Commit Graph

24239 Commits

Author SHA1 Message Date
Sebastian Dröge
e9eec6f1c8 Merge branch '2514-charset-conundrum' into 'main'
tests: Unset CHARSET when testing locales to avoid it breaking tests

Closes #2514

See merge request GNOME/glib!2369
2021-11-26 12:33:42 +00:00
Nishal Kulkarni
48d0d9f76b gsocket: Use new g_alloca0() function
Replace `g_alloca()` and `memset()` with `g_alloca0()`
2021-11-26 12:24:23 +00:00
Nishal Kulkarni
1529c2ca4d gobject: Use new g_newa0() function
Replace old `g_newa()` and `memset()` with `g_newa0()`
2021-11-26 12:24:23 +00:00
Nishal Kulkarni
b321bf70d7 goption: Use new g_newa0() function
Replace old `g_newa()` and `memset()` with `g_newa0()`
2021-11-26 12:24:23 +00:00
Nishal Kulkarni
34cf69ef17 gsignal: Use new g_newa0() function
Replace old `g_alloca()` and `memset()` with `g_newa0()`
2021-11-26 12:24:23 +00:00
Nishal Kulkarni
8bf62d6309 ghmac: Use new g_alloca0() function
Replace `g_alloca()` and `memset()` with `g_alloca0()`
2021-11-26 12:24:23 +00:00
Nishal Kulkarni
1c7936b368 slice-test: Use new g_newa0() function
Replace old `g_alloca()` and `memset()` with `g_newa0()`
2021-11-26 12:24:23 +00:00
Marc-André Lureau
b4631c44ad galloca: Add new API g_alloca0 and g_newa0
Added `g_alloca0()` which wraps `g_alloca()` and initializes
allocated memory to zeroes.

Added `g_newa0()` which wraps `g_alloca0()` in a typesafe manner.

Refreshed and tweaked by Nishal Kulkarni.
2021-11-26 12:24:23 +00:00
Philip Withnall
3fecaa3924 tests: Unset CHARSET when testing locales to avoid it breaking tests
The charset set in `CHARSET` overrides the charset after the `.` in any
`LC_*` category (set via the environment or `setlocale()`). This will
break many tests, but in particular it definitely breaks the
`/GDateTime/format_mixed/` tests which are specifically checking
different charsets being set for different `LC_*` categories.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2514
2021-11-26 12:08:02 +00:00
Philip Withnall
7dc7b84a52 gcharset: Document the CHARSET environment variable a bit
Users should probably never be setting this — instead, just add the
charset after a `.` in `LANGUAGE`/`LC_ALL`/`LC_*`/`LANG`.

I can’t find any reference (in `git log`, code comments, or man pages)
to this environment variable being standardised or documented or even
used anywhere outside GLib. Perhaps it should eventually be removed.

If anybody finds references as to why GLib checks `CHARSET`, this
comment can be updated in future.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #2514
2021-11-26 12:07:00 +00:00
Enrico Nicoletto
922df0c8e6 Update Brazilian Portuguese translation
(cherry picked from commit 399b88ee12)
2021-11-26 10:16:28 +00:00
Philip Withnall
badc51f23f Merge branch 'g-nearest-pow' into 'main'
De-duplicate g_nearest_pow() implementation and add some overflow protections to g_ptr_array_maybe_expand(), g_string_maybe_expand() and g_string_chunk_insert_len()

See merge request GNOME/glib!2368
2021-11-25 14:51:54 +00:00
Hugo Carvalho
d8e745d6f9 Update Portuguese translation 2021-11-25 13:54:48 +00:00
Sebastian Dröge
72ca69e1db Add some overflow protection to g_string_chunk_insert_len()
If the new string's length plus the existing storage's length is
overflowing a gsize, we would previously memcpy() the string over the
bounds of the previous allocation.

Similarly if the string's size was bigger than G_MAXSIZE / 2 we would've
previously allocated 0 bytes.

