Commit Graph

19678 Commits

Author SHA1 Message Date
Philip Withnall
d2224b475d gvariant: Fix error handling for parsing Unicode escapes
When parsing an escaped Unicode character in a text format GVariant
string, such as '\U0001F415', the code uses g_ascii_strtoull(). This,
unexpectedly, accepts minus signs, which can cause an assertion failure
when input like '\u-FF4' is presented for parsing.

Validate that there are no leading sign characters when parsing.

This shouldn’t be considered a security bug, because the GVariant text
format parser should not be used on untrusted input.

oss-fuzz#11576

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-04 12:55:21 +00:00
Philip Withnall
ca328615c8 gvariant: Use gsize rather than gint for array lengths
This introduces no functional changes.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-04 12:54:39 +00:00
Philip Withnall
96acb49eb1 gstrfuncs: Clarify that g_ascii_string_to_unsigned() rejects signs
Unlike g_ascii_strtoull(), g_ascii_string_to_unsigned() does not permit
leading signs (`+` or `-`). Document that.

It’s already in the unit tests.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-04 12:53:52 +00:00
Philip Withnall
8d0a163000 gstrfuncs: Clarify that g_ascii_strtoull() accepts signed numbers
It’s perverse, but explicitly documented that strtoull() accepts numbers
with a leading minus sign (`-`) and explicitly casts them to signed
output.

g_ascii_strtoull() is documented to do what strtoull() does (but locale
independently), and its behaviour is correct. However, the documentation
could be a lot clearer about this unexpected behaviour.

Add a unit test for it too.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-04 12:51:09 +00:00
Tomasz Miąsko
8bfa45817e gdatetime: Avoid unnecessary conversions from ASCII to UTF-8 2018-12-04 13:34:33 +01:00
Tomasz Miąsko
bc59892b1a gdatetime: Store intermediate result of g_date_time_format in UTF-8
In date time formatting routine, instead of converting from UTF-8 to
locale charset and then from locale charset to UTF-8, store all
intermediate result in UTF-8.

This solves the issue where user provided UTF-8 format string might be
unrepresentable in the current locale charset.

Fixes issue #1605.
2018-12-04 13:34:18 +01:00
Nirbheek Chauhan
23ed6f4a50 Merge branch 'glib-mkenums-rspfile-support' into 'master'
glib-mkenums: Support reading @rspfiles for arguments

See merge request GNOME/glib!489
2018-12-04 10:58:23 +00:00
Nirbheek Chauhan
17316b2c16 glib-mkenums: Support reading @rspfiles for arguments
This is needed on Windows where the argument list can exceed the
maximum command-line length when lots of sources are passed to
glib-mkenums.
2018-12-04 16:16:00 +05:30
Emmanuel Fleury
ea3d9fbc69 Add new Linux Testing project version number to configure script 2018-12-04 10:48:24 +01:00
Philip Withnall
d4cc0b32fd Merge branch 'ci-locales' into 'master'
ci: Install additional locales used during tests

See merge request GNOME/glib!508
2018-12-03 13:50:05 +00:00
Tomasz Miąsko
ee9f5c5717 ci: Update docker image to master:v11 2018-12-03 14:11:30 +01:00
Philip Withnall
c1b2a38d5a Merge branch 'unset-language' into 'master'
tests: Unset LANGUAGE when running gdatetime tests

See merge request GNOME/glib!504
2018-12-03 11:26:55 +00:00
Tomasz Miąsko
521eba94b9 ci: Install additional locales used during tests
Note that this intentionally does not use glibc-all-langpacks
package since its contents is currently incomplete.
https://bugzilla.redhat.com/show_bug.cgi?id=1624528
2018-12-03 11:40:09 +01:00
Matej Urbančič
ad09bba9e4 Updated Slovenian translation 2018-12-02 18:03:32 +01:00
Tomasz Miąsko
69fbf3ed59 tests: Unset LANGUAGE when running gdatetime tests
In glibc, LANGUAGE is used as highest priority guess for category value.
Unset it to avoid interference with tests using setlocale and translation.

Issue #1357.
2018-11-29 23:35:54 +01:00
Christoph Reiter
4afc203b1f Merge branch 'win32-environ-case-sensitivity' into 'master'
genviron: make g_environ_* case-insensitive on Windows

See merge request GNOME/glib!500
2018-11-28 16:13:19 +00:00
Peter Wu
a51ab0a5ab genviron: make g_environ_* case-insensitive on Windows
g_environ_getenv(env, "PATH") and g_environ_setenv(env, "PATH", newpath)
did not have the intended effect on Windows due to the environment block
containing "Path=". Make these functions case-insensitive for Windows.
2018-11-28 11:04:48 +01:00
Xavier Claessens
4f3216d7c0 Merge branch 'nls' into 'master'
Meson: Add 'nls' option to disable translation

