Commit Graph

21914 Commits

Author SHA1 Message Date
Marc-André Lureau
591d8676ee uri: modify g_uri_parse_params() to take flags
This will allow to further enhance the parsing, without breaking API,
and also makes argument on call side a bit clearer than just TRUE/FALSE.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-07 15:16:22 +04:00
Marc-André Lureau
d022b7199b uri: change parse_params() to take a separator set
This should give a bit more flexibility, without drawbacks.

Many URI encoding accept either '&' or ';' as separators.

Change the documentation to reflect that '&' is probably more
common (http query string).

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-07 15:16:12 +04:00
Marc-André Lureau
db9987d269 strfuncs: a few g_strsplit_set() improvements
gboolean is secretly actually typedef gint gboolean, so the delim_table
is going to take 1KB of stack all by itself. That’s fine, but it could
be smaller.

This strnpbrk()-like block could do with a comment to make it a bit
clearer what it’s doing.

Suggested-by: Philip Withnall <philip@tecnocode.co.uk>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-07 14:18:48 +04:00
Nirbheek Chauhan
1ee22d0ae9 Merge branch 'bugfix/appinfo-launch-urilist-leak' into 'master'
gdesktopappinfo: Fix unnecessarily copied and leaked URI list

See merge request GNOME/glib!1563
2020-07-05 08:53:26 +00:00
Felix Riemann
88fe78137d gdesktopappinfo: Fix unnecessarily copied and leaked URI list
When an app is spawned using g_desktop_app_info_launch_uris_with_spawn
it will expand the various token in the app's commandline with the
URIs of the files to open. The expand_macro() function that is used for
this advances the pointer to the URI list to show up to which entries
it used.

To not loose the pointer to the list head a duplicate of the URI list
was actually passed to expand_macro(). However, it's not necessary to
create a copy of the URI list for that as expand_macro() will only
change which element the pointer will point to.

This behaviour actually caused the duplicated list to be leaked as the
the list pointer is NULL once all URIs are used up by expand_macro()
and thus nothing was freed at the end of the function.
2020-07-04 20:20:42 +02:00
Philip Withnall
b101dbda13 Merge branch 'g_uri_list_extract_uris-use-pointer-array' into 'master'
gconvert: Use a pointer array in extract_uris

See merge request GNOME/glib!1561
2020-07-03 20:44:09 +00:00
Peter Bloomfield
3ef229fd03 gconvert: Use a pointer array in extract_uris
Use a GPtrArray instead of a GSList in g_uri_list_extract_uris().
2020-07-03 15:48:15 -04:00
Florentina Mușat
3bc9f57f26 Update Romanian translation 2020-07-02 09:41:21 +00:00
Sebastian Dröge
15bf2ddaf5 Merge branch 'ossfuzz-23815-23818-uri-overflows' into 'master'
Fix buffer read overflows in GUri

See merge request GNOME/glib!1559
2020-07-01 12:59:19 +00:00
Philip Withnall
f9d165add1 guri: Fix buffer overrun when decoding %-encoded URI components
There is a limited (1 or 2 byte) read off the end of the buffer if its
final or penultimate byte is `%` and it’s not nul-terminated after that.
If the buffer *is* nul-terminated then the first `g_ascii_isxdigit()`
call safely returns `FALSE` and the code moves on.

Fix it by adding an additional check, and some unit tests to catch the
behaviour.

This bug is present in libsoup, which `GUri` is based on, but not
exploitable due to how the external API only exposes nul-terminated
strings. See https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/126
for the fix there.

oss-fuzz#23815
oss-fuzz#23818

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 13:28:09 +01:00
Philip Withnall
67ba5bfe60 fuzzing: Test g_uri_unescape_segment() as well as g_uri_unescape_bytes()
They have different `%`-encoding behaviour, and probably both deserve to
be tested.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 13:28:09 +01:00
Philip Withnall
0b198104e5 tests: Test the length argument of g_uri_unescaped_bytes()
Modify the existing test function to run each test twice: once
nul-terminated and once with a length specified.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 13:28:09 +01:00
Philip Withnall
7656399cf9 tests: Rewrite another URI test to use an array of test strings
This introduces no functional changes, but will make it easier to add
more tests in future.

