Commit Graph

1730 Commits

Author SHA1 Message Date
Philip Withnall
2f91caf77e tests: Add a basic test for require-same-user D-Bus auth flag
It’s not feasible to test that the require-same-user flag can cause
authentication to fail, as that would require the build environment to
have two users available. We can, however, test that it passes when
authenticating a client and server running under the same user account.

I have manually tested that the new flag works, by running the following
as user A:
```
`$prefix/gdbus-daemon --print-env &`
gdbus call --session --dest org.freedesktop.DBus --object-path /org/freedesktop/DBus --method org.freedesktop.DBus.ListNames
```

And then running the `gdbus call` command again as user B (with the same
value for `DBUS_SESSION_BUS_ADDRESS` in the environment), which
produces:
```
Error connecting: Unexpected lack of content trying to read a line
```
(an authentication rejection)

Commenting out the use of
`G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER` from
`gdbusdaemon.c`, the `gdbus call` command succeeds for both users.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-02-11 16:12:40 +00:00
Philip Withnall
a1db705bc2 Merge branch 'wip/gdbus-flags-from-the-future' into 'master'
gdbus: Reject attempts to set future connection or server flags

See merge request GNOME/glib!1934
2021-02-11 11:53:13 +00:00
Philip Withnall
68ce7a28e1 tests: Add tests for key name handling in the keyfile backend
This tests the two recent commits.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-02-10 22:10:00 +00:00
Simon McVittie
ba25c8a770 gdbus: Reject attempts to set future connection or server flags
The GDBusConnectionFlags and GDBusServerFlags can affect how we carry
out authentication and authorization, either making it more or less
restrictive, so it's desirable to "fail closed" if a program is compiled
against a new version of GLib but run against an old version.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-02-08 13:35:16 +00:00
Simon McVittie
df4501316c tls-interaction: Add test coverage for various ways to set the password
Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-02-08 10:22:48 +00:00
Philip Withnall
73b293fd30 gio: Use g_memdup2() instead of g_memdup() in obvious places
Convert all the call sites which use `g_memdup()`’s length argument
trivially (for example, by passing a `sizeof()`), so that they use
`g_memdup2()` instead.

In almost all of these cases the use of `g_memdup()` would not have
caused problems, but it will soon be deprecated, so best port away from
it.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2319
2021-02-04 14:13:21 +00:00
Sebastian Dröge
e6f506a92c Merge branch 'fix/unix-stream-pollable-detection' into 'master'
gunix: Fix {Input,Output}Stream pollable detection

Closes #1180

See merge request GNOME/glib!1846
2021-02-02 10:46:52 +00:00
Ole André Vadla Ravnås
d7ee70c013 gunix: Fix {Input,Output}Stream pollable detection
For devices such as PTYs, where not being able to cancel a pending read
operation is problematic for many applications.

Fixes: #1180
2021-02-02 11:11:53 +01:00
Simon McVittie
f378352051 tests: Mark tests with AddressSanitizer-detected leaks
Various tests have leaks where it isn't clear whether the data is
intentionally not freed, or leaked due to a bug. If we mark these
tests as TODO, we can skip them under AddressSanitizer and get the
rest to pass, giving us a baseline from which to avoid regressions.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-02-01 11:19:59 +00:00
Simon McVittie
5685546ab1 gio: Don't run gsocketclient-slow test under sanitizers
AddressSanitizer, UndefinedBehaviourSanitizer and probably others
involve adding instrumentation into the code under test, which doesn't
go well with LD_PRELOAD modules that absolutely need to be
self-contained.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-02-01 10:44:35 +00:00
Simon McVittie
5b476d0d9c socket-service test: Don't leak writev vectors
Detected by AddressSanitizer.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-01-29 20:26:02 +00:00
Simon McVittie
de87bcf7ff gdbus-serialization: Don't leak string containing first serialization
We format the message into a string twice, once for each byte-order,
but only return the one corresponding to the last byte-order to the
caller. This means we need to free the first one.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-01-28 21:39:23 +00:00
Sebastian Dröge
fdc192f460 Merge branch 'fix/darwin-nosigpipe-regression' into 'master'
gsocket: Fix SO_NOSIGPIPE regression on Darwin

See merge request GNOME/glib!1894
2021-01-27 07:35:04 +00:00
Frederic Martinsons
d890b1ce5f Extend dbus watching name tests:
- use watcher auto start flag.
  - use watch_name_on_connection_with_closures.
  - use an existing service name for auto start.