See merge request GNOME/glib!484
2018-11-27 14:32:25 +00:00
Philip Withnall
389087eb11 Merge branch '1600-g_timeout_add_seconds-overflow' into 'master'
Resolve "g_timeout_source_new_seconds overflows when given interval > (G_MAXUINT / 1000)"

Closes #1600

See merge request GNOME/glib!496
2018-11-27 10:53:20 +00:00
Will Thompson
4544dcb788
gmain: test far-future ready_time 2018-11-27 10:40:35 +00:00
Will Thompson
cdc2dd8eb1
gmain: clamp over-large timeouts
g_main_context_prepare() needs to calculate the timeout to pass to
poll(), expressed in milliseconds as a gint.  But since the ready time
for a GSource is represented by gint64 microseconds, it's possible that
it could be more than G_MAXINT * 1000 microseconds in the future, and so
can't be represented as a gint. This conversion to a narrower signed
type is implementation-defined, but there are two possible outcomes:

* the result is >= 0, in which case poll() will time out earlier than we
  might hope (with no adverse consequences besides an unwanted wakeup)
* the result is < 0, in which case, if there are no other sources,
  poll() will block forever

This is extremely unlikely to happen in practice, but can be avoided by
clamping the gint64 value, which we know to be positive, to G_MAXINT.

Thanks to Tomasz Miąsko for pointing this out on !496.
2018-11-27 10:36:20 +00:00
Will Thompson
6490fe7fe8
g_timeout_*_seconds: test an interval that overflowed
This is essentially a C version of the reproducer on #1600. It is based
on the existing test_seconds(), which relates to a similar but distinct
overflow.

I've only actually run this on a system with 32-bit ints, it should work
regardless of the width of an int, since the remainder after wrapping
will by construction be less than 1 second.
2018-11-27 10:36:20 +00:00
Matthias Clasen
98efd7e04d Merge branch 'application-replace' into 'master'
Application replace

See merge request GNOME/glib!250
2018-11-26 20:43:19 +00:00
Matthias Clasen
136f83eefd Add tests for --gapplication-replace
Test the GApplication replacement functionality.
2018-11-26 11:45:30 -05:00
Matthias Clasen
3a4b18f903 GApplication: Add a way to replace a unique instance
While uniqueness is great, sometimes you want to restart
a newer version of the same app. These two flags make that
possible.

We also add a ::name-lost signal, that is emitted when it
happens. The default handler for this signal just calls
g_application_quit(), but applications may want to connect
and do cleanup or state-saving here.
2018-11-26 11:45:29 -05:00
Will Thompson
4ff3734ff5
g_timeout_*_seconds: don't overflow for large intervals
Previously, the `guint interval` parameter, measured in seconds, was
multiplied by 1000 and stored in another `guint` field. For intervals
greater than (G_MAXUINT / 1000) seconds, this would overflow; the
timeout would fire much sooner than intended.

Since GTimeoutSource already keeps track of whether it was created at
millisecond or second resolution, always store the passed interval
directly. We later convert the interval to microseconds, stored in a
gint64, so can move the `* 1000` to there.

The eagle-eyed reader might notice that there is no obvious guarantee
that the source's expiration time in microseconds won't overflow the
gint64, but I don't think this is a new problem. Previously, the
monotonic time would have to reach (2 ** 63 - 2 ** 32) microseconds for
this overflow to occur; now it would have to reach approximately (2 **
63 - 2 ** 42) microseconds. Both of these are 292.47 millennia to 5
significant figures.

Fixes #1600.
2018-11-26 16:04:10 +00:00
António Fernandes
624e99b9d6 gunixmounts: Don't treat ZFS as a system internal fs
ZFS was originally added to the list of system internal filesystems by
commit 4cafadc955.

The rationale from https://bugzilla.gnome.org/show_bug.cgi?id=542156
doesn't seem very solid, and now we have x-gvfs-hide for this.

Also, this may contribute for trash:/// ignoring `{zfs mount path}/.Trash/`

So, remove zfs from the ignore_fs array.

Closes https://gitlab.gnome.org/GNOME/glib/issues/1599
2018-11-26 15:55:52 +00:00
Will Thompson
6debbbfd73
gio-test: use g_debug rather than #define VERBOSE 2018-11-26 15:47:14 +00:00
Will Thompson
b45d911cc6
gio-test: fix leak & maybe-uninitialized warning
GCC 8 on F29 complains:

../tests/gio-test.c: In function ‘main’:
../tests/gio-test.c:375:7: warning: ‘id’ may be used uninitialized in this function [-Wmaybe-uninitialized]
       g_free (id);
       ^~~~~~~~~~~

In the normal case, when run without arguments, 'id' will be assigned
exactly once, so all is fine. If run with argument '0', 'id' will never
be assigned, so the warning is legit; but in that case the test program
will never exit. If run with any argument greater than 1, 'id' will be
assigned more than once but only the last incarnation will be freed.