It splits the unescaping tests out so the different types of unescaping
(string, bytes, segment) are tested separately, since they have
different limitations.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 13:28:09 +01:00
Philip Withnall
836fee7a08 tests: Test the length argument of g_uri_parse_params()
Modify the existing test function to run each test twice: once
nul-terminated and once with a length specified.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 12:25:49 +01:00
Philip Withnall
67c9d34d71 guri: Allow params to be NULL if length is 0
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 12:25:49 +01:00
Philip Withnall
ab33896bcc tests: Rewrite a URI test to use an array of test strings
This introduces no functional changes, but will make it easier to add
more tests in future.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-01 12:25:49 +01:00
Philip Withnall
99f87d176d Merge branch 'patch-1' into 'master'
Remove c-format from the string that is not c-formatted

See merge request GNOME/glib!1555
2020-07-01 10:06:53 +00:00
Philip Withnall
f77c75a1bb Merge branch 'ossfuzz-fix-again' into 'master'
fuzzing: Another fix for g_uri_parse() test

See merge request GNOME/glib!1556
2020-06-30 10:35:53 +00:00
Philip Withnall
39f8aff8f5 fuzzing: Test URI parsing with and without the strict flag
This should test a few more code paths.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-30 11:10:51 +01:00
Philip Withnall
0bf12c8bfa fuzzing: Use nul-terminated array introduced in previous commit
This fixes commit b2a6a9a434. Doh.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-30 11:08:05 +01:00
Daniel Mustieles
f1a9599bcd Updated Spanish translation 2020-06-30 09:44:13 +02:00
Daniel Mustieles
3cb19804a0 Updated Spanish translation 2020-06-29 15:56:30 +02:00
Yuri Chornoivan
a910513873 Update Ukrainian translation 2020-06-29 13:06:49 +00:00
Yuri Chornoivan
4fe91b63a3 Remove c-format from the string that is not c-formatted 2020-06-29 13:02:44 +00:00
Sebastian Dröge
18b89c1486 Merge branch 'uri-parsing-fix' into 'master'
GUri build fixes

See merge request GNOME/glib!1554
2020-06-29 11:24:17 +00:00
Philip Withnall
b2a6a9a434 fuzzing: Ensure input to g_uri_parse() is nul-terminated
The fuzzer will produce arbitrary binary blobs, which might not be
nul-terminated. `g_uri_parse()` has no length argument, so relies on
receiving a nul-terminated string as input. Guarantee that.