Closes #2011

Signed-off-by: Frederic Martinsons <frederic.martinsons@sigfox.com>
2021-01-25 15:00:12 +01:00
Francesco Tamagni
f6ce5739f8 gsocket: Fix SO_NOSIGPIPE regression on Darwin
Where the early call to g_socket_set_option() fails because of
check_socket() failing due to `inited` still being FALSE.

This brings 634b692 back into working order, by fixing the regression
introduced in 39f047e.

Co-authored-by: Ole André Vadla Ravnås <oleavr@gmail.com>
2021-01-21 21:17:24 +01:00
Philip Withnall
8bdd7438e5 Merge branch '968-add-gdbus-obj-path-escape' into 'master'
Add g_dbus_utils_object_path_escape and g_dbus_utils_object_path_unescape

Closes #968

See merge request GNOME/glib!1871
2021-01-20 13:23:25 +00:00
MARTINSONS Frederic
47355c358d Add g_dbus_utils_object_path_escape and g_dbus_utils_object_path_unescape
These two APIs are useful to publish an object which path content is not
controlled (e.g. dynamically built or coming from external source).

Closes #968

(Rebased and tweaked by Frederic Martinsons)

Signed-off-by: Frederic Martinsons <frederic.martinsons@sigfox.com>
2021-01-20 13:23:24 +00:00
Philip Withnall
b6a1fa47fe Merge branch 'settings-test-cleanups' into 'master'
Various memory leak cleanups to GSettings tests

See merge request GNOME/glib!610
2021-01-20 13:15:26 +00:00
Philip Withnall
5cafd748e3 tests: Remove incorrect unref from tls-bindings tests
`g_tls_backend_get_default()` does not return a reference to the
backend, so don’t drop one.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-01-20 12:51:41 +00:00
Philip Withnall
98274e09de tests: Free GSettingsBackend singleton at end of gsettings tests
This makes the tests a whole lot closer to being valgrind-clean, and
revealed a few legitimate memory leaks in amongst the noise caused by
keeping the singleton GSettingsBackend around for the lifetime of the
process.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2021-01-20 12:51:41 +00:00
Krzesimir Nowak
a2525129a7 tests: Update the expected count in file test
We added another desktop file, so update the file count.
2021-01-09 16:00:50 +01:00
Krzesimir Nowak
cdf0a50c69 gdesktopappinfo: Fix validation of XDG_CURRENT_DESKTOP
Split out XDG_CURRENT_DESKTOP handling to a separate function and make
sure that it drops all the invalid entries properly. Earlier a bad
entry could slip through the checks by sitting just after another bad
entry, like in env being set to `invalid1!:invalid2!`, where
`invalid2!` could slip the checks.
2021-01-09 15:39:09 +01:00
Philip Withnall
d90d914fc5 tests: Add more debug information to gdbus-connection-slow
It occasionally fails in CI with output like:
```
196/274 glib:gio / gdbus-connection-slow        FAIL     0.54 s (killed by signal 6 SIGABRT)

--- command ---
G_TEST_BUILDDIR='/builds/pwithnall/glib/_build/gio/tests' G_TEST_SRCDIR='/builds/pwithnall/glib/gio/tests' GIO_MODULE_DIR='' /builds/pwithnall/glib/_build/gio/tests/gdbus-connection-slow
--- stdout ---
\# random seed: R02S4eb186e89e2472eedd11538b37192543
1..2
\# Start of gdbus tests
\# Start of connection tests
Bail out! GLib-GIO:ERROR:../gio/tests/gdbus-connection-slow.c:98:test_connection_flush: assertion failed (error == NULL): Child process killed by signal 11 (g-exec-error-quark, 19)
--- stderr ---
**
GLib-GIO:ERROR:../gio/tests/gdbus-connection-slow.c:98:test_connection_flush: assertion failed (error == NULL): Child process killed by signal 11 (g-exec-error-quark, 19)
cleaning up pid 12991
```

which is not very helpful. Add some more debug output to print the
stdout and stderr of the child process, to hopefully give an insight
into why it’s dying with signal 11 (sigsegv).

