{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":28519975,"defaultBranch":"main","name":"i3status","ownerLogin":"i3","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2014-12-26T20:04:55.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/7904352?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1715183509.0","currentOid":""},"activityList":{"items":[{"before":"10397688c952f486537f0b44a31afd105131691b","after":"200fef9e0d3663835b04e18ad067d9656b75b9cd","ref":"refs/heads/main","pushedAt":"2024-05-22T18:13:05.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"maybe_escape_markup: Don't mangle output if markup is disabled\n\nAs it is, the code modifies the first char of `buffer`, increasing it\nby the number of bytes written.","shortMessageHtmlLink":"maybe_escape_markup: Don't mangle output if markup is disabled"}},{"before":"2e4812a433731236d906aa9836ad599e53dfe560","after":null,"ref":"refs/heads/maybe_escape_markup","pushedAt":"2024-05-08T15:51:49.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"stapelberg","name":"Michael Stapelberg","path":"/stapelberg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/55506?s=80&v=4"}},{"before":"c07b9ca5baee47a85cb745985703080ae8d56fc7","after":"10397688c952f486537f0b44a31afd105131691b","ref":"refs/heads/main","pushedAt":"2024-05-08T15:51:40.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"stapelberg","name":"Michael Stapelberg","path":"/stapelberg","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/55506?s=80&v=4"},"commit":{"message":"maybe_escape_markup: Make function memory-safe (#526)\n\n* maybe_escape_markup: Make function memory-safe\r\n\r\nThis fixes #492 and an additional buffer overflow that can happen when\r\npango markup is enabled.\r\n\r\nUsing config\r\n```\r\ngeneral {\r\n        output_format = \"none\"\r\n        markup = \"pango\"\r\n}\r\n\r\norder += \"wireless _first_\"\r\n\r\nwireless _first_ {\r\n  format_up = \"W: (%quality at %essid, %bitrate) %ip\"\r\n}\r\n```\r\n\r\nand renaming my phone's hotspot to `Hello world &<<<<<<hello world>>`\r\ni3status will throw an AddressSanitizer error:\r\n```\r\n==1373240==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7411d720923e at pc 0x7411daa7cee9 bp 0x7ffdae6ce070 sp 0x7ffdae6cd800\r\nWRITE of size 5 at 0x7411d720923e thread T0\r\n    #0 0x7411daa7cee8 in __interceptor_vsprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1765\r\n    #1 0x7411daa7d0ff in __interceptor_sprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1808\r\n    #2 0x653b2764cdaf in maybe_escape_markup ../src/output.c:102\r\n    #3 0x653b27677df9 in print_wireless_info ../src/print_wireless_info.c:607\r\n    #4 0x653b27640bf1 in main ../i3status.c:709\r\n    #5 0x7411da641ccf  (/usr/lib/libc.so.6+0x25ccf) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\r\n    #6 0x7411da641d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\r\n    #7 0x653b27633f24 in _start (/tmp/xx/i3status/build/i3status+0x4ff24) (BuildId: c737ce6288265fa02a7617c66f51ddd16b5a8275)\r\n\r\nAddress 0x7411d720923e is located in stack of thread T0 at offset 574 in frame\r\n    #0 0x653b276750ed in print_wireless_info ../src/print_wireless_info.c:513\r\n\r\n  This frame has 10 object(s):\r\n    [48, 56) 'tmp' (line 604)\r\n    [80, 168) 'info' (line 516)\r\n    [208, 320) 'placeholders' (line 623)\r\n    [352, 382) 'string_quality' (line 569)\r\n    [416, 446) 'string_signal' (line 570)\r\n    [480, 510) 'string_noise' (line 571)\r\n    [544, 574) 'string_essid' (line 572) <== Memory access at offset 574 overflows this variable\r\n    [608, 638) 'string_frequency' (line 573)\r\n    [672, 702) 'string_ip' (line 574)\r\n    [736, 766) 'string_bitrate' (line 575)\r\n```\r\n\r\nWith pango disabled, the error is thrown elsewhere (#492):\r\n```\r\n==1366779==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7bab43a0923e at pc 0x7bab4727cee9 bp 0x7ffc289d2540 sp 0x7ffc289d1cd0\r\nWRITE of size 33 at 0x7bab43a0923e thread T0\r\n    #0 0x7bab4727cee8 in __interceptor_vsprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1765\r\n    #1 0x7bab4727d0ff in __interceptor_sprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1808\r\n    #2 0x5dd180858aa4 in maybe_escape_markup ../src/output.c:93\r\n    #3 0x5dd180883df9 in print_wireless_info ../src/print_wireless_info.c:607\r\n    #4 0x5dd18084cbf1 in main ../i3status.c:709\r\n    #5 0x7bab46843ccf  (/usr/lib/libc.so.6+0x25ccf) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\r\n    #6 0x7bab46843d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\r\n    #7 0x5dd18083ff24 in _start (/tmp/xx/i3status/build/i3status+0x4ff24) (BuildId: c737ce6288265fa02a7617c66f51ddd16b5a8275)\r\n\r\nAddress 0x7bab43a0923e is located in stack of thread T0 at offset 574 in frame\r\n    #0 0x5dd1808810ed in print_wireless_info ../src/print_wireless_info.c:513\r\n\r\n  This frame has 10 object(s):\r\n    [48, 56) 'tmp' (line 604)\r\n    [80, 168) 'info' (line 516)\r\n    [208, 320) 'placeholders' (line 623)\r\n    [352, 382) 'string_quality' (line 569)\r\n    [416, 446) 'string_signal' (line 570)\r\n    [480, 510) 'string_noise' (line 571)\r\n    [544, 574) 'string_essid' (line 572) <== Memory access at offset 574 overflows this variable\r\n    [608, 638) 'string_frequency' (line 573)\r\n    [672, 702) 'string_ip' (line 574)\r\n    [736, 766) 'string_bitrate' (line 575)\r\n```\r\n\r\nWith the patch output is correct:\r\n```\r\nW: ( 72% at Hello world &amp;&lt;&lt;&lt;&lt;&lt;&lt;hello world&gt;&gt;, 1,2009 Gb/s) 192.168.26.237\r\n```\r\nand\r\n```\r\nW: ( 73% at Hello world &<<<<<<hello world>>, 1,1342 Gb/s) 192.168.26.237\r\n```\r\n\r\nThe patch changes the maybe_escape_markup function to use dynamic\r\nallocation instead of a static buffer. Confusing pointer arithmetic is\r\nreplaced with index-based memory access. The `buffer` pointer does not\r\nmove around except for `realloc`ations.\r\n\r\nFixes #492\r\nCloses #525 (alternative PR)\r\n\r\n* Revert to snprintf","shortMessageHtmlLink":"maybe_escape_markup: Make function memory-safe (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2279395572\" data-permission-text=\"Title is private\" data-url=\"https://github.com/i3/i3status/issues/526\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/i3/i3status/pull/526/hovercard\" href=\"https://github.com/i3/i3status/pull/526\">#526</a>)"}},{"before":"b1f0b60542620f7f19a01529872edda086f6486f","after":"2e4812a433731236d906aa9836ad599e53dfe560","ref":"refs/heads/maybe_escape_markup","pushedAt":"2024-05-08T06:13:16.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"Revert to snprintf","shortMessageHtmlLink":"Revert to snprintf"}},{"before":"6efb409b5377b8ef44a4a7a1c1599c7c5243fe7a","after":"b1f0b60542620f7f19a01529872edda086f6486f","ref":"refs/heads/maybe_escape_markup","pushedAt":"2024-05-08T06:08:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"Revert to snprintf","shortMessageHtmlLink":"Revert to snprintf"}},{"before":null,"after":"6efb409b5377b8ef44a4a7a1c1599c7c5243fe7a","ref":"refs/heads/maybe_escape_markup","pushedAt":"2024-05-05T08:30:07.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"maybe_escape_markup: Make function memory-safe\n\nThis fixes #492 and an additional buffer overflow that can happen when\npango markup is enabled.\n\nUsing config\n```\ngeneral {\n        output_format = \"none\"\n        markup = \"pango\"\n}\n\norder += \"wireless _first_\"\n\nwireless _first_ {\n  format_up = \"W: (%quality at %essid, %bitrate) %ip\"\n}\n```\n\nand renaming my phone's hotspot to `Hello world &<<<<<<hello world>>`\ni3status will throw an AddressSanitizer error:\n```\n==1373240==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7411d720923e at pc 0x7411daa7cee9 bp 0x7ffdae6ce070 sp 0x7ffdae6cd800\nWRITE of size 5 at 0x7411d720923e thread T0\n    #0 0x7411daa7cee8 in __interceptor_vsprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1765\n    #1 0x7411daa7d0ff in __interceptor_sprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1808\n    #2 0x653b2764cdaf in maybe_escape_markup ../src/output.c:102\n    #3 0x653b27677df9 in print_wireless_info ../src/print_wireless_info.c:607\n    #4 0x653b27640bf1 in main ../i3status.c:709\n    #5 0x7411da641ccf  (/usr/lib/libc.so.6+0x25ccf) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\n    #6 0x7411da641d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\n    #7 0x653b27633f24 in _start (/tmp/xx/i3status/build/i3status+0x4ff24) (BuildId: c737ce6288265fa02a7617c66f51ddd16b5a8275)\n\nAddress 0x7411d720923e is located in stack of thread T0 at offset 574 in frame\n    #0 0x653b276750ed in print_wireless_info ../src/print_wireless_info.c:513\n\n  