.adoc 2026-07-05 15:40:23.000000000 +0200 @@ -1024,12 +1024,19 @@ GET /api/buffers/{име_бафера}/nicks ---- -Параметри упита: +Параметри путање: * `id_бафера` (цео број, **обавезно**): јединствени идентификатор бафера (не треба да се помеша са бројем бафера, то је нешто друго) * `име_бафера` (стринг, **обавезно**): име бафера +Параметри упита: + +* `colors` (стринг, није обавезно, подразумевано: `ansi`): како се враћају стрингови са кодовима боје: +** `ansi`: враћају се ANSI кодови боје +** `weechat`: враћају се WeeChat интерни кодови боје +** `strip`: уклањају се боје + Пример захтева: врати надимке бафера: [source,shell] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/po/de.po new/weechat-4.9.3/po/de.po --- old/weechat-4.9.2/po/de.po 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/po/de.po 2026-07-05 15:40:23.000000000 +0200 @@ -29,7 +29,7 @@ "Project-Id-Version: WeeChat\n" "Report-Msgid-Bugs-To: [email protected]\n" "POT-Creation-Date: 2026-03-21 17:24+0100\n" -"PO-Revision-Date: 2026-03-21 17:24+0100\n" +"PO-Revision-Date: 2026-07-03 08:28+0200\n" "Last-Translator: Nils Görs <[email protected]>\n" "Language-Team: German <[email protected]>\n" "Language: de_DE\n" @@ -17330,7 +17330,7 @@ "Um Tastenkurzbefehle im Skript-Buffer direkt nutzen zu können (zum Beispiel: " "alt+i = installieren, alt+r = entfernen, ...), muss diese Einstellung " "aktiviert werden. Andernfalls können Aktionen nur über die Eingabezeile " -"durchgeführt werden: i,r..." +"durchgeführt werden: i,r, ..." msgid "color for status \"autoloaded\" (\"a\")" msgstr "Farbe in der der Status \"autoloaded\" (\"a\") dargestellt werden soll" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/core/core-command.c new/weechat-4.9.3/src/core/core-command.c --- old/weechat-4.9.2/src/core/core-command.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/core/core-command.c 2026-07-05 15:40:23.000000000 +0200 @@ -1720,17 +1720,12 @@ else str_alias = argv[i]; } - str_color[0] = '\0'; - if (str_alias) - { - strcat (str_color, ";"); - strcat (str_color, str_alias); - } - if (str_rgb) - { - strcat (str_color, ";"); - strcat (str_color, str_rgb); - } + snprintf (str_color, sizeof (str_color), + "%s%s%s%s", + (str_alias) ? ";" : "", + (str_alias) ? str_alias : "", + (str_rgb) ? ";" : "", + (str_rgb) ? str_rgb : ""); /* add color alias */ snprintf (str_command, sizeof (str_command), @@ -2980,7 +2975,7 @@ struct t_gui_buffer *ptr_buffer; int command_found, length, max_length, list_size; int cols, lines, col, line, index; - char str_format[64], str_command[256], str_line[2048]; + char str_format[64], str_command[256], **str_line; if (verbose) { @@ -3083,27 +3078,29 @@ } /* display lines with commands, in columns */ - for (line = 0; line < lines; line++) + str_line = string_dyn_alloc (256); + if (str_line) { - str_line[0] = '\0'; - for (col = 0; col < cols; col++) + for (line = 0; line < lines; line++) { - index = (col * lines) + line; - if (index < list_size) + string_dyn_copy (str_line, NULL); + for (col = 0; col < cols; col++) { - item = weelist_get (list, index); - if (item) + index = (col * lines) + line; + if (index < list_size) { - if (strlen (str_line) + strlen (weelist_string (item)) + 1 < (int)sizeof (str_line)) + item = weelist_get (list, index); + if (item) { snprintf (str_command, sizeof (str_command), str_format, weelist_string (item)); - strcat (str_line, str_command); + string_dyn_concat (str_line, str_command, -1); } } } + gui_chat_printf (NULL, "%s", *str_line); } - gui_chat_printf (NULL, "%s", str_line); + string_dyn_free (str_line, 1); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/core/core-network.c new/weechat-4.9.3/src/core/core-network.c --- old/weechat-4.9.2/src/core/core-network.