1. 28 Mar, 2016 1 commit
    • Ian Goldberg's avatar
      We may need to run autoreconf twice in bootstrap · 0774db33
      Ian Goldberg authored
      The first time you run autoreconf (which runs automake), automake will
      not find config/depconf (because it doesn't exist yet), and will not
      put it into DIST_COMMON in Makefile.in.  So if it's not in there, run
      autoreconf again.
      
      With this fix, "make dist" is reproducible.  Untarring the tarball it
      produces, and running "./configure; make dist" then produces a
      byte-for-byte identical tarball.
      0774db33
  2. 25 Mar, 2016 1 commit
    • Ian Goldberg's avatar
      Create a reproducible tarball from the git source · 2a0c5e97
      Ian Goldberg authored
      Hook am__tar and set GZIP_ENV so that "make dist" will create a
      reproducible tarball from the git source, including a new
      "source_date_epoch" file that contains the source (*not build*)
      timestamp based on the git commit timestamp.
      2a0c5e97
  3. 07 Mar, 2016 2 commits
  4. 06 Mar, 2016 2 commits
  5. 05 Mar, 2016 4 commits
  6. 03 Mar, 2016 3 commits
  7. 25 Dec, 2015 1 commit
    • David Goulet's avatar
      Fix: set to NULL the sendsmp pointer when handling SMP · 70d1df0d
      David Goulet authored
      If err = otrl_proto_create_data(&mp, ...) returns an early error, then
      mp may not have yet been set to NULL.  If the calling code *both*
      (a) had not set mp to NULL to begin with, *and*
      (b) calls free(mp) _outside_ of the test for if (!err),
      then free(mp) will be freeing an uninitialized pointer.
      
      So ensure every call to otrl_proto_create_data either initializes its mp
      to NULL, or only frees mp if the call succeeds, or both.  There were two
      places where neither was happening.  Other places, one or the other was
      already happening.
      
      Also, for extra precaution, set the message pointer in
      otrl_proto_create_data() to NULL at the beginning.
      
      Thanks to Nicolas Guigo <nicolas.guigo@nccgroup.trust> and
      Ben Hawkes <hawkes@inertiawar.com> for the report.
      
      Fixes #72
      Signed-off-by: default avatarDavid Goulet <dgoulet@ev0ke.net>
      Signed-off-by: default avatarIan Goldberg <iang@cs.uwaterloo.ca>
      70d1df0d
  8. 08 Feb, 2015 2 commits
  9. 18 Dec, 2014 3 commits
  10. 29 Nov, 2014 2 commits
  11. 14 Nov, 2014 1 commit
    • Ian Goldberg's avatar
      Guard against a potential integer overflow in future code paths · 187a09ac
      Ian Goldberg authored
      * b64.c (otrl_base64_otr_encode): In case some future code path
      tries to call otrl_base64_otr_encode with a buffer more than
      3/4 the size of all addressable memory, return NULL rather than
      causing an integer overflow and a heap overrun.  Thanks to
      David Remahl <david@remahl.se> for the report.
      
      * proto.c (otrl_proto_create_data): Tiny refactor to call
      otrl_base64_otr_encode instead of duplicating the code here.
      
      Fixes #64
      187a09ac
  12. 21 Oct, 2014 2 commits
  13. 19 Oct, 2014 1 commit
  14. 18 Oct, 2014 7 commits
  15. 14 Oct, 2014 4 commits
  16. 28 Jul, 2014 3 commits
  17. 03 Jun, 2014 1 commit