From e0976efee9c28495e65a30295c6ce3866d843b8a Mon Sep 17 00:00:00 2001 From: Ernestas Kulik Date: Thu, 2 Feb 2023 21:25:56 +0200 Subject: [PATCH] gio: converter: Forbid null out arguments Currently, inbuf_size and outbuf_size are not documented as not nullable, but they are expected to be so, which might lead to unexpected crashes. Moreover, outbuf itself is also expected to not be null, so this commit adds the appropriate GI annotations and early returns on failed preconditions. --- gio/gconverter.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/gio/gconverter.c b/gio/gconverter.c index 9dacaf03e..57ee1b904 100644 --- a/gio/gconverter.c +++ b/gio/gconverter.c @@ -57,12 +57,14 @@ g_converter_default_init (GConverterInterface *iface) * @inbuf: (array length=inbuf_size) (element-type guint8): the buffer * containing the data to convert. * @inbuf_size: the number of bytes in @inbuf - * @outbuf: (element-type guint8) (array length=outbuf_size): a buffer to write - * converted data in. + * @outbuf: (element-type guint8) (array length=outbuf_size) (not nullable): a + * buffer to write converted data in. * @outbuf_size: the number of bytes in @outbuf, must be at least one * @flags: a #GConverterFlags controlling the conversion details - * @bytes_read: (out): will be set to the number of bytes read from @inbuf on success - * @bytes_written: (out): will be set to the number of bytes written to @outbuf on success + * @bytes_read: (out) (not nullable): will be set to the number of bytes read + * from @inbuf on success + * @bytes_written: (out) (not nullable): will be set to the number of bytes + * written to @outbuf on success * @error: location to store the error occurring, or %NULL to ignore * * This is the main operation used when converting data. It is to be called @@ -166,7 +168,12 @@ g_converter_convert (GConverter *converter, GConverterIface *iface; g_return_val_if_fail (G_IS_CONVERTER (converter), G_CONVERTER_ERROR); + g_return_val_if_fail (inbuf != NULL || inbuf_size == 0, G_CONVERTER_ERROR); + g_return_val_if_fail (outbuf != NULL, G_CONVERTER_ERROR); g_return_val_if_fail (outbuf_size > 0, G_CONVERTER_ERROR); + g_return_val_if_fail (bytes_read != NULL, G_CONVERTER_ERROR); + g_return_val_if_fail (bytes_written != NULL, G_CONVERTER_ERROR); + g_return_val_if_fail (error == NULL || *error == NULL, G_CONVERTER_ERROR); *bytes_read = 0; *bytes_written = 0;