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/core/core-network.c 2026-07-05 15:40:23.000000000 +0200 @@ -581,7 +581,13 @@ int port) { struct t_network_socks5 socks5; - unsigned char buffer[288]; + /* + * buffer must be large enough for the username/password authentication + * request, which is the longest message sent/received here; according to + * RFC 1929 it is: version (1) + username length (1) + username (max 255) + * + password length (1) + password (max 255) + */ + unsigned char buffer[2 + 255 + 1 + 255]; int username_len, password_len, addr_len, addr_buffer_len; unsigned char *addr_buffer; char *username, *password; @@ -630,6 +636,18 @@ username_len = strlen (username); password_len = strlen (password); + /* + * username and password length are each stored on a single byte + * (RFC 1929), so they cannot exceed 255 bytes: reject longer values, + * otherwise the memcpy calls below would overflow the buffer + */ + if ((username_len > 255) || (password_len > 255)) + { + free (username); + free (password); + return 0; + } + /* make username/password buffer */ buffer[0] = 1; buffer[1] = (unsigned char) username_len; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/core/core-string.c new/weechat-4.9.3/src/core/core-string.c --- old/weechat-4.9.2/src/core/core-string.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/core/core-string.c 2026-07-05 15:40:23.000000000 +0200 @@ -4768,6 +4768,8 @@ * if the string had to be extended, or the same pointer if there was enough * size to concatenate the new string. * + * In case of error, the dynamic string is left unchanged. + * * Return: * 1: OK * 0: error @@ -4803,11 +4805,7 @@ new_size_alloc = new_size; string_realloc = realloc (ptr_string_dyn->string, new_size_alloc); if (!string_realloc) - { - free (ptr_string_dyn->string); - free (ptr_string_dyn); return 0; - } ptr_string_dyn->string = string_realloc; ptr_string_dyn->size_alloc = new_size_alloc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/core/core-url.c new/weechat-4.9.3/src/core/core-url.c --- old/weechat-4.9.2/src/core/core-url.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/core/core-url.c 2026-07-05 15:40:23.000000000 +0200 @@ -143,8 +143,10 @@ struct t_url_constant url_authtype[] = { +#if LIBCURL_VERSION_NUM < 0x081600 /* < 8.22.0 */ URL_DEF_CONST(_TLSAUTH, NONE), URL_DEF_CONST(_TLSAUTH, SRP), +#endif { NULL, 0 }, }; @@ -409,9 +411,11 @@ URL_DEF_OPTION(PASSWORD, STRING, NULL), URL_DEF_OPTION(PROXYUSERNAME, STRING, NULL), URL_DEF_OPTION(PROXYPASSWORD, STRING, NULL), +#if LIBCURL_VERSION_NUM < 0x081600 /* < 8.22.0 */ URL_DEF_OPTION(TLSAUTH_TYPE, MASK, url_authtype), URL_DEF_OPTION(TLSAUTH_USERNAME, STRING, NULL), URL_DEF_OPTION(TLSAUTH_PASSWORD, STRING, NULL), +#endif URL_DEF_OPTION(SASL_AUTHZID, STRING, NULL), URL_DEF_OPTION(SASL_IR, LONG, NULL), @@ -626,9 +630,11 @@ URL_DEF_OPTION(PROXY_SSL_OPTIONS, LONG, url_ssl_options), URL_DEF_OPTION(PROXY_SSL_VERIFYHOST, LONG, NULL), URL_DEF_OPTION(PROXY_SSL_VERIFYPEER, LONG, NULL), +#if LIBCURL_VERSION_NUM < 0x081600 /* < 8.22.0 */ URL_DEF_OPTION(PROXY_TLSAUTH_PASSWORD, STRING, NULL), URL_DEF_OPTION(PROXY_TLSAUTH_TYPE, STRING, NULL), URL_DEF_OPTION(PROXY_TLSAUTH_USERNAME, STRING, NULL), +#endif URL_DEF_OPTION(TLS13_CIPHERS, LIST, NULL), URL_DEF_OPTION(PROXY_TLS13_CIPHERS, LIST, NULL), #if LIBCURL_VERSION_NUM >= 0x074700 /* 7.71.0 */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/gui/curses/headless/main.c new/weechat-4.9.3/src/gui/curses/headless/main.c --- old/weechat-4.9.2/src/gui/curses/headless/main.