I can’t reproduce the sigsegv locally.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-01-07 17:55:21 +00:00
Ole André Vadla Ravnås
9ac3a27f03 gsocket: Fix credentials error-handling on Apple OSes
- When querying a TCP socket, getsockopt() may succeed but the resulting
  `optlen` will be zero. This means we'd previously be reading
  uninitialized stack memory in such cases.
- After a file-descriptor has gone through FD-passing, getsockopt() may
  fail with EINVAL. At least this is the case with TCP sockets.
- While at it also use SOL_LOCAL instead of hard-coding its value.
2021-01-04 12:29:47 +00:00
Emmanuel Fleury
76426c0158 Rewriting the G_GNUC_NORETURN into G_NORETURN macros everywhere 2020-11-25 11:34:05 +00:00
Sebastian Dröge
fa8a39c6c6 Merge branch 'py-fixes' into 'master'
Python formatting improvements

See merge request GNOME/glib!1757
2020-11-20 18:10:40 +00:00
Philip Withnall
f4607def16 tests: Drop unnecessary volatile qualifiers from tests
These variables were already (correctly) accessed atomically. The
`volatile` qualifier doesn’t help with that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
7f905ff1fa tests: Fix non-atomic access to some shared variables
And drop the `volatile` qualifier from the variables, as that doesn’t
help with thread safety.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
fab561f8d0 gobject: Drop use of volatile from get_type() macros
http://isvolatileusefulwiththreads.in/c/

It’s possible that the variables here are only marked as volatile
because they’re arguments to `g_once_*()`. Those arguments will be
modified in a subsequent commit.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
f936bba0d1 tests: Improve validity of binary GDBusMessage parsing tests
These tests were originally written using the output directly from a
fuzzer which had triggered the bugs we’re testing for. However, that
means they’re liable to no longer test what they’re intended to test if
the `GDBusMessage` parsing code is changed to (for example) check for
certain errors earlier in future.

It’s better to only have one invalidity in each binary blob, so change
the test messages to all be valid apart from the specific thing they’re
testing for.

The changes were based on reading the D-Bus specification directly:
https://dbus.freedesktop.org/doc/dbus-specification.html

During these changes I found one problem in
`test_message_parse_deep_header_nesting()` where it wasn’t actually
nesting variants in the header deeply enough to trigger the bug it was
supposed to be testing for. Fixed that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1963
2020-11-18 13:19:13 +00:00
Philip Withnall
d270b6c3db py: Various flake8 cleanups
None of these are particularly significant, but they do get the CI
output clean.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-11-17 15:50:07 +00:00
Philip Withnall
905b22a17e py: Reformat all Python files consistently
This commit is the unmodified results of running
```
black $(git ls-files '*.py')
```
with black version 19.10b0. See #2046.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-11-17 15:50:07 +00:00
Frederic Martinsons
e817a049f0 Correct shellcheck errors (and ignore world splitting when we want it)
Signed-off-by: Frederic Martinsons <frederic.martinsons@sigfox.com>
2020-11-15 17:34:27 +01:00
Sebastian Dröge
728c591d76 Merge branch '1560-converter-zero-size' into 'master'
gresource: Fix handling of zero-sized compressed resource entries

Closes #1560

See merge request GNOME/glib!1752
2020-11-14 21:35:18 +00:00
Philip Withnall
353020928c gresource: Fix handling of zero-sized compressed resource entries
The zlib `GConverter` can’t handle an output buffer of size 0.

Add tests.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1560
2020-11-14 19:03:18 +00:00
Niels De Graef
6fa5c13c30 gio, glib: Use g_assert_cmpstrv where it makes sense 2020-11-14 18:17:32 +00:00
Simon McVittie
f53aaeac9f gio/tests/gsettings: Assert that temporary directory ends up empty
If there are stray files left over, g_rmdir() will fail with ENOTEMPTY.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:26:01 +00:00
Simon McVittie
782c1b424e gio/tests/gsettings: Assert that g_chmod succeeds
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:59 +00:00
Simon McVittie
3f9f7da0f1 gio/tests/gsettings: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:22 +00:00
Simon McVittie
3468369625 gio/tests/appmonitor: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:05 +00:00
Simon McVittie
b3b4ad4f94 gio/tests/live-g-file: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:20:53 +00:00
Simon McVittie
e5cee9ce5a gio/tests/gdbus-peer: Exercise fds attached to a large message
This incidentally also exercises the intended pattern for sending fds in
a D-Bus message: the fd list is meant to contain exactly those fds that
are referenced by a handle (type 'h') in the body of the message, with
numeric handle value n corresponding to g_unix_fd_list_peek_fds(...)[n].