This frame has 10 object(s):\n    [48, 56) 'tmp' (line 604)\n    [80, 168) 'info' (line 516)\n    [208, 320) 'placeholders' (line 623)\n    [352, 382) 'string_quality' (line 569)\n    [416, 446) 'string_signal' (line 570)\n    [480, 510) 'string_noise' (line 571)\n    [544, 574) 'string_essid' (line 572) <== Memory access at offset 574 overflows this variable\n    [608, 638) 'string_frequency' (line 573)\n    [672, 702) 'string_ip' (line 574)\n    [736, 766) 'string_bitrate' (line 575)\n```\n\nWith pango disabled, the error is thrown elsewhere (#492):\n```\n==1366779==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7bab43a0923e at pc 0x7bab4727cee9 bp 0x7ffc289d2540 sp 0x7ffc289d1cd0\nWRITE of size 33 at 0x7bab43a0923e thread T0\n    #0 0x7bab4727cee8 in __interceptor_vsprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1765\n    #1 0x7bab4727d0ff in __interceptor_sprintf /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1808\n    #2 0x5dd180858aa4 in maybe_escape_markup ../src/output.c:93\n    #3 0x5dd180883df9 in print_wireless_info ../src/print_wireless_info.c:607\n    #4 0x5dd18084cbf1 in main ../i3status.c:709\n    #5 0x7bab46843ccf  (/usr/lib/libc.so.6+0x25ccf) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\n    #6 0x7bab46843d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: 6542915cee3354fbcf2b3ac5542201faec43b5c9)\n    #7 0x5dd18083ff24 in _start (/tmp/xx/i3status/build/i3status+0x4ff24) (BuildId: c737ce6288265fa02a7617c66f51ddd16b5a8275)\n\nAddress 0x7bab43a0923e is located in stack of thread T0 at offset 574 in frame\n    #0 0x5dd1808810ed in print_wireless_info ../src/print_wireless_info.c:513\n\n  This frame has 10 object(s):\n    [48, 56) 'tmp' (line 604)\n    [80, 168) 'info' (line 516)\n    [208, 320) 'placeholders' (line 623)\n    [352, 382) 'string_quality' (line 569)\n    [416, 446) 'string_signal' (line 570)\n    [480, 510) 'string_noise' (line 571)\n    [544, 574) 'string_essid' (line 572) <== Memory access at offset 574 overflows this variable\n    [608, 638) 'string_frequency' (line 573)\n    [672, 702) 'string_ip' (line 574)\n    [736, 766) 'string_bitrate' (line 575)\n```\n\nWith the patch output is correct:\n```\nW: ( 72% at Hello world &amp;&lt;&lt;&lt;&lt;&lt;&lt;hello world&gt;&gt;, 1,2009 Gb/s) 192.168.26.237\n```\nand\n```\nW: ( 73% at Hello world &<<<<<<hello world>>, 1,1342 Gb/s) 192.168.26.237\n```\n\nThe patch changes the maybe_escape_markup function to use dynamic\nallocation instead of a static buffer. Confusing pointer arithmetic is\nreplaced with index-based memory access. The `buffer` pointer does not\nmove around except for `realloc`ations.\n\nFixes #492\nCloses #525 (alternative PR)","shortMessageHtmlLink":"maybe_escape_markup: Make function memory-safe"}},{"before":"c3a8c7923af17b606df53ab97de34df28d2281ff","after":"c07b9ca5baee47a85cb745985703080ae8d56fc7","ref":"refs/heads/main","pushedAt":"2024-02-04T06:14:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"man: . at end of sentence","shortMessageHtmlLink":"man: . at end of sentence"}},{"before":"6dac8670fa67d95787f1b35fdcc92ccbcb580ac7","after":"c3a8c7923af17b606df53ab97de34df28d2281ff","ref":"refs/heads/main","pushedAt":"2024-01-28T13:46:10.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"Add newlines to some `die()` messages","shortMessageHtmlLink":"Add newlines to some <code>die()</code> messages"}},{"before":"8a918438ed5b1800cda21d53ddaf130e7936cc9b","after":"6dac8670fa67d95787f1b35fdcc92ccbcb580ac7","ref":"refs/heads/main","pushedAt":"2023-07-28T17:44:45.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"orestisfl","name":"Orestis Floros","path":"/orestisfl","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5778622?s=80&v=4"},"commit":{"message":"Merge pull request #486 from erbth/battery_status_idle\n\nAdd another battery status called 'idle'","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1174612763\" data-permission-text=\"Title is private\" data-url=\"https://github.com/i3/i3status/issues/486\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/i3/i3status/pull/486/hovercard\" href=\"https://github.com/i3/i3status/pull/486\">#486</a> from erbth/battery_status_idle"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEUT8cgAA","startCursor":null,"endCursor":null}},"title":"Activity · i3/i3status"}