Merge branch 'wip/chergert/use-utf8-validate-for-strlen' into 'main'

glib/gvariant: use g_utf8_validate() for strlen

See merge request GNOME/glib!4296

glib/gvariant.c

@@ -1267,11 +1267,17 @@ g_variant_new_fixed_array (const GVariantType  *element_type,
 GVariant *
 g_variant_new_string (const gchar *string)
 {
-  g_return_val_if_fail (string != NULL, NULL);
+  const char *endptr = NULL;
-  g_return_val_if_fail (g_utf8_validate (string, -1, NULL), NULL);
 
-  return g_variant_new_from_trusted (G_VARIANT_TYPE_STRING,
+  g_return_val_if_fail (string != NULL, NULL);
-                                     string, strlen (string) + 1);
+
+  if G_LIKELY (g_utf8_validate (string, -1, &endptr))
+    return g_variant_new_from_trusted (G_VARIANT_TYPE_STRING,
+                                       string, endptr - string + 1);
+
+  g_critical ("g_variant_new_string(): requires valid UTF-8");
+
+  return NULL;
 }
 
 /**
@@ -1299,17 +1305,25 @@ g_variant_new_string (const gchar *string)
 GVariant *
 g_variant_new_take_string (gchar *string)
 {
-  GVariant *value;
+  const char *end = NULL;
-  GBytes *bytes;
 
   g_return_val_if_fail (string != NULL, NULL);
-  g_return_val_if_fail (g_utf8_validate (string, -1, NULL), NULL);
 
-  bytes = g_bytes_new_take (string, strlen (string) + 1);
+  if G_LIKELY (g_utf8_validate (string, -1, &end))
-  value = g_variant_new_from_bytes (G_VARIANT_TYPE_STRING, bytes, TRUE);
+    {
-  g_bytes_unref (bytes);
+      GVariant *value;
+      GBytes *bytes;
 
-  return value;
+      bytes = g_bytes_new_take (string, end - string + 1);
+      value = g_variant_new_from_bytes (G_VARIANT_TYPE_STRING, bytes, TRUE);
+      g_bytes_unref (bytes);
+
+      return value;
+    }
+
+  g_critical ("g_variant_new_take_string(): requires valid UTF-8");
+
+  return NULL;
 }
 
 /**

glib/tests/gvariant.c

@@ -2886,6 +2886,15 @@ test_container (void)
   g_free (s1);
 }
 
+static void
+do_failed_test (const char *test,
+                const gchar *pattern)
+{
+  g_test_trap_subprocess (test, 1000000, G_TEST_SUBPROCESS_DEFAULT);
+  g_test_trap_assert_failed ();
+  g_test_trap_assert_stderr (pattern);
+}
+
 static void
 test_string (void)
 {
@@ -2937,6 +2946,35 @@ test_utf8 (void)
   g_variant_unref (value);
 }
 
+static void
+test_utf8_bad_new_string (void)
+{
+  g_variant_new_string ("hello\xffworld");
+
+  g_assert_not_reached ();
+}
+
+static void
+test_utf8_bad_new_take_string (void)
+{
+  g_variant_new_take_string (g_strdup ("hello\xffworld"));
+
+  g_assert_not_reached ();
+}
+
+static void
+test_utf8_new_strings (void)
+{
+  if (g_test_undefined ())
+    {
+      do_failed_test ("/gvariant/utf8/subprocess/bad-new-string",
+                      "*g_variant_new_string(): requires valid UTF-8*");
+
+      do_failed_test ("/gvariant/utf8/subprocess/bad-new-take-string",
+                      "*g_variant_new_take_string(): requires valid UTF-8*");
+    }
+}
+
 static void
 test_containers (void)
 {
@@ -2998,15 +3036,6 @@ test_format_strings (void)
   g_assert_null (type);
 }
 
-static void
-do_failed_test (const char *test,
-                const gchar *pattern)
-{
-  g_test_trap_subprocess (test, 1000000, G_TEST_SUBPROCESS_DEFAULT);
-  g_test_trap_assert_failed ();
-  g_test_trap_assert_stderr (pattern);
-}
-
 static void
 test_invalid_varargs (void)
 {
@@ -5863,6 +5892,9 @@ main (int argc, char **argv)
 
   g_test_add_func ("/gvariant/string", test_string);
   g_test_add_func ("/gvariant/utf8", test_utf8);
+  g_test_add_func ("/gvariant/utf8/subprocess/bad-new-string", test_utf8_bad_new_string);
+  g_test_add_func ("/gvariant/utf8/subprocess/bad-new-take-string", test_utf8_bad_new_take_string);
+  g_test_add_func ("/gvariant/utf8-new-strings", test_utf8_new_strings);
   g_test_add_func ("/gvariant/containers", test_containers);
   g_test_add_func ("/gvariant/format-strings", test_format_strings);
   g_test_add_func ("/gvariant/invalid-varargs", test_invalid_varargs);