This should fix fuzzing build failures like
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23750.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-29 11:52:40 +01:00
Piotr Drąg
1cf3ae6343 Update POTFILES.in 2020-06-29 11:48:41 +01:00
Philip Withnall
da948f7218 gmain: Fix use of atomic primitives with sig_atomic_t
It seems that `sig_atomic_t` is not the same width as `int` on FreeBSD,
which is causing CI failures:
```
 ../glib/gmain.c:5206:3: error: '_GStaticAssertCompileTimeAssertion_73' declared as an array with a negative size
  g_atomic_int_set (&any_unix_signal_pending, 0);
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../glib/gatomic.h💯5: note: expanded from macro 'g_atomic_int_set'
    G_STATIC_ASSERT (sizeof *(atomic) == sizeof (gint));                     \
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```

Fix that by only using `sig_atomic_t` if the code is *not* using atomic
primitives (i.e. in the fallback case). `sig_atomic_t` is only a typedef
around an integer type and is not magic. Its typedef is chosen by the
platform to be async-signal-safe (i.e. read or written in one instruction),
but not necessarily thread-safe.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-29 10:42:00 +01:00
Aurimas Černius
7cb5cd8d98 Updated Lithuanian translation 2020-06-28 22:26:44 +03:00
Yuri Chornoivan
adf6a57cf8 Update Ukrainian translation 2020-06-25 19:20:21 +00:00
Daniel Șerbănescu
8c9b7669ad Update Romanian translation 2020-06-25 13:10:17 +00:00
Philip Withnall
582ffcd6ea Merge branch 'cancellable-test-debugging' into 'master'
tests: Fix intermittent failure in GCancellableSource test

Closes #1764

See merge request GNOME/glib!1539
2020-06-25 13:02:18 +00:00
Philip Withnall
38be0214a8 Merge branch 'binding' into 'master'
Add g_tls_connection_get_channel_binding_data call and enums

See merge request GNOME/glib!1527
2020-06-25 12:40:34 +00:00
Ruslan Marchenko
44524b9daa Add g_(d)tls_connection_get_channel_binding_data calls and enums
* Add g_tls_connection_get_channel_binding_data API call
 * Add g_dtls_connection_get_channel_binding_data API call
 * Add get_binding_data method to GTlsConnection class
 * Add get_binding_data method to GDtlsConnection interface
 * Add GTlsChannelBindingType enum with tls-unique and
   tls-server-end-point types
 * Add GTlsChannelBindingError enum and G_TLS_CHANNEL_BINDING_ERROR
   quark
 * Add new API calls to documentation reference gio-sections-common
2020-06-25 12:40:34 +00:00
Philip Withnall
ee3216b31b tests: Iterate the GMainContext directly rather than using a GMainLoop
This speeds up the `cancellable` test a little by stopping waiting for
the threads to start up as soon as they have started, rather than after
an arbitrary timeout.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1764
2020-06-25 13:12:51 +01:00
Philip Withnall
5e49d53cd5 tests: Use G_SOURCE_CONTINUE/G_SOURCE_REMOVE instead of booleans
This makes no functional difference, but clarifies the code a little.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
a956b096af tests: Use atomics to access counter shared between threads
This should fix some sporadic test failures in this test, although I
can’t be sure as I was unable to reproduce the original failure.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #1764
2020-06-25 13:12:51 +01:00
Philip Withnall
5571aaa1c5 tests: Use g_test_message() rather than g_printerr() in cancellable test
This makes sure the message gets formatted correctly and sent to the
right log file.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
5b12608157 tests: Fix intermittent failure in GCancellableSource test
It seems that allowing the GCancellable to be finalised in either the
main thread or the worker thread sometimes leads to crashes when running
on CI.

I cannot reproduce these crashes locally, and various analyses with
memcheck, drd and helgrind have failed to give any clues.

Fix this for this particular test case by deferring destruction of the
`GCancellable` instances until after the worker thread has joined.
That’s OK because this test is specifically checking a race between
`g_cancellable_cancel()` and disposal of a `GCancellableSource`.

The underlying bug remains unfixed, though, and I can only hope that we
eventually find a reliable way of reproducing it so it can be analysed
and fixed.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
6801e06d83 Merge branch 'uri' into 'master'
guri: new URI parsing and generating functions

See merge request GNOME/glib!1328
2020-06-25 11:52:07 +00:00
Sebastian Dröge
9ddffa1803 Merge branch '2136-more-suppressions' into 'master'
glib.supp: Suppress calloc() variant of g_get_charset()

Closes #2136

See merge request GNOME/glib!1550
2020-06-25 10:30:52 +00:00
Philip Withnall
dd11160f7f fuzzing: Add fuzz tests for GUri parsing and escaping
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #110
2020-06-25 13:57:35 +04:00
Dan Winship
d83d68d64c guri: new URI parsing and generating functions
Add a set of new URI parsing and generating functions, including a new
parsed-URI type GUri. Move all the code from gurifuncs.c into guri.c,
reimplementing some of those functions (and
g_string_append_uri_encoded()) in terms of the new code.

Fixes:
https://gitlab.gnome.org/GNOME/glib/issues/110

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-25 13:57:35 +04:00
Philip Withnall
0859a8904a Merge branch '1670-unix-signal-handling-safety' into 'master'
gmain: Access Unix signal handler state atomically

Closes #1670

See merge request GNOME/glib!1297
2020-06-25 09:30:58 +00:00
Philip Withnall
02f0d4fc6a glib.supp: Suppress calloc() variant of g_get_charset()
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #2136
2020-06-25 10:00:58 +01:00
Marc-André Lureau
167b950122 misc: code style
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-06-25 12:08:25 +04:00
Baurzhan Muftakhidinov
0dbdd22c57 Update Kazakh translation
(cherry picked from commit 8e7a483a73)
2020-06-25 07:40:42 +00:00
Sebastian Dröge
e48e1447e6 Merge branch '2140-spawn-async-signal-safety' into 'master'
Resolve "calling malloc in fork child is undefined-behaviour"

Closes #2140

See merge request GNOME/glib!1544
2020-06-24 10:07:19 +00:00
Philip Withnall
dd36248f9e gspawn: Don’t use malloc() when running a binary under /bin/sh
Allocate a working buffer before calling `fork()` to avoid calling
`malloc()` in the async-signal-safe context between `fork()` and
`exec()`, where it’s not safe to use.

In this case, the buffer is used to assemble a wrapper around `argv` so
it can be run under `/bin/sh`.

See `man 7 signal-safety`.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #2140
2020-06-23 12:03:30 +01:00
Philip Withnall
cf5af28169 gspawn: Don’t use malloc() when searching for a binary
Allocate a working buffer before calling `fork()` to avoid calling
`malloc()` in the async-signal-safe context between `fork()` and
`exec()`, where it’s not safe to use.

In this case, the buffer is used to assemble elements from `PATH` with
the binary from `argv[0]` to try executing them.

See `man 7 signal-safety`.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #2140
2020-06-23 12:03:30 +01:00