Being able to send and receive file descriptors that are not referenced by
a handle (as in OpenFile here) is a quirk of the GDBus API, and while it's
entirely possible in the wire protocol, other D-Bus implementations like
libdbus and sd-bus typically don't provide APIs that make this possible.

Reproduces: https://gitlab.gnome.org/GNOME/glib/-/issues/2074
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-28 12:03:59 +00:00
Michael Catanzaro
1d28fd530c Fix race in socketclient-slow test
This test ensures that g_socket_client_connect_to_host_async() fails if
it is cancelled, but it's not cancelled until after 1 millisecond. Our
CI testers are hitting that race window, and Milan is able to reproduce
the crash locally as well. Switching it from 1ms to 0ms is enough for
Milan to avoid the crash, but not enough for our CI, so let's move the
cancellation to a GSocketClientEvent callback where the timing is
completely deterministic.

Hopefully fixes #2221
2020-10-26 14:18:06 +00:00
Sergio Costas
c12762a091 GSubprocessLauncher: allow to close passed FDs
By default, when using g_subprocess_launcher_take_fd() to pass an
FD to a child, the GSubprocessLauncher object also takes ownership
of the FD in the parent, and closes it during finalize(). This is
a reasonable assumption in the majority of the cases, but sometimes
it isn't a good idea.

An example is when creating a GSubprocessLauncher in JavaScript:
here, the destruction process is managed by the Garbage Collector,
which means that those sockets will remain opened for some time
after all the references to the object has been droped. This means
that it could be not possible to detect when the child has closed
that same FD, because in order to make that work, both FDs
instances (the one in the parent and the one in the children) must
be closed. This can be a problem in, as an example, a process that
launches a child that communicates with Wayland using an specific
socket (like when using the new API MetaWaylandClient).

Of course, it isn't a valid solution to manually call close() in
the parent process just after the call to spawn(), because the FD
number could be reused in the time between it is manually closed,
and when the object is destroyed and closes again that FD. If that
happens, it will close an incorrect FD.

One solution could be to call run_dispose() from Javascript on the
GSubprocessLauncher object, to force freeing the resources.
Unfortunately, the current code frees them in the finalize()
method, not in dispose() (this is fixed in !1670 (merged) ) but it
isn't a very elegant solution.

This proposal adds a new method, g_subprocess_launcher_close(),
that allows to close the FDs passed to the child. To avoid problems,
after closing an FD with this method, no more spawns are allowed.

Fix: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1677
2020-10-12 20:29:48 +02:00
Maxim Mikityanskiy
094eca7076 gio: Expose g_file_build_attribute_list_for_copy
Expose a function that prepares an attribute query string to be passed
to g_file_query_info() to get a list of attributes normally copied with
the file. This function is used by the implementation of
g_file_copy_attributes, and it's useful if one needs to split
g_file_copy_attributes into two stages, for example, when nautilus does
a recursive move of a directory. When files are moved from the source
directory, its modification time changes. To preserve the mtime on the
destination directory, it has to be queried before moving files and set
after doing it, hence these two stages.

Signed-off-by: Maxim Mikityanskiy <maxtram95@gmail.com>
2020-10-06 10:16:49 +01:00
Patrick Griffis
f9fc29f0b7 gtlscertificate: Add support for PKCS #11 backed certificates
This reverts commit d58e5de9e9.
2020-10-01 17:09:04 +01:00
Simon McVittie
38a2aed5f0 GDBus: Use G_DBUS_METHOD_INVOCATION_HANDLED in method implementations
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-01 16:32:50 +01:00
Simon McVittie
500d065f3d GDBus tests: Use G_SOURCE_REMOVE, G_SOURCE_CONTINUE
The meaning of the boolean result of a GSource function is clearer if
we use these aliases.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-01 16:32:50 +01:00
Philip Withnall
b43fb9cbfb guri: Fix URI scope parsing
The previous parsing code could read off the end of a URI if it had an
incorrect %-escaped character in.

Fix that, and more closely implement parsing for the syntax defined in
RFC 6874, which is the amendment to RFC 3986 which specifies zone ID
syntax.

This requires reworking some network-address tests, which were
previously treating zone IDs incorrectly.

oss-fuzz#23816

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-09-30 19:39:30 +01:00
Carlos Garnacho
cf85241aba tests: Add splice cancellation test
This doesn't trigger the cancellation assertion issue when run locally
(the task didn't return yet, so the error is simply overwritten), but
perhaps it ever does in CI. Anyhow, it's good to have a cancellation
test.
2020-08-28 11:38:51 +02:00