glocalfileinfo: Handle arbitrary binary data in extended attribute values

It's safe to assume an escaped string doesn't contain embedded null bytes, but raw memory buffers (as returned by getxattr()) require more care. If the length of the data to be escaped is known, use that knowledge instead of invoking strlen(). (Turned into a git-format patch by Philip Withnall. One minor formatting tweak. Original patch submitted on the Debian bug tracker, bug#962912.) Fixes: #422
2025-01-24 21:16:15 +01:00 · 2020-07-08 12:43:55 +01:00 · 2020-07-08 12:43:55 +01:00 · 8049535ffe
commit 8049535ffe
parent 3cabce39e8
1 changed files with 11 additions and 6 deletions
--- a/gio/glocalfileinfo.c
+++ b/gio/glocalfileinfo.c
@ -305,17 +305,15 @@ name_is_valid (const char *str)
 }

 static char *
-hex_escape_string (const char *str, 
+hex_escape_buffer (const char *str,
+                   size_t      len,
                   gboolean   *free_return)
 {
-  int num_invalid, i;
+  size_t num_invalid, i;
  char *escaped_str, *p;
  unsigned char c;
  static char *hex_digits = "0123456789abcdef";
-  int len;

-  len = strlen (str);
-  
  num_invalid = 0;
  for (i = 0; i < len; i++)
    {
@ -351,6 +349,13 @@ hex_escape_string (const char *str,
  return escaped_str;
 }

+static char *
+hex_escape_string (const char *str,
+                   gboolean   *free_return)
+{
+  return hex_escape_buffer (str, strlen (str), free_return);
+}
+
 static char *
 hex_unescape_string (const char *str, 
                     int        *out_len, 
@ -406,7 +411,7 @@ escape_xattr (GFileInfo  *info,
  char *escaped_val;
  gboolean free_escaped_val;
  
-  escaped_val = hex_escape_string (value, &free_escaped_val);
+  escaped_val = hex_escape_buffer (value, len, &free_escaped_val);
  
  g_file_info_set_attribute_string (info, gio_attr, escaped_val);