GVariant: strings are now utf8

- modify serialiser validation function to enforce utf8 encoding - add documentation to g_variant_new_string(), g_variant_get_string(), g_variant_dup_string() - add 2 new test cases to check that it works
2025-01-12 15:36:17 +01:00 · 2010-04-25 13:36:36 -05:00 · 2010-04-25 13:36:36 -05:00 · 9eeab5868f
commit 9eeab5868f
parent da306296cf
3 changed files with 45 additions and 10 deletions
--- a/glib/gvariant-serialiser.c
+++ b/glib/gvariant-serialiser.c
@ -1561,15 +1561,11 @@ gboolean
 g_variant_serialiser_is_string (gconstpointer data,
                                gsize         size)
 {
-  const gchar *string = data;
+  const gchar *end;

-  if (size == 0)
-    return FALSE;
+  g_utf8_validate (data, size, &end);

-  if (string[size - 1] != '\0')
-    return FALSE;
-
-  return strlen (string) == size - 1;
+  return data == end - (size - 1);
 }

 /* < private >
--- a/glib/gvariant.c
+++ b/glib/gvariant.c
@ -957,11 +957,13 @@ g_variant_get_fixed_array (GVariant *value,
 /* String type constructor/getters/validation {{{1 */
 /**
 * g_variant_new_string:
- * @string: a normal C nul-terminated string
+ * @string: a normal utf8 nul-terminated string
 * @returns: a new string #GVariant instance
 *
 * Creates a string #GVariant with the contents of @string.
 *
+ * @string must be valid utf8.
+ *
 * Since: 2.24
 **/
 GVariant *
@ -1063,12 +1065,14 @@ g_variant_is_signature (const gchar *string)
 * g_variant_get_string:
 * @value: a string #GVariant instance
 * @length: a pointer to a #gsize, to store the length
- * @returns: the constant string
+ * @returns: the constant string, utf8 encoded
 *
 * Returns the string value of a #GVariant instance with a string
 * type.  This includes the types %G_VARIANT_TYPE_STRING,
 * %G_VARIANT_TYPE_OBJECT_PATH and %G_VARIANT_TYPE_SIGNATURE.
 *
+ * The string will always be utf8 encoded.
+ *
 * If @length is non-%NULL then the length of the string (in bytes) is
 * returned there.  For trusted values, this information is already
 * known.  For untrusted values, a strlen() will be performed.
@ -1139,11 +1143,13 @@ g_variant_get_string (GVariant *value,
 * g_variant_dup_string:
 * @value: a string #GVariant instance
 * @length: a pointer to a #gsize, to store the length
- * @returns: a newly allocated string
+ * @returns: a newly allocated string, utf8 encoded
 *
 * Similar to g_variant_get_string() except that instead of returning
 * a constant string, the string is duplicated.
 *
+ * The string will always be utf8 encoded.
+ *
 * The return value must be freed using g_free().
 *
 * Since: 2.24
--- a/glib/tests/gvariant.c
+++ b/glib/tests/gvariant.c
@ -1766,6 +1766,7 @@ test_strings (void)
 #define is_sig            is_string | 4
    { is_sig,       1, "" },
    { is_nval,      0, NULL },
+    { is_nval,     13, "hello\xffworld!" },
    { is_string,   13, "hello world!" },
    { is_nval,     13, "hello world\0" },
    { is_nval,     13, "hello\0world!" },
@ -2664,6 +2665,37 @@ test_container (void)
  g_free (s1);
 }

+static void
+test_utf8 (void)
+{
+  const gchar invalid[] = "hello\xffworld";
+  GVariant *value;
+
+  /* ensure that the test data is not valid utf8... */
+  g_assert (!g_utf8_validate (invalid, -1, NULL));
+
+  /* load the data untrusted */
+  value = g_variant_new_from_data (G_VARIANT_TYPE_STRING,
+                                   invalid, sizeof invalid,
+                                   FALSE, NULL, NULL);
+
+  /* ensure that the problem is caught and we get valid UTF-8 */
+  g_assert (g_utf8_validate (g_variant_get_string (value, NULL), -1, NULL));
+  g_variant_unref (value);
+
+
+  /* now load it trusted */
+  value = g_variant_new_from_data (G_VARIANT_TYPE_STRING,
+                                   invalid, sizeof invalid,
+                                   TRUE, NULL, NULL);
+
+  /* ensure we get the invalid data (ie: make sure that time wasn't
+   * wasted on validating data that was marked as trusted)
+   */
+  g_assert (g_variant_get_string (value, NULL) == invalid);
+  g_variant_unref (value);
+}
+
 static void
 test_containers (void)
 {
@ -3725,6 +3757,7 @@ main (int argc, char **argv)
      g_free (testname);
    }

+  g_test_add_func ("/gvariant/utf8", test_utf8);
  g_test_add_func ("/gvariant/containers", test_containers);
  g_test_add_func ("/gvariant/format-strings", test_format_strings);
  g_test_add_func ("/gvariant/invalid-varargs", test_invalid_varargs);