Commit Graph

22609 Commits

Author SHA1 Message Date
Philip Withnall
105f4a0f39 fuzzing: Add more fuzzing tests for various string parsing functions
There’s no explicit guarantee that any of these functions are safe to
use on untrusted data, but it does no harm to test them.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-08 11:07:43 +00:00
Philip Withnall
b201e028b2 Merge branch 'mcatanzaro/verify-chain-extra-check' into 'master'
gtlsdatabase: remove duplicate precondition check

See merge request GNOME/glib!1783
2020-12-08 09:50:56 +00:00
Michael Catanzaro
855a22e165 gtlsdatabase: remove duplicate precondition check
This check is the same as the check on the line above.
2020-12-07 11:11:37 -06:00
Philip Withnall
55b4a25eaf 2.67.1
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-07 11:02:56 +00:00
Yuri Chornoivan
1d97e805cb Update Ukrainian translation 2020-12-07 08:53:03 +00:00
Sebastian Dröge
986525f1e9 Merge branch 'ossfuzz-27371-hostname-length' into 'master'
ghostutils: Abandon hostname conversion early if it’s too long

See merge request GNOME/glib!1782
2020-12-07 08:29:31 +00:00
Philip Withnall
5e1d368eec Merge branch 'binding-threadsafe-2' into 'master'
Make GBinding thread-safe (alternative approach)

See merge request GNOME/glib!1745
2020-12-04 14:23:10 +00:00
Philip Withnall
95c19181ae guri: Correctly set an error when parsing an invalid hostname
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-04 13:54:27 +00:00
Philip Withnall
1d461bc9f4 ghostutils: Abandon hostname conversion early if it’s too long
The `nameprep()` function in `ghostutils.c` is quite complex, and does a
lot of allocations. This means it can take a long time on long hostnames
(on the order of 10KB long). Hostnames should never be that long,
though, so impose some loose length limits.

oss-fuzz#27371

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-04 13:54:27 +00:00
Philip Withnall
3531239f0e ghostutils: Add missing GIR annotations
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-04 13:16:23 +00:00
Philip Withnall
df7f954dd0 tests: Use g_assert_*() rather than g_assert() in hostutils.c
`g_assert()` is compiled out with `G_DISABLE_ASSERT`.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-04 12:54:11 +00:00
Philip Withnall
416339305f Merge branch 'coverity-return-values' into 'master'
Minor Coverity fixes

See merge request GNOME/glib!1780
2020-12-03 15:35:36 +00:00
Sebastian Dröge
f83a7d5407 Merge branch 'close-range-enosys' into 'master'
gspawn: Handle ENOSYS from close_range()

See merge request GNOME/glib!1781
2020-12-03 15:29:46 +00:00
Philip Withnall
eba2e7f056 gtestdbus: Retry writes if they fail
It’s unlikely, but shuts up a Coverity warning.

Coverity CID: #1232156

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-03 15:26:03 +00:00
Philip Withnall
24b5d86d4a glocalfile: Check g_stat() return value
There were a couple of places where the return value wasn’t checked, and
hence failure could not be noticed.

Coverity CIDs: #1159435, #1159426

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-03 15:26:03 +00:00
Philip Withnall
23f1a31923 gspawn: Handle ENOSYS from close_range()
It’s possible that GLib will eventually be compiled against a version of
libc which supports `close_range()` (hence `HAVE_CLOSE_RANGE` will be
defined), but then run against an older kernel which doesn’t support it.
In this case, we want to fall back to `fdwalk()`, which should work on
such systems.

This is what cpython does: 3529718925/Python/fileutils.c (L2227)

Spotted by Allison Karlitskaya in !1688.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-12-03 14:30:29 +00:00
Philip Withnall
9a519c8bf0 Merge branch 'selinux-warning' into 'master'
gio: ‘security_context_t’ is deprecated

See merge request GNOME/glib!1776
2020-12-03 13:47:49 +00:00
Daniel Mustieles
48efbc7d6f Updated Spanish translation 2020-12-02 14:16:06 +01:00
Sebastian Dröge
c27f729752 Merge branch 'extend_p_option_for_tests' into 'master'
Extend the usage of -p option for glib test framework

See merge request GNOME/glib!1738
2020-12-02 08:14:12 +00:00
Sebastian Dröge
124d891747 Merge branch '2150-extend-uri-tests' into 'master'
Extends uri test with GstURI inspiration

Closes #2150

See merge request GNOME/glib!1775
2020-12-02 08:05:52 +00:00
Marc-André Lureau
3f18b77fb3 gio: fix set_selinux_context coding style
Mostly for cosmetic and readability, follow more closely the glib-style.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-12-01 13:20:27 +04:00
Marc-André Lureau
f9cc77da73 gio: remove unnecessary strdup and fix potential leak
setfilecon_raw() takes a const argument since libselinux 2.2 (commit
6a17cfaafc)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-12-01 13:16:44 +04:00
Marc-André Lureau
7bd1e09c42 build-sys: bump libselinux requirement to >=2.2
The function declaration we use changed a bit since then.
In particular, some arguments became const. See following commit.

