Merge branch 'mcatanzaro/sast' into 'main'

Fix minor issues found by static analysis, and add some additional code comments

See merge request GNOME/glib!4204

girepository/gibaseinfo.c

@@ -230,6 +230,7 @@ gi_base_info_type_register_static (const char     *type_name,
   info.base_finalize = NULL;
   info.class_init = class_init;
   info.class_finalize = NULL;
+  info.class_data = NULL;
   info.instance_size = (guint16) instance_size;
   info.n_preallocs = 0;
   info.instance_init = NULL;

glib/gdatetime.c

@@ -3603,7 +3603,7 @@ g_date_time_format_utf8 (GDateTime   *datetime,
           if (mod_case && g_strcmp0 (mod, "#") == 0)
             tz = tmp = g_utf8_strdown (tz, -1);
           g_string_append (outstr, tz);
-          g_free (tmp);
+          g_clear_pointer (&tmp, g_free);
 	  break;
 	case '%':
 	  g_string_append_c (outstr, '%');

glib/ggettext.c

@@ -237,6 +237,10 @@ g_dpgettext (const gchar *domain,
 
           translation = g_dgettext (domain, tmp);
 
+          /* g_dgettext() may return the value we pass to it, which will be on
+           * this stack frame since we allocated it with g_alloca(). If so, we
+           * return a pointer into our original input instead.
+           */
           if (translation == tmp)
             return sep + 1;
         }
@@ -294,6 +298,10 @@ g_dpgettext2 (const gchar *domain,
       msg_ctxt_id[msgctxt_len - 1] = '|';
       translation = g_dgettext (domain, msg_ctxt_id);
 
+      /* g_dgettext() may return the value we pass to it, which will be on this
+       * stack frame since we allocated it with g_alloca(). If so, we return our
+       * original input instead.
+       */
       if (translation == msg_ctxt_id)
         return msgid;
     }

glib/giochannel.c

@@ -877,26 +877,31 @@ g_io_channel_set_line_term (GIOChannel	*channel,
                             const gchar	*line_term,
 			    gint         length)
 {
-  guint length_unsigned;
-
   g_return_if_fail (channel != NULL);
   g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */
 
+  g_free (channel->line_term);
+
   if (line_term == NULL)
-    length_unsigned = 0;
+    {
+      channel->line_term = NULL;
+      channel->line_term_len = 0;
+    }
   else if (length >= 0)
-    length_unsigned = (guint) length;
+    {
+      /* We store the value nul-terminated even if the input is not */
+      channel->line_term = g_malloc0 (length + 1);
+      memcpy (channel->line_term, line_term, length);
+      channel->line_term_len = (guint) length;
+    }
   else
     {
-      /* FIXME: We’re constrained by line_term_len being a guint here */
+      /* We’re constrained by line_term_len being a guint here */
       gsize length_size = strlen (line_term);
       g_return_if_fail (length_size <= G_MAXUINT);
-      length_unsigned = (guint) length_size;
+      channel->line_term = g_strdup (line_term);
+      channel->line_term_len = (guint) length_size;
     }
-
-  g_free (channel->line_term);
-  channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL;
-  channel->line_term_len = length_unsigned;
 }
 
 /**
@@ -906,7 +911,8 @@ g_io_channel_set_line_term (GIOChannel	*channel,
  *
  * This returns the string that #GIOChannel uses to determine
  * where in the file a line break occurs. A value of %NULL
- * indicates autodetection.
+ * indicates autodetection. Since 2.84, the return value is always
+ * nul-terminated.
  *
  * Returns: The line termination string. This value
  *   is owned by GLib and must not be freed.

glib/gutils.c

@@ -1940,6 +1940,7 @@ g_build_user_config_dir (void)
   if (!config_dir || !config_dir[0])
     {
       gchar *home_dir = g_build_home_dir ();
+      g_free (config_dir);
       config_dir = g_build_filename (home_dir, ".config", NULL);
       g_free (home_dir);
     }
@@ -2003,6 +2004,7 @@ g_build_user_cache_dir (void)
   if (!cache_dir || !cache_dir[0])
     {
       gchar *home_dir = g_build_home_dir ();
+      g_free (cache_dir);
       cache_dir = g_build_filename (home_dir, ".cache", NULL);
       g_free (home_dir);
     }
@@ -2065,6 +2067,7 @@ g_build_user_state_dir (void)
   if (!state_dir || !state_dir[0])
     {
       gchar *home_dir = g_build_home_dir ();
+      g_free (state_dir);
       state_dir = g_build_filename (home_dir, ".local/state", NULL);
       g_free (home_dir);
     }

glib/gvariant-parser.c

@@ -1618,7 +1618,11 @@ string_free (AST *ast)
 }
 
 /* Accepts exactly @length hexadecimal digits. No leading sign or `0x`/`0X` prefix allowed.
- * No leading/trailing space allowed. */
+ * No leading/trailing space allowed.
+ *
+ * It's OK to pass a length greater than the actual length of the src buffer,
+ * provided src must be null-terminated.
+ */
 static gboolean
 unicode_unescape (const gchar  *src,
                   gint         *src_ofs,
@@ -1692,6 +1696,9 @@ string_parse (TokenStream  *stream,
   length = strlen (token);
   quote = token[0];
 
+  /* The output will always be at least one byte smaller than the input,
+   * because we skip over the initial quote character.
+   */
   str = g_malloc (length);
   g_assert (quote == '"' || quote == '\'');
   j = 0;
@@ -1823,6 +1830,9 @@ bytestring_parse (TokenStream  *stream,
   length = strlen (token);
   quote = token[1];
 
+  /* The output will always be smaller than the input, because we skip over the
+   * initial b and the quote character.
+   */
   str = g_malloc (length);
   g_assert (quote == '"' || quote == '\'');
   j = 0;

glib/tests/gdatetime.c

@@ -1636,6 +1636,7 @@ test_GDateTime_printf (void)
   TEST_PRINTF ("%9", NULL);
 #ifdef G_OS_UNIX
   TEST_PRINTF ("%Z", "UTC");
+  TEST_PRINTF ("%#Z %Z", "utc UTC");
 #elif defined G_OS_WIN32
   g_assert (GetDynamicTimeZoneInformation (&dtz_info) != TIME_ZONE_ID_INVALID);
   if (wcscmp (dtz_info.StandardName, L"") != 0)

glib/tests/io-channel.c

@@ -178,6 +178,8 @@ test_read_line_embedded_nuls (void)
   GError *local_error = NULL;
   gchar *line = NULL;
   gsize line_length, terminator_pos;
+  const gchar *line_term;
+  gint line_term_length;
   GIOStatus status;
 
   g_test_summary ("Test that reading a line containing embedded nuls works "
@@ -200,6 +202,11 @@ test_read_line_embedded_nuls (void)
    * Use length -1 here to exercise glib#2323; the case where length > 0
    * is covered in glib/tests/protocol.c. */
   g_io_channel_set_line_term (channel, "\n", -1);
+
+  line_term = g_io_channel_get_line_term (channel, &line_term_length);
+  g_assert_cmpstr (line_term, ==, "\n");
+  g_assert_cmpint (line_term_length, ==, 1);
+
   g_io_channel_set_encoding (channel, NULL, &local_error);
   g_assert_no_error (local_error);