This encodes what GLib is already bound by, as it’s hosted on
gitlab.gnome.org, which is GNOME infrastructure and hence bound by the
GNOME code of conduct.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This will help static analysers, similarly to with the previous commit.
This introduces no functional changes.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This will help static analysers which think that the type of
`priv->proxy_address` could potentially change between freeing
`dest_hostname` and the `g_return_if_fail()` call below, leading to the
code to continue through to `g_object_new()` and use `dest_hostname`
after freeing it.
This introduces no functional changes.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This should fix a scan-build warning about the final `name_unref()` here
being a use-after-free.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This should fix a scan-build warning that `resource` is
used-after-freeing in the final `g_resource_unref()` call in
`g_static_resource_fini()`, as `g_resources_unregister_unlocked()` has
already unreffed it.
In reality, each resource has two strong refs on it while active, so the
second unref is correct.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
As per meson spec, returncode() produces unspecified data if
compiled() == false. Check compiled() first to avoid relying
upon unspecified data.
In addition, muon -- an implemetation of meson written in C goes
further and forbids returning unspecified data. This is a good
decision, but also makes it harder to support applications which
wrongly use meson API. Therefore, application needs to be fixed.
Meson used to try and guess at the Python path. While this worked fine
for GLib before, it probably didn’t work 100% for other projects, so
Meson have made it an explicit option.
Set that option with the Python path used on the Windows CI machines.
This fixes a Meson warning with Meson >0.60.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Recently wrapdb updated pcre from 8.37 (released in 2015!) to the
current 8.45 release. There have been several security fixes between
those releases and currently a buffer overflow is being flagged by
ostree's oss-fuzz project where pcre is installed via wrapdb.
This change was generated by `meson wrap update pcre`.
It is not only shorter than `not meson.is_cross_build() or
meson.has_exe_wrapper()` but also handle the case of cross compiling to
a compatible arch such as building for i386 on an amd64.
Test the fuzzers with one arbitrary input each, to ensure that they work
at a very basic level.
This should catch regressions in each of the fuzzers without having to
wait for them to be picked up by oss-fuzz.
These tests can be run using `meson test --suite fuzzing`.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Rather than reallocating the string buffer a few times as more
components are added, use a default buffer size which should hopefully
accommodate most average URIs.
The buffer size is a guess and can be tweaked in future.
This has the advantage of no longer passing a potentially-`NULL`
`scheme` to `g_string_new()`, which should placate the static analysers,
which think that `g_string_new()` shouldn’t accept `NULL`.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Coverity CID: #1474691
`g_convert()` returns `NULL` iff it returns an error, but the static
analyser can’t quite work that out. Add an assertion to help.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Coverity CID: #1486844