libselinux-2.2 was released on 20131030, and is widely available in
all major stable distributions.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-12-01 13:16:44 +04:00
Marc-André Lureau
20e23c701c gio: ‘security_context_t’ is deprecated
From:
9eb9c93275

"we found that the const security_context_t declarations in libselinux
are incorrect; const char * was intended, but const security_context_t
translates to char * const and triggers warnings on passing const char *
from the caller. Easiest fix is to replace them all with const char *."

And later marked deprecated in commit:
7a124ca275

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-12-01 11:39:00 +04:00
Frederic Martinsons
3872bf2ccf Introduce new options -r (or --run-prefix) and -x (or --skip-prefix)
They extend the behavior of, respectively, -p and -s options of the
glib test framework

Currently test suite are only run for one level under -p path, for
example, testfilemonitor -p /monitor would execute the following tests:

/monitor/atomic-replace
/monitor/file-changes
/monitor/dir-monitor
/monitor/dir-not-existent
/monitor/cross-dir-moves

With the --run-prefix the sub-test suite file will be executed:

/monitor/atomic-replace
/monitor/file-changes
/monitor/dir-monitor
/monitor/dir-not-existent
/monitor/cross-dir-moves
/monitor/file/hard-links

The --skip-prefix and run-prefix seems symmetrical, but there is a
difference with skip towards run:
--skip-prefix will use a prefix while --run-prefix only work for a valid test path.
For example and for the following test family:

/monitor/atomic-replace
/monitor/file-changes
/monitor/dir-monitor
/monitor/dir-not-existent
/monitor/cross-dir-moves
/monitor/file/hard-links

while --run-prefix /mon will not execute anything, --skip-prefix /mon
 will skip all of these tests.

See #2238 which references this change.
2020-11-30 14:42:58 +01:00
Frederic Martinsons
1d221af7f1 Extends uri test with GstURI inspiration
- Add a test for parsing FILE scheme from uri
It had taken from GST test_protocol_case
- Add a split uri test with encoded spaces in its path
It had taken from GST test_uri_get_location
- Add tests for g_uri_is_valid
It had taken from GST test_uri_misc
Note that the 4 followings uri failed under gst_uri_is_valid but not
under g_uri_is_valid
   B:\\foo.txt
   B:/foo.txt
   B://foo.txt
   B:foo.txt
- Add tests for g_uri_split
It had taken from GST test_url_parsing
- Add tests for test_uri_normalize and test_uri_parsing_relative
The test URI had been taken from GST test_url_normalization
- Add tests for test_uri_iter_params
It had taken from GST test_url_unescape_equals_in_http_query

Closes #2150

Signed-off-by: Frederic Martinsons <frederic.martinsons@sigfox.com>
2020-11-30 14:34:06 +01:00
Marek Černocký
159ed036d4 Updated Czech translation 2020-11-28 16:56:59 +01:00
Sebastian Dröge
52261f0abe Deprecate g_binding_get_source() and get_target() in favour of dup_source() and dup_target()
The old functions are not thread-safe by design.
2020-11-26 19:51:56 +02:00
Sebastian Dröge
7367c5d367 Release GBinding transform functions also when implicitly unbinding because source/target are finalized
This was inconsistently handled before and only explicit unbinding or
finalizing the binding would've previously released the transform
function. If the source/target were finalized while more strong
references to the binding still existed then the transform function
would stay alive and only the binding itself would be deactivated.
2020-11-26 19:51:56 +02:00
Sebastian Dröge
cc15c933b3 Add tests for GBinding thread-safety 2020-11-26 19:51:56 +02:00
Sebastian Dröge
d296ad435d Factor out common GBinding unbind code into a separate function
This was previously duplicated in two places.
2020-11-26 19:30:54 +02:00
Sebastian Dröge
98bbe4f4d1 Make transform function handling in GBinding thread-safe
Unbinding can happen from one thread while a property notification is
being handled concurrently in another one.

To solve this, introduce a reference counter for the transform function
that ensures that it always stays valid while in use and protect access
to the one stored inside the binding with the unbind mutex.
2020-11-26 19:30:48 +02:00
Sebastian Dröge
1daee6ac64 Make explicit/implicit GBinding unbinding thread-safe
It's possible for g_binding_unbind() to be called at the same time as
one (or both) of source and target are being finalized. The resulting
unbinding needs to be protected with a mutex to ensure that it only
happens exactly once.

