luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-08-02 07:23:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

glib: Use g_memdup2() instead of g_memdup() in obvious places

Browse Source 
Convert all the call sites which use `g_memdup()`’s length argument
trivially (for example, by passing a `sizeof()` or an existing `gsize`
variable), so that they use `g_memdup2()` instead.

In almost all of these cases the use of `g_memdup()` would not have
caused problems, but it will soon be deprecated, so best port away from
it

In particular, this fixes an overflow within `g_bytes_new()`, identified
as GHSL-2021-045 by GHSL team member Kevin Backhouse.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Fixes: GHSL-2021-045
Helps: #2319
This commit is contained in:
Philip Withnall
2021-02-04 13:41:21 +00:00
parent f10101b909
commit 19470722b3
11 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
glib/tests/array-test.c
View File

@@ -1933,7 +1933,7 @@ byte_array_new_take (void)
GByteArray *gbarray;
guint8 *data;
data = g_memdup ("woooweeewow", 11);
data = g_memdup2 ("woooweeewow", 11);
gbarray = g_byte_array_new_take (data, 11);
g_assert (gbarray->data == data);
g_assert_cmpuint (gbarray->len, ==, 11);

4
glib/tests/option-context.c
View File

@@ -257,7 +257,7 @@ join_stringv (int argc, char **argv)
static char **
copy_stringv (char **argv, int argc)
{
return g_memdup (argv, sizeof (char *) * (argc + 1));
return g_memdup2 (argv, sizeof (char *) * (argc + 1));
}
static void
@@ -2324,7 +2324,7 @@ test_group_parse (void)
g_option_context_add_group (context, group);
argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc);
orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *));
orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *));
retval = g_option_context_parse (context, &argc, &argv, &error);

6
glib/tests/uri.c
View File

@@ -410,7 +410,7 @@ test_uri_unescape_bytes (gconstpointer test_data)
else
{
escaped_len = strlen (tests[i].escaped); /* no trailing nul */
escaped = g_memdup (tests[i].escaped, escaped_len);
escaped = g_memdup2 (tests[i].escaped, escaped_len);
}
bytes = g_uri_unescape_bytes (escaped, escaped_len, tests[i].illegal, &error);
@@ -1591,7 +1591,7 @@ test_uri_iter_params (gconstpointer test_data)
else
{
uri_len = strlen (params_tests[i].uri); /* no trailing nul */
uri = g_memdup (params_tests[i].uri, uri_len);
uri = g_memdup2 (params_tests[i].uri, uri_len);
}
/* Run once without extracting the attr or value, just to check the numbers. */
@@ -1658,7 +1658,7 @@ test_uri_parse_params (gconstpointer test_data)
else
{
uri_len = strlen (params_tests[i].uri); /* no trailing nul */
uri = g_memdup (params_tests[i].uri, uri_len);
uri = g_memdup2 (params_tests[i].uri, uri_len);
}
params = g_uri_parse_params (uri, uri_len, params_tests[i].separators, params_tests[i].flags, &err);