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/gui/curses/headless/main.c 2026-07-05 15:40:23.000000000 +0200 @@ -47,7 +47,7 @@ daemonize (void) { pid_t pid; - int fd, i; + int fd, i, rc; printf ("%s ", _("Running WeeChat in background...")); @@ -77,8 +77,9 @@ close (i); } fd = open ("/dev/null", O_RDWR); - (void) dup (fd); - (void) dup (fd); + rc = dup (fd); + rc = dup (fd); + (void) rc; } /* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/gui/gui-buffer.c new/weechat-4.9.3/src/gui/gui-buffer.c --- old/weechat-4.9.2/src/gui/gui-buffer.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/gui/gui-buffer.c 2026-07-05 15:40:23.000000000 +0200 @@ -3804,6 +3804,7 @@ gui_hotlist_remove_buffer (buffer, 1); free (buffer->hotlist_removed); + buffer->hotlist_removed = NULL; if (gui_hotlist_initial_buffer == buffer) gui_hotlist_initial_buffer = NULL; @@ -3822,55 +3823,85 @@ /* free all lines */ gui_line_free_all (buffer); free (buffer->own_lines); + buffer->own_lines = NULL; free (buffer->mixed_lines); + buffer->mixed_lines = NULL; /* free some data */ gui_buffer_undo_free_all (buffer); gui_history_buffer_free (buffer); gui_completion_free (buffer->completion); + buffer->completion = NULL; gui_nicklist_remove_all (buffer); gui_nicklist_remove_group (buffer, buffer->nicklist_root); + buffer->nicklist_root = NULL; hashtable_free (buffer->hotlist_max_level_nicks); + buffer->hotlist_max_level_nicks = NULL; gui_key_free_all (-1, &buffer->keys, &buffer->last_key, &buffer->keys_count, 0); gui_buffer_local_var_remove_all (buffer); hashtable_free (buffer->local_variables); + buffer->local_variables = NULL; free (buffer->plugin_name_for_upgrade); + buffer->plugin_name_for_upgrade = NULL; free (buffer->name); + buffer->name = NULL; free (buffer->full_name); + buffer->full_name = NULL; free (buffer->old_full_name); + buffer->old_full_name = NULL; free (buffer->short_name); + buffer->short_name = NULL; free (buffer->title); + buffer->title = NULL; free (buffer->modes); + buffer->modes = NULL; free (buffer->input_prompt); + buffer->input_prompt = NULL; free (buffer->input_buffer); + buffer->input_buffer = NULL; free (buffer->input_undo_snap); + buffer->input_undo_snap = NULL; free (buffer->text_search_input); + buffer->text_search_input = NULL; if (buffer->text_search_regex_compiled) { regfree (buffer->text_search_regex_compiled); free (buffer->text_search_regex_compiled); + buffer->text_search_regex_compiled = NULL; } free (buffer->highlight_words); + buffer->highlight_words = NULL; free (buffer->highlight_disable_regex); + buffer->highlight_disable_regex = NULL; if (buffer->highlight_disable_regex_compiled) { regfree (buffer->highlight_disable_regex_compiled); free (buffer->highlight_disable_regex_compiled); + buffer->highlight_disable_regex_compiled = NULL; } free (buffer->highlight_regex); + buffer->highlight_regex = NULL; if (buffer->highlight_regex_compiled) { regfree (buffer->highlight_regex_compiled); free (buffer->highlight_regex_compiled); + buffer->highlight_regex_compiled = NULL; } free (buffer->highlight_tags_restrict); + buffer->highlight_tags_restrict = NULL; string_free_split_tags (buffer->highlight_tags_restrict_array); + buffer->highlight_tags_restrict_array = NULL; free (buffer->highlight_tags); + buffer->highlight_tags = NULL; string_free_split_tags (buffer->highlight_tags_array); + buffer->highlight_tags_array = NULL; free (buffer->input_callback_data); + buffer->input_callback_data = NULL; free (buffer->close_callback_data); + buffer->close_callback_data = NULL; free (buffer->nickcmp_callback_data); + buffer->nickcmp_callback_data = NULL; /* remove buffer from buffers list */ if (buffer->prev_buffer) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/plugins/relay/api/relay-api-protocol.c new/weechat-4.9.3/src/plugins/relay/api/relay-api-protocol.c --- old/weechat-4.9.2/src/plugins/relay/api/relay-api-protocol.