As the first reference is owned by both weak notifies and the caller of
g_object_bind_property(), additional indirections are needed to ensure that
unreffing the first reference after creation still unbinds the binding
as before. This seems to be a common code pattern and how this was
intended to be used, but is only safe in single-threaded contexts as it
relies on both the source and target object to be still alive.

Add a lot of comments to the code about all these dependencies and a
couple of assertions to ensure they hold valid.

Also document that inconsistent reference ownership handling of
g_binding_unbind() that makes it unfit for automatically generated
language bindings.
2020-11-26 16:15:36 +02:00
Sebastian Dröge
c8c829fa42 Add g_binding_dup_target() and g_binding_dup_source()
These new getters prevent the source/target from simply disappearing if
they're finalized from another thread in the meantime.
2020-11-26 10:49:23 +02:00
Sebastian Dröge
51ee5cf1c2 Use GWeakRef in GBinding
This makes GBinding slightly more thread-safe as the source/target can't
simply disappear.
2020-11-26 10:49:18 +02:00
Philip Withnall
0af274faa4 Merge branch 'macos-cross' into 'master'
macos: fix frexpl checks in cross-compilation

See merge request GNOME/glib!1771
2020-11-25 19:11:19 +00:00
Philip Withnall
3088fbae52 Merge branch 'mark_g_assert_as_noreturn_on_MSVC' into 'master'
Adding macros G_NORETURN and G_NORETURN_FUNCPTR

Closes #994

See merge request GNOME/glib!1078
2020-11-25 11:52:23 +00:00
Philip Withnall
9cccc08b82 gmacros: Document soft-deprecation of G_GNUC_NORETURN
It still works, and deprecating it would be quite disruptive (as it’s
used in headers), so amend the documentation to point people to
`G_NORETURN` instead.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #994
2020-11-25 11:37:06 +00:00
Emmanuel Fleury
76426c0158 Rewriting the G_GNUC_NORETURN into G_NORETURN macros everywhere 2020-11-25 11:34:05 +00:00
Emmanuel Fleury
c1d74e35c1 Adding macros G_NORETURN and G_NORETURN_FUNCPTR
This macro is borrowed from the gnulib project in the 'noreturn.h' file.

Fixes: #994
2020-11-25 11:34:05 +00:00
Patrick Griffis
a5944828ae Merge branch 'carlosgc/uri-scheme-normalization' into 'master'
guri: apply scheme normalization flag consistently

Closes #2257

See merge request GNOME/glib!1764
2020-11-24 17:25:26 +00:00
Philip Withnall
77361ef45e Merge branch 'fix_extra_warnings' into 'master'
Fix more warnings

See merge request GNOME/glib!1765
2020-11-24 15:37:21 +00:00
Emmanuel Fleury
236d6281b8 Fix signedness warnings in gobject/gobject.c:g_object_new_internal()
gobject/gobject.c: In function ‘g_object_new_internal’:
gobject/gobject.c:1962:25: error: comparison of integer expressions of different signedness: ‘gint’ {aka ‘int’} and ‘guint’ {aka ‘unsigned int’}
 1962 |           for (j = 0; j < n_params; j++)
      |                         ^
gobject/gobject.c:1989:21: error: comparison of integer expressions of different signedness: ‘gint’ {aka ‘int’} and ‘guint’ {aka ‘unsigned int’}
 1989 |       for (i = 0; i < n_params; i++)
      |                     ^
2020-11-24 16:17:46 +01:00
Emmanuel Fleury
7753a0492b Fix signedness warnings in gobject/gobject.c:g_object_new_with_custom_constructor()
gobject/gobject.c: In function ‘g_object_new_with_custom_constructor’:
gobject/gobject.c:1836:21: error: comparison of integer expressions of different signedness: ‘gint’ {aka ‘int’} and ‘guint’ {aka ‘unsigned int’}
 1836 |       for (j = 0; j < n_params; j++)
      |                     ^
gobject/gobject.c:1914:17: error: comparison of integer expressions of different signedness: ‘gint’ {aka ‘int’} and ‘guint’ {aka ‘unsigned int’}
 1914 |   for (i = 0; i < n_params; i++)
      |                 ^
2020-11-24 16:17:46 +01:00
Emmanuel Fleury
d50d2098b5 Fix signedness warning in gobject/gobject.c:g_object_class_install_properties()
gobject/gobject.c: In function ‘g_object_class_install_properties’:
gobject/gobject.c:766:17: error: comparison of integer expressions of different signedness: ‘gint’ {aka ‘int’} and ‘guint’ {aka ‘unsigned int’}
  766 |   for (i = 1; i < n_pspecs; i++)
      |                 ^
2020-11-24 16:17:46 +01:00
Emmanuel Fleury
e28d9defb1 Fix signedness warning in gobject/gtype.c:g_type_interface_add_prerequisite()
gobject/gtype.c: In function ‘g_type_interface_add_prerequisite’:
gobject/gtype.c:1607:21: error: comparison of integer expressions of different signedness: ‘guint’ {aka ‘unsigned int’} and ‘int’
 1607 |       for (i = 0; i < prerequisite_node->n_supers + 1; i++)
      |                     ^
2020-11-24 16:17:37 +01:00
Philip Withnall
69f0f33267 Merge branch 'mcatanzaro/#2076' into 'master'
Suppress some valgrind leak warnings