Tweak the scope of the variable to match its use, and arrange for it to
be freed when its watch is destroyed.
2018-11-26 15:46:54 +00:00
Philip Withnall
051c9ada8e Merge branch 'glib-as-subproject' into 'master'
Meson: Add missing include_directories when using glib as subproject

See merge request GNOME/glib!491
2018-11-26 14:29:24 +00:00
Emmanuele Bassi
4326d5e27d Merge branch '1498-distcheck' into 'master'
Various distcheck and docs fixes

Closes #1498

See merge request GNOME/glib!488
2018-11-26 11:49:36 +00:00
Philip Withnall
95844424ba Merge branch 'value-get-variant-annotation' into 'master'
g_value_get_variant: return value is transfer-none not transfer-full

See merge request GNOME/glib!492
2018-11-26 10:54:32 +00:00
Philip Withnall
8c9c9d92cc Merge branch '1014-gspawn-linux-threadsafety' into 'master'
gspawn: Fix g_spawn deadlock in a multi-threaded program on Linux

Closes #1014 and #945

See merge request GNOME/glib!490
2018-11-26 10:48:52 +00:00
Christoph Reiter
f73b9e29e1 g_value_get_variant: return value is transfer-none not transfer-full
It defaulted to transfer-full.
2018-11-25 13:05:54 +01:00
Xavier Claessens
93555577c5 Meson: Add missing include_directories when using glib as subproject
When using glib as subproject we are forced to pass glib_dep,
gobject_dep and gio_dep to any build target. If we pass only gio_dep it
will missing include directory for glib and gobject.
2018-11-24 20:52:01 -05:00
Emmanuele Bassi
8316ae2241 Merge branch 'non-atomic-init' into 'master'
gatomicrefcount: Make g_atomic_ref_count_init non-atomic

See merge request GNOME/glib!460
2018-11-25 00:52:56 +00:00
Peter Wu
f2917459f7 gspawn: Fix g_spawn deadlock in a multi-threaded program on Linux
opendir and closedir are not async-signal-safe, these may call malloc
under the hood and cause a deadlock in a multi-threaded program.
This only affected Linux when /proc is mounted, other systems use a
slower path that iterates through all potential file descriptors.
Fixes a long-standing problem (since GLib 2.14.2).

Closes #945 and #1014
2018-11-24 16:01:28 +01:00
Marek Cernocky
71bbe9f3e0 Updated Czech translation 2018-11-24 10:12:29 +01:00
Philip Withnall
2722e9b31b build: Add a missing file to CLEANFILES
No idea why this didn’t cause problems with distcheck before.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 17:17:39 +00:00
Emmanuele Bassi
c1e44fda69 Merge branch '1514-appinfo-test-failure' into 'master'
tests: Run appinfo tests with a temporary XDG_CONFIG_HOME

Closes #1514

See merge request GNOME/glib!487
2018-11-23 16:52:51 +00:00
Emmanuele Bassi
9c8166806c Merge branch 'ossfuzz-11120-dbus-message-types' into 'master'
gdbusmessage: Gracefully handle message signatures with invalid types

See merge request GNOME/glib!472
2018-11-23 16:37:36 +00:00
Philip Withnall
cf8a9d3ffc docs: Fix URIs in documentation comments
Putting the raw URIs in the documentation comments would not link them,
and the ‘%20’s in the URIs were being parsed by gtk-doc as symbol
references. Fix that by using Markdown to format them correctly as
links.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:31:03 +00:00
Philip Withnall
3f2a5ee1cc docs: Fix ‘Since’ line for new function to reference stable release
We only build API ‘since’ indexes for stable releases, so 2.59 needs to
be rounded up to 2.60.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:30:33 +00:00
Philip Withnall
79aead142f docs: Fix formatting of some literals and properties
Using `%` indicates that you’re linking to a symbol. In these cases we
wanted some nicely formatted literals, or a link to a specific property.
Use backticks for the literals, and link to the property fully.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:29:30 +00:00
Philip Withnall
e88c2d1ab5 docs: Fix a doubly-defined symbol in the GApplication documentation
Due to the line wrapping, gtk-doc was interpreting this second line as
redefining the @dbus_register documentation.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:28:29 +00:00
Philip Withnall
8736789855 docs: Fix some typos in GIO documentation comments
These were highlighted by warnings from gtk-doc about broken links.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:27:58 +00:00
Philip Withnall
a440152b2a docs: Ignore some generated header files
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:27:04 +00:00
Philip Withnall
82d28f07ed docs: Fix an invalid DocBook link in the GIO overview
<link> can only be used for links to DocBook IDs. <ulink> is for URI
links. (Why does it have to be this complex?)

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:26:50 +00:00
Philip Withnall
384aea2489 docs: Add some missing new symbols to the GIO documentation
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:25:48 +00:00
Philip Withnall
c20d9d0c84 docs: Ignore various GIO *_get_type() symbols
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-23 13:25:20 +00:00