1. 29 Mar, 2016 4 commits
  2. 25 Mar, 2016 1 commit
  3. 20 Mar, 2016 1 commit
  4. 18 Mar, 2016 9 commits
  5. 13 Mar, 2016 7 commits
  6. 11 Mar, 2016 2 commits
  7. 10 Mar, 2016 1 commit
  8. 08 Mar, 2016 7 commits
    • Lubomir Rintel's avatar
      all: remove last dbus-glib bits · ef036aba
      Lubomir Rintel authored
      ef036aba
    • Thomas Haller's avatar
      gitignore: ignore some test artifacts · 9014d8f7
      Thomas Haller authored
      9014d8f7
    • Thomas Haller's avatar
      applet: fix tracking of active access-point · 0ba3b653
      Thomas Haller authored
      Caught the following valgrind error on
      network-manager-applet-1.2.0-0.3.beta1.fc24:
      
        == Invalid read of size 8
        ==    at 0x822471D: g_type_check_instance (gtype.c:4137)
        ==    by 0x8218B63: g_signal_handlers_disconnect_matched (gsignal.c:2925)
        ==    by 0x129B3D: update_active_ap (applet-device-wifi.c:1195)
        ==    by 0x129C92: wifi_device_state_changed (applet-device-wifi.c:1219)
        ==    by 0x11C96E: foo_device_state_changed_cb (applet.c:2308)
        ==    by 0xF2FCC57: ffi_call_unix64 (in /usr/lib64/libffi.so.6.0.2)
        ==    by 0xF2FC6B9: ffi_call (in /usr/lib64/libffi.so.6.0.2)
        ==    by 0x81FF279: g_cclosure_marshal_generic_va (gclosure.c:1604)
        ==    by 0x81FE7A6: _g_closure_invoke_va (gclosure.c:867)
        ==    by 0x821A1D7: g_signal_emit_valist (gsignal.c:3294)
        ==    by 0x821A82E: g_signal_emit (gsignal.c:3441)
        ==    by 0x7ED59DC: g_simple_async_result_complete (gsimpleasyncresult.c:801)
      
      This happens, because we hookup the access-point at the device, without
      taking any strong references or otherwise ensuring proper lifetime
      handling.
      
      Fix that, by registering a weak-ref to the access-point, so that we
      notice when the access-point gets destroyed. Note that we don't want
      to take strong references, because neither device, access-point nor
      applet should keep each other alive only because of an active
      access-point.
      
      Also, instead of registering the access-point at the device, register
      it at the applet. In principle there could be multiple applet instances
      and it is wrong that they all try to register the access-point on the
      same device.
      
      https://mail.gnome.org/archives/networkmanager-list/2016-March/msg00039.html
      0ba3b653
    • Lubomir Rintel's avatar
      wireless-security: fix some error handling · bbb2932b
      Lubomir Rintel authored
      CID 59915 (#1 of 1): Logically dead code (DEADCODE)
      dead_error_line: Execution cannot reach this statement:
      g_set_error_literal(error, ....
      bbb2932b
    • Lubomir Rintel's avatar
      wifi: remove some dead code · eaac8bdf
      Lubomir Rintel authored
      The world is a better place now.
      
      CID 59916 (#1 of 2): Logically dead code (DEADCODE)
      dead_error_line: Execution cannot reach the expression "" inside this
      statement: if (!strcmp((band ? band : ....
      eaac8bdf
    • Lubomir Rintel's avatar
      wifi: add a comment to make coverity happy · db116675
      Lubomir Rintel authored
      CID 59917 (#1 of 1): Missing break in switch (MISSING_BREAK)
      unterminated_case: The case for value 1 is not terminated by a 'break'
      statement.
      db116675
    • Lubomir Rintel's avatar
      wep: fix a couple of potential buffer overflows · d99ac2db
      Lubomir Rintel authored
      Coverity thinks we're no good at string manipulation.
      Can't argue with that.
      
      (Not a security issue; the user could overflow the buffer by typing a
      too long WEP key, but no privilege boundary is crossed.)
      
      CID 59920 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
      2. fixed_size_dest: You might overrun the 65 byte fixed-size string
      sec->keys[sec->cur_index] by copying key without checking the length.
      
      CID 59919 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
      1. fixed_size_dest: You might overrun the 65 byte fixed-size string
      sec->keys[sec->cur_index] by copying key without checking the length.
      
      CID 59918 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
      4. fixed_size_dest: You might overrun the 65 byte fixed-size string
      sec->keys[i] by copying tmp without checking the length.
      d99ac2db
  9. 07 Mar, 2016 4 commits
  10. 05 Mar, 2016 1 commit
  11. 04 Mar, 2016 3 commits