Now instead create a new allocation that fits the string.
2021-11-25 14:38:17 +02:00
Sebastian Dröge
b5447e8e35 Add overflow protection to g_string_maybe_expand() 2021-11-25 14:38:17 +02:00
Sebastian Dröge
d01dc6d23a Add stricter overflow protection from GArray to g_ptr_array_maybe_expand() too
It might otherwise happen that the return value from g_nearest_pow()
does not fit into a guint, i.e. it might be G_MAXUINT + 1 if that fits
into a gsize.
2021-11-25 14:11:29 +02:00
Sebastian Dröge
5fcd2495f9 De-duplicate g_nearest_pow() implementation
And put it as static inline function into a private shared header instead.
2021-11-25 14:05:42 +02:00
Yuri Chornoivan
f8bfd73e30 Update Ukrainian translation 2021-11-24 22:08:28 +00:00
Philip Withnall
2a893fd49b Merge branch 'mcatanzaro/gresolver-reload' into 'main'
Address some oddities around GResolver::reload

See merge request GNOME/glib!2353
2021-11-24 15:33:30 +00:00
Michael Catanzaro
f877b82573 gresolver: add missing locking
This is sad, but GResolver has one member variable for historical
reasons, to implement the reload signal. Since it offers a global
singleton, we should make sure it's really safe to use from multiple
threads at once.
2021-11-24 09:16:11 -06:00
Michael Catanzaro
6eb741a6ac gresolver: rename internal reload function
Since there is not actually anything to reload, let's just say we emit
the reload signal.
2021-11-24 09:16:11 -06:00
Michael Catanzaro
c2b5fe9f2d gresolver: remove unneeded call to res_init()
This call was needed once upon a time, when GResolver had subclasses
that presumably relied on this. Nowadays, we have only
GThreadedResolver, which does not need it. res_init() is dangerous
because it modifies global state, so let's get rid of it.
2021-11-24 09:16:11 -06:00
Nirbheek Chauhan
ed7c3dd343 Merge branch 'wip/pwithnall/freebsd-objcopy-fix-why-oh-why' into 'main'
tests: Allow `objcopy --help` to fail, because it fails on FreeBSD

See merge request GNOME/glib!2364
2021-11-24 15:12:15 +00:00
Philip Withnall
462b6c2728 Merge branch 'issue-1104-avoid-crash' into 'main'
Add vfunc checks in gappinfo.c

See merge request GNOME/glib!2365
2021-11-24 15:02:52 +00:00
Luca Bacci
de6da5aa73
GWin32AppInfo: Implement should_show vfunc 2021-11-24 15:48:10 +01:00
Luca Bacci
ebddb60e3e
Add vfunc checks in gappinfo.c
Fixes crashes caused by calling unimplemented vfuncs on Windows
2021-11-24 15:06:46 +01:00
Philip Withnall
dc243a5113 tests: Allow objcopy --help to fail, because it fails on FreeBSD
This is a partial revert of b248f3481c. Eventually, this commit can be
dropped once `objcopy --help` doesn’t exit with a non-zero status on
FreeBSD.

See: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2360#note_1318608

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-11-24 12:01:39 +00:00
Philip Withnall
f496d28093 Merge branch 'make_setprgname_thread_safe' into 'main'
gutils: Make g_set_prgname() thread-safe

Closes #847

See merge request GNOME/glib!2358
2021-11-24 11:10:29 +00:00
Nishal Kulkarni
ef4b43ff13 gutils: Make g_set_prgname() thread-safe
Currently `g_prgname` can be freed by `g_set_prgname()` while another
thread is holding a pointer to it.

We use GQuark when setting g_prgname so that string is never released once set.
Also added unit test, which checks if setting prgname in multi-threaded
program is safe.

Closes: #847
2021-11-24 16:22:28 +05:30
Philip Withnall
6bdb06ff4b Merge branch 'run_command-check' into 'main'
meson: specify when commands need to succeed in run_command

See merge request GNOME/glib!2360
2021-11-24 10:31:41 +00:00
Sebastian Dröge
6ec18d8254 Merge branch 'fix-clang-format' into 'main'
ci: Upgrade to clang-format-11 from clang-format-7

See merge request GNOME/glib!2357
2021-11-24 10:25:06 +00:00
Philip Withnall
23940e4707 Merge branch 'dbusproxy-signal-detailed' into 'main'
gdbusproxy: Make 'g-signal' signal detailed

Closes #2536

See merge request GNOME/glib!2350
2021-11-24 10:03:01 +00:00
Eli Schwartz
b248f3481c
meson: specify when commands need to succeed in run_command
meson in git master now warns about a missing `check:` kwarg, and may
eventually change the default from false to true.

