On FreeBSD it always crashes due to the platform’s `vasprintf()`
implementation being less forgiving than Linux’s. That’s fine.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This is mostly to cover historic code, but also includes a couple of
additional tests for extended error domains (see #14).
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
At this point, if `dest` is non-`NULL` then we can guarantee
`*dest != NULL` due to `g_propagate_error()` succeeding.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
When loading a GKeyFile, the sequence is usually:
keyfile = g_key_file_new();
g_key_file_load_xxx(keyfile, ...)
g_key_file_new() calls g_key_file_init(), which allocates a parse_buffer
for parsing. g_key_file_load_xxx() will then g_key_file_clear() the
keyfile and call g_key_file_init() again.
Just don't allocate a parse_buffer unless we need it for parsing.
If no pointer to a GError* has been passed to public API, there's not
need to look at translations via gettext or format an error message that
g_set_error_literal will entirely ignore in the end.
Factor out the GError creation to a common function. When adding a
support for extended error types, this will limit the number of places
where these errors are allocated.
Realistically any date over 200 bytes long is not going to be valid, so
limit the input length so we can’t spend too long doing UTF-8 validation
or normalisation.
oss-fuzz#28718
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
On heavily loaded CI machines it seems to be taking about 1.3s between
one `g_get_monotonic_time()` call and the next. Allow that.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Occasionally this test fails in CI with the message:
```
assertion failed: (current_time / 1000000 - last_time / 1000000 == 1)
```
The way this calculation is done at the moment, a difference of 1001ms
between `current_time` and `last_time` can result in failure, if the
times are close to a multiple to 1000ms.
Change it to only truncate the result after doing the subtraction, and
add a 500ms tolerance to account for scheduling delays in the test. (For
example, the `test_func()` could be called, then descheduled before it
gets to call `g_get_monotonic_time()`.
Additionally, change the test to use `g_assert_cmpint()` so that future
failures provide more useful debug information.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Instead, return `NULL` if the checksum type is unsupported. This may
come in useful if we have to withdraw support for a particular checksum
type in future, due to it being broken.
These semantics were already in place for the return value of
`g_checksum_new()` — see commit 877cc60f and bug
comment https://bugzilla.gnome.org/show_bug.cgi?id=501853#c6.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This commit only looks at the `Returns:` lines in the documentation, and
has examined all of them in the file. Function arguments have not been
checked.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2227
This commit only looks at the `Returns:` lines in the documentation, and
has examined all of them in the file. Function arguments have not been
checked.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2227
This commit only looks at the `Returns:` lines in the documentation, and
has examined all of them in the file. Function arguments have not been
checked.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2227
This commit only looks at the `Returns:` lines in the documentation, and
has examined all of them in the file. Function arguments have not been
checked.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2227
Both are provided by libm, but `isnan()` is provided as a macro, whereas
`isfinite()` is an actual function, and hence libm has to be available
at runtime. That didn’t trivially work on FreeBSD, resulting in this
refactor.
`isfinite(x)` is equivalent to `!isnan(x) && !isinfinite(x)`. The case
of `x` being (negative or positive) infinity is already handled by the
range checks on the next line, so it’s safe to switch to `isnan()` here.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Rather than parsing the seconds in an ISO 8601 date/time using a pair of
floating point numbers (numerator and denominator), use two integers
instead. This avoids issues around floating point precision, and also
makes it easier to check for potential overflow from overlong inputs.
This last point means that the `isfinite()` check can be removed, as it
was covering the case where a NAN was generated, which isn’t now
possible using integer arithmetic.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
The fiendish thing about NAN is that it never compares TRUE against
anything, so the limit checks `seconds < 0.0 || seconds >= 60.0` were
never triggering.
oss-fuzz#28473
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This doesn’t change the behaviour of the code, but should squash some
compiler/static analysis warnings about ‘are you sure you got the
precedence right here?’.
Coverity CID: #1159470
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
The `nameprep()` function in `ghostutils.c` is quite complex, and does a
lot of allocations. This means it can take a long time on long hostnames
(on the order of 10KB long). Hostnames should never be that long,
though, so impose some loose length limits.
oss-fuzz#27371
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