Closes #2076

See merge request GNOME/glib!1768
2020-11-24 14:45:11 +00:00
Michael Catanzaro
fb6e10c959 gtype: suppress valgrind memory leak warnings
The problem occurs because we keep a pointer inside the allocated block,
instead of a pointer to the start of the block. This memory exists for
the lifetime of the application, so let's silence it.

This is probably abuse of VALGRIND_MALLOCLIKE_BLOCK(), which is really
intended for use in memory allocators, but gtype.c already uses it in
two other places, and it's a practical solution. I wrote another larger
fix for this issue that involves keeping an array of extra pointers when
running under valgrind. This is simpler.

Fix suggested by Philip Withnall

```
==180238== 16 bytes in 1 blocks are possibly lost in loss record 3,078 of 16,075
==180238==    at 0x483BB1A: calloc (vg_replace_malloc.c:762)
==180238==    by 0x5489495: g_malloc0 (gmem.c:132)
==180238==    by 0x5489754: g_malloc0_n (gmem.c:364)
==180238==    by 0x53FDBEE: type_set_qdata_W (gtype.c:3722)
==180238==    by 0x53FDEE8: type_add_flags_W (gtype.c:3787)
==180238==    by 0x53FC348: g_type_register_fundamental (gtype.c:2662)
==180238==    by 0x53D969B: _g_enum_types_init (genums.c:124)
==180238==    by 0x53FF058: gobject_init (gtype.c:4432)
==180238==    by 0x53FF082: gobject_init_ctor (gtype.c:4493)
==180238==    by 0x4010F29: call_init.part.0 (dl-init.c:72)
==180238==    by 0x4011030: call_init (dl-init.c:30)
==180238==    by 0x4011030: _dl_init (dl-init.c:119)
==180238==    by 0x4002149: ??? (in /usr/lib64/ld-2.30.so)
```

Fixes #2076
2020-11-24 08:10:58 -06:00
Michael Catanzaro
a412ffe4d3 gatomicarray: suppress valgrind memory leak warnings
The problem occurs because we keep a pointer inside the allocated block,
instead of a pointer to the start of the block:

```
==180238== 16 bytes in 1 blocks are possibly lost in loss record 3,086 of 16,075
==180238==    at 0x483980B: malloc (vg_replace_malloc.c:309)
==180238==    by 0x548942C: g_malloc (gmem.c:102)
==180238==    by 0x54A4748: g_slice_alloc (gslice.c:1025)
==180238==    by 0x53D0AAF: freelist_alloc (gatomicarray.c:77)
==180238==    by 0x53D0B85: _g_atomic_array_copy (gatomicarray.c:133)
==180238==    by 0x53F8E6D: iface_node_set_offset_L (gtype.c:1347)
==180238==    by 0x53F91F1: type_node_add_iface_entry_W (gtype.c:1444)
==180238==    by 0x53F93DF: type_add_interface_Wm (gtype.c:1477)
==180238==    by 0x53FC946: g_type_add_interface_static (gtype.c:2852)
==180238==    by 0x4A3D53A: gtk_menu_shell_accessible_get_type_once (gtkmenushellaccessible.c:26)
==180238==    by 0x4A3D495: gtk_menu_shell_accessible_get_type (gtkmenushellaccessible.c:26)
==180238==    by 0x4C8AC44: gtk_menu_shell_class_init (gtkmenushell.c:424)
```

Note we cannot use VALGRIND_FREELIKE_BLOCK() in freelist_free() because we
have not actually freed the FreeListNode and need to dereference it in
freelist_alloc() to decide whether to reuse the block. That would result
in a use-after-free warning before we would get a chance to call
VALGRIND_MALLOCLIKE_BLOCK() in the reuse path.

Also note that this free list only ever grows: it never shrinks for the
lifetime of the application, so nothing here will ever be truely freed,
although unused elements are eligible for reuse.

Fix suggested by Philip Withnall

Related: #2076
2020-11-24 08:10:58 -06:00
Carlos Garcia Campos
fb838bf3f6 guri: apply scheme normalization flag consistently
For URIs produced in string form, the path should be normalized and port
omitted when the default one is used. When querying the path and port of
a GUri (using getters or g_uri_split()) the normalized path and the
default port should be returned when they were omitted in the parsed URI.

Closes #2257
2020-11-24 14:35:19 +01:00