Take the opportunity to require `objcopy --help` to succeed -- it is
unlikely to fail, but if it does something insane happened.
2021-11-24 00:31:18 -05:00
Hugo Carvalho
467bcacc56 Update Portuguese translation 2021-11-23 19:51:27 +00:00
Yuri Chornoivan
697d2c330e Update Ukrainian translation 2021-11-23 18:43:49 +00:00
Goran Vidović
ecb2bb736b Update Croatian translation 2021-11-23 18:34:49 +00:00
Aleksandr Mezin
bff4db527e gdbusproxy: Make 'g-signal' signal detailed
Fixes #2536
2021-11-23 22:14:19 +06:00
Philip Withnall
56b0b8069d Merge branch 'dbus-daemon-print-address-fd' into 'main'
gtestdbus: Print the dbus address on a specific FD intead of stdout

Closes #2537

See merge request GNOME/glib!2354
2021-11-23 13:32:24 +00:00
Philip Withnall
e6062056bc Merge branch '2528-dbus-message-truncation' into 'main'
gdbusmessage: Add more bounds checking when parsing D-Bus messages

Closes #2528

See merge request GNOME/glib!2355
2021-11-23 13:18:53 +00:00
Philip Withnall
93bde24c34 ci: Upgrade to clang-format-11 from clang-format-7
`clang-format-11` is now what’s available in our Debian Stable CI image.

This should fix failures in the `style-check-diff` job.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-11-23 13:13:56 +00:00
Marco Trevisan (Treviño)
d98a52254b gtestdbus: Print the dbus address on a specific FD intead of stdout
We used to use a pipe for the dbus daemon stdout to read the defined
address, but that was already requiring a workaround to ensure that dbus
daemon children were then able to write to stdout.
However the current implementation is still causing troubles in some
cases in which the daemon is very verbose, leading to hangs when writing
to stdout.

As per this, just don't handle stdout ourself, but use instead a
specific pipe to get the address address. That can now be safely closed
once we've received the data we need.

This reverts commit d80adeaa96.

Fixes: #2537
2021-11-23 13:07:50 +00:00
Philip Withnall
1f8390c002 gdbusmessage: Remove arbitrary restriction on minimum D-Bus blob length
The code in `g_dbus_message_new_from_blob()` has now been fixed to
correctly error out on all truncated messages, so there’s no need for an
arbitrary programmer error if the input is too short to contain a valid
D-Bus message header.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #2528
2021-11-23 12:57:29 +00:00
Sebastian Wilhelmi
c58be7d569 tests: Add test cases for truncated D-Bus messages
(Minor code formatting tweaks and leak fixes by Philip Withnall.)

Helps: #2528
2021-11-23 12:55:00 +00:00
Sebastian Wilhelmi
4b9a27a868 gdbusmessage: Add more bounds checking when parsing D-Bus messages
Perform strict bounds checking when reading data from the D-Bus message,
and propagate errors to the callers.

Previously, truncated D-Bus messages could cause out-of-bounds reads.

This is a security issue, but one which is only exploitable when
communicating with an untrusted peer (who might send malicious
messages). Almost all D-Bus traffic is with a session or system bus,
where the dbus-daemon or dbus-broker is trusted, and is known to have
already rejected malformed (malicious) messages.

Accordingly, this is only exploitable with peer-to-peer D-Bus
conversations with an untrusted peer.

(Includes some minor cleanups from Philip Withnall.)

oss-fuzz#17408
Fixes: #2528
2021-11-23 12:32:31 +00:00
Yuri Chornoivan
9aaaf719da Update Ukrainian translation 2021-11-23 07:47:07 +00:00
Fran Dieguez
5c3ebf3689 Update Galician translation 2021-11-22 21:31:37 +00:00
Goran Vidović
d37706f34a Update Croatian translation 2021-11-22 16:16:50 +00:00
Philip Withnall
b0923398f8 Merge branch 'mcatanzaro/gtlsdatabase-docs' into 'main'
Improve some documentation related to GTlsDatabase

See merge request GNOME/glib!2326
2021-11-22 16:09:14 +00:00
Michael Catanzaro
82999879bc gtlsconnection: warn about footguns of using a non-default database
Since
https://gitlab.gnome.org/GNOME/glib-networking/-/merge_requests/173,
there is now a really surprising implication to using a non-default
GTlsDatabase: your database could do nothing at all other than wrap the
default database, which you would expect to result in no behavior
changes, but in fact it causes fewer security checks to be performed
during certificate verification. This is because certificate
verification moved from GTlsDatabase to GTlsConnection, allowing for
more security checks to be performed. But if using a non-default
GTlsDatabase, we have to fall back to letting GTlsDatabase to the
verification, as before.

This is the best we can do. It's not a regression for applications,
because it means applications get the previous pre-2.72 behavior. But it
does mean that new security checks added in 2.72 are not applied, which
is unfortunate, so we should warn developers about this.
2021-11-22 15:56:56 +00:00
Michael Catanzaro
a6a41cfc17 gtlscertificate: tone down warning about g_tls_certificate_verify() 2021-11-22 15:56:56 +00:00