summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorLines
2017-08-22Add experimental support for (remote) control via stdinDaniel Friesel-0/+33
2017-08-21Release v2.19.32.19.3Daniel Friesel-1/+1
2017-08-19Make feh abort immediately if an index image could not be created (#306)Daniel Friesel-4/+7
2017-08-19Save --geometry flags in .fehbg if specified (closes #313)Daniel Friesel-2/+16
2017-08-12Release v2.19.22.19.2Daniel Friesel-1/+1
2017-08-10Fix segfault in feh_event_handle_keypress for certain key inputsDaniel Friesel-2/+11
Turns out that it is undefined behaviour to pass a value to isctype functions which does not fit inside a char. Closes #312
2017-08-05Show ImageMagick output on the terminal unless --quiet is specifiedDaniel Friesel-3/+5
(cf #309)
2017-06-19Fix Shift modifier not being recognized for tab, space and similar keysDaniel Friesel-2/+2
Closes #303
2017-04-16Thumbnail generation: Handle HOME-less users (and some other edge cases)Daniel Friesel-2/+12
2017-04-06Fix indentation.Olof-Joachim Frahm-6/+6
2017-04-05Use temporary file to create thumbnail.Olof-Joachim Frahm-6/+18
2017-04-05`sizeof(char)` is defined to be 1.Olof-Joachim Frahm-1/+1
2017-04-05Use XDG_CACHE_HOME for thumbnails.Olof-Joachim Frahm-22/+45
2017-04-02replace _emalloc with emalloc (is the same unless DMALLOC is used)Daniel Friesel-2/+2
2017-04-02Merge pull request #290 from stoeckmann/emallocDaniel Friesel-1/+1
Check malloc return value for NULL.
2017-04-02Merge pull request #289 from stoeckmann/memory-leakDaniel Friesel-0/+2
Fixed memory leak on file name collision.
2017-04-02Merge pull request #288 from stoeckmann/strncpyDaniel Friesel-6/+12
Always terminate strncpy results with '\0'.
2017-04-02Check malloc return value for NULL.Tobias Stoeckmann-1/+1
If malloc cannot allocate enough memory, it could return NULL. This is not necessarily true for default Linux settings, but can be provoked there as well by adjusting proc entries. Other systems like the *BSD ones definitely do this. The function _emalloc exists for exactly this purpose, so use it instead of calling malloc directly. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2017-04-02Fixed memory leak on file name collision.Tobias Stoeckmann-0/+2
If feh_unique_filename encounters a file that already exists, the memory for the temporary filename is not released. As this happens in /tmp at some code places, an attacker could use this to spray the memory of feh, or simply triggering an out of memory condition. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2017-04-02Avoid out of boundary read on empty/broken file.Tobias Stoeckmann-2/+2
If ereadfile encounters an empty file or the file could not be read, an out ouf boundary read (and possible write) occurs. Always check the return value of fread to be > 0 before processing the result buffer. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2017-04-02Always terminate strncpy results with '\0'.Tobias Stoeckmann-6/+12
The strncpy function does not guarantee to end the resulting character sequence with a terminating nul character if not enough space is available. This could be triggered by supplying a sufficiently long output_file option. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2017-03-23Fix double-free/OOB-write while receiving IPC dataTobias Stoeckmann-1/+1
If a malicious client pretends to be the E17 window manager, it is possible to trigger an out of boundary heap write while receiving an IPC message. The length of the already received message is stored in an unsigned short, which overflows after receiving 64 KB of data. It's comparably small amount of data and therefore achievable for an attacker. When len overflows, realloc() will either be called with a small value and therefore chars will be appended out of bounds, or len + 1 will be exactly 0, in which case realloc() behaves like free(). This could be abused for a later double-free attack as it's even possible to overwrite the free information -- but this depends on the malloc implementation. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2017-02-26Also update window title for thumbnail windows (closes #280)Daniel Friesel-3/+22
2017-02-23Fix memory leak when closing images opened from thumbnail modeDaniel Friesel-0/+3
2017-02-16I made a derp2.18.2Daniel Friesel-1/+1
2017-01-12Pass windidget to feh_action_run, making it possible to use format specifiersANogin-10/+10
like %o and %z in slideshow actions (I would like to use this to zoom in, pan, and then use an action to crop the window to zoomed in view).
2017-01-11rewrite window title whenever the image is rendered (closes #266)Daniel Friesel-0/+8
2016-10-30imlib.c: Move orientation logic inside HAVE_LIBEXIFDaniel Friesel-2/+2
2016-10-29add cmdline opt --auto-rotate to rotate according to EXIF infoElliot Wolk-1/+7
2016-10-29imlib: fix autorotate EXIF parsingElliot Wolk-12/+15
2016-10-24thumbnail mode: Add a debug printf for thumbnail image sizeDaniel Friesel-0/+1
2016-10-17Properly initialize zoom_fill key binding, set it to ! (exclamation mark)Daniel Friesel-0/+1
2016-10-15Added a "zoom fit" key binding for the current image.Ernie Ewert-3/+14
Fixed(?) Makefile document build issue for README.md
2016-09-01Fix FSF addressFabio Alessandro Locati-2/+2
2016-08-31winwidget: hostname always has a trailing null byte in the !HOST_NAME_MAX branchDaniel Friesel-1/+0
2016-08-31Only use sysconf() if HOST_NAME_MAX is undefinedNiclas Zeising-2/+15
On some systsems sysconf() can return a very large value, unsuitable for use with malloc(). Only use sysconf() if HOST_NAME_MAX isn't avalable.
2016-08-31Fix build on FreeBSD.Niclas Zeising-6/+12
FreeBSD lacks the constant HOST_NAME_MAX, instead using sysconf(3) to find out the value of the maximum host name length at run time. Patch to use this instead of HOST_NAME_MAX. This brings with it the need to use malloc instead of using a statically sized buffer for the host name, since the size of the buffer cannot be known at run time. Errors from sysconf or malloc just means that the entire block of code is skipped over (the same way it's skipped if the call to gethostname() fails), rather than returning any kind of error to the caller or logging an error message somewhere.
2016-08-28dedup key/button initializationDaniel Friesel-254/+142
2016-08-28merge next(_img), prev(_img) and (toggle_)menuDaniel Friesel-25/+16
2016-08-28Only set _NET_WM_PID once, also set WM_CLIENT_MACHINEDaniel Friesel-6/+14
2016-08-27Add support for _NET_WM_PIDKlee Dienes-0/+6
2016-08-27Key actions can now also be bound to buttons. not vice versa, thoughDaniel Friesel-73/+217
2016-08-27preparations for unified key/button bindingsDaniel Friesel-71/+64
2016-08-21reload timer: always call prepare_filelist for sorting etc (closes #200)Daniel Friesel-2/+2
2016-07-24support rotation for images loaded via libcurl and imagemagickDaniel Friesel-29/+29
2016-07-22I may have fixed rotate etc. on remote images (not magick ones, though)Daniel Friesel-3/+20
2016-06-24Also handle fork() failure in magick_load_imageDaniel Friesel-1/+7
2016-06-23imlib/rotate: Fail gracefully when fork() failsDaniel Friesel-3/+3
2016-06-20imlib.c: Do not call atexit hooks when terminating a child process (closes #245)Daniel Friesel-5/+5
2016-06-06next/priv directory: Use PATH_MAX instead of FEH_MAX_DIRNAME_LENDaniel Friesel-10/+9