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/plugins/relay/api/relay-api-protocol.c 2026-07-05 15:40:23.000000000 +0200 @@ -402,7 +402,10 @@ if (json_body) { if (!cJSON_IsObject (json_body)) + { + cJSON_Delete (json_body); return RELAY_API_PROTOCOL_RC_BAD_REQUEST; + } json_algos = cJSON_GetObjectItem (json_body, "password_hash_algo"); if (json_algos) { @@ -781,8 +784,13 @@ char str_delay[32]; json_body = cJSON_Parse (client->http_req->body); - if (!json_body || !cJSON_IsObject (json_body)) + if (!json_body) + return RELAY_API_PROTOCOL_RC_BAD_REQUEST; + if (!cJSON_IsObject (json_body)) + { + cJSON_Delete (json_body); return RELAY_API_PROTOCOL_RC_BAD_REQUEST; + } /* get buffer either by name or by id */ ptr_buffer = NULL; @@ -908,8 +916,13 @@ struct t_gui_buffer *ptr_buffer; json_body = cJSON_Parse (client->http_req->body); - if (!json_body || !cJSON_IsObject(json_body)) + if (!json_body) return RELAY_API_PROTOCOL_RC_BAD_REQUEST; + if (!cJSON_IsObject(json_body)) + { + cJSON_Delete (json_body); + return RELAY_API_PROTOCOL_RC_BAD_REQUEST; + } /* get buffer either by name or by id */ ptr_buffer = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/plugins/relay/relay-websocket.c new/weechat-4.9.3/src/plugins/relay/relay-websocket.c --- old/weechat-4.9.2/src/plugins/relay/relay-websocket.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/plugins/relay/relay-websocket.c 2026-07-05 15:40:23.000000000 +0200 @@ -653,7 +653,7 @@ size_t size_decompressed; char *payload_decompressed; struct t_relay_websocket_frame *frames2, *ptr_frame; - int size, masked_frame, mask[4]; + int size, compressed, masked_frame, mask[4]; if (!buffer || !frames || !num_frames) return 0; @@ -674,6 +674,9 @@ opcode = buffer[index_buffer] & 15; + /* RSV1 indicates whether this message is compressed */ + compressed = (buffer[index_buffer] & 64) ? 1 : 0; + /* check if frame is masked */ masked_frame = (buffer[index_buffer + 1] & 128) ? 1 : 0; @@ -780,9 +783,9 @@ /* * decompress data if frame is not empty and if "permessage-deflate" - * is enabled + * is enabled and the message is compressed */ - if ((length_frame > 0) && ws_deflate && ws_deflate->enabled) + if ((length_frame > 0) && ws_deflate && ws_deflate->enabled && compressed) { if (!ws_deflate->strm_inflate) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/src/plugins/xfer/xfer-dcc.c new/weechat-4.9.3/src/plugins/xfer/xfer-dcc.c --- old/weechat-4.9.2/src/plugins/xfer/xfer-dcc.c 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/src/plugins/xfer/xfer-dcc.c 2026-07-05 15:40:23.000000000 +0200 @@ -242,8 +242,8 @@ xfer_dcc_resume_hash (struct t_xfer *xfer) { char *buf; - unsigned long long total_read; - ssize_t length_buf, to_read, num_read; + unsigned long long total_read, length_buf, to_read; + ssize_t num_read; int ret, fd; total_read = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/weechat-4.9.2/version.sh new/weechat-4.9.3/version.sh --- old/weechat-4.9.2/version.sh 2026-06-07 09:25:09.000000000 +0200 +++ new/weechat-4.9.3/version.sh 2026-07-05 15:40:23.000000000 +0200 @@ -41,8 +41,8 @@ # devel-number the devel version as hex number ("0x04010000" for "4.1.0-dev") # -weechat_stable="4.9.2" -weechat_devel="4.9.2" +weechat_stable="4.9.3" +weechat_devel="4.9.3" stable_major=$(echo "${weechat_stable}" | cut -d"." -f1) stable_minor=$(echo "${weechat_stable}" | cut -d"." -f2)
