If the XDG_RUNTIME_DIR environment variable is set, we are being told by
the OS that this directory exists and is appropriately configured
already. In the fallback case of ~/.cache/, however, the directory may
not yet exist.
Rework the logic of this function a little so that we only check for the
environment variable once. If it is not set, we will fall back to the
cache directory, and mkdir() it to make sure that it exists.
Meanwhile, remove a statement from the reference documentation that
promises a warning in this case (which has never been true) and replace
it with a statement that applications can rely on the directory
existing.
This change prevents each user of this API from having to check for the
directory for themselves; an example of that can be seen in bug 763274.
https://bugzilla.gnome.org/show_bug.cgi?id=763344
Previously, calling g_array_remove_range(array, 0, array->len) on an
empty array would result in a precondition failure in
g_array_remove_range(), as the given start index (0), was not strictly
less than the array length (0).
Allow the index to equal the array length, so that zero elements can be
removed from any array. A subsequent check makes sure that the array
length is not overflowed by the index + length.
https://bugzilla.gnome.org/show_bug.cgi?id=763339
Apparently whoever made the last tarball didn't have `--enable-systemtap`.
Disted files shouldn't depend on build flags.
Also, it is cathartic for me to say tarballs are dumb and we should
just be pulling from git which is what's canonically tracking what's
source code and what's not and we don't need to repeat ourself in
`Makefile.am`.
https://bugzilla.gnome.org/show_bug.cgi?id=762637
The scanning to find the end of a positional parameter designator in
GVariant text format (e.g. '%i') is currently broken in case the 'end'
pointer is not specified.
The scan is controlled by a somewhat complicated loop that needs to deal
properly with cases like (123, %(ii)) [where '%(ii)' is to be taken
together, but the final ')' not].
This loop missed the case where a format string passed to
g_variant_new_parsed() ended immediately after such a conversion, with a
nul character. In this case the 'end' pointer is NULL, so the only way
we can find the end is by scanning for nul in the string.
In case of g_variant_new_parsed() [which is what this code was designed
to be used for], the bug is somewhat unlikely in practice: the only way
that a valid text-form GVariant could ever contain a positional
parameter replacement at the end of the string is if this positional
parameter were the only thing being returned. In that case, the user
would likely have opted for a more direct approach.
Unfortunately, this code is also active in the tokenisation phase of
g_variant_parse(), before positional parameters are rejected as invalid
for that case. Anyone who calls this function with a nul-terminated
string (and no end pointer) is vulnerable to a crash from malicious user
input. This can be seen, at the very least with many commandline tools:
$ dconf write /x '%i'
Segmentation fault
We fix this problem by searching for the nul character in this case, in
addition to comparing the end pointer.
This problem is almost certainly limited to being able to cause crashes.
The loop in question only performs reads and, in the security-sensitive
case, the token will be quickly rejected after the loop is finished
(since it starts with '%' and the 'app' pointer is unset). This is
further mitigated by the fact that there are no known cases of GVariant
text format being used as part of a protocol at a privilege barrier.
The start_position arguments are passed to pcre_exec() as the
startoffset, which is in bytes (not characters).
I had recently a doubt about this, so it's better to document it.
https://bugzilla.gnome.org/show_bug.cgi?id=747927
Rather than calculating it at configure time. This means it can expand
$libdir properly, and use the Make $(realpath) function rather than
invoking the non-portable `readlink -f`.
This fixes problems where `readlink` would be called on an invalid path
(due to a variable not being expanded) and would evaluate to "", which
would then cause things to be installed in the wrong place.
https://bugzilla.gnome.org/show_bug.cgi?id=744772
Commit 855594c changed the expected error for the regex
/(?P<sub>foo)\g<sub/ for PCRE 8.38, but actually PCRE changed the error
raised by this invalid regex in 8.37, so we should check for the new error
from 8.37 and upwards.
Please see comments #21 and #22 of bug 740573 regarding this commit.
To be honest, i don't remember what problems were caused by it returning the
number of bytes it *wanted* to write instead of the number of bytes
it actually wrote. Probably related to the fact that fwrite could
independently fail, and ignoring its return value ignores that error.
https://bugzilla.gnome.org/show_bug.cgi?id=748064
PCRE 8.38 changed the parsing of this invalid regex. It still fails,
but with a different error (since PCRE r1539,
<http://vcs.pcre.org/pcre?view=revision&revision=1539>).
The regex /(?P<sub>foo)\g<sub/ used to raise MISSING_BACK_REFERENCE but
now raises MISSING_SUBPATTERN_NAME_TERMINATOR, so we can still have a
test for the latter.
Signed-off-by: Simon McVittie <smcv@debian.org>
Reviewed-by: Emmanuele Bassi <ebassi@gnome.org>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=759808
This causes several problems:
- Compilation in FreeBSD with --enable-gtk-doc broke
- Modules that still use the AM_GLIB_GNU_GETTEXT macro
doesnt compile anymore because /usr/share/glib-2.0/gettext
is not filled with the correct files, as this was done in
the glib custom po/Makefile.in.in
See https://bugzilla.gnome.org/show_bug.cgi?id=622991
This reverts commit e5c752371c.
Its documentation mentions that it logs a 'critical warning', but since
the macro implementation calls g_warn_message(), it does not log a
critical message, but a regular warning.
Bug 13403 introduced support for the non-POSIX variants of these APIs
found on a system called "DG/UX". Meanwhile, the complicated checks
here are breaking cross-builds on systems that we actually care about.
Remove the complicated checks and replace them with AC_CHECK_FUNCS.
Remove the resulting dead code from a couple of .c files.
https://bugzilla.gnome.org/show_bug.cgi?id=756475
Also get rid of the items regarding G_HAVE_*INLINE as they aren't used
anymore as they are removed from configure.ac.
Thanks to John Emmas and desrt for the earlier patch for getting
rid of the C4005 warnings.
We were trying to squeeze 64-bit test vectors into gsize, which is fine
on 64bit systems but doesn't work very well on 32-bit.
Change that to a guint64.
According to the C spec, any undefined identifier used in a #if
expression is taken to have a numerical value of zero.
Commit db2367e878 introduced an #i
statement which depended on this behaviour.
gcc has a -Wundef option which warns about depending on this behaviour,
and unfortunately there are projects that are using -Werror=undef in
builds that include our headers.
Adding a check for defined(__STDC_VERSION__) before using the macro is
enough to silence gcc.
It's been a long time since we've been unconditionally saying "static
inline" in GLib headers without complaints so it's safe to assume that
all compilers that we care about support this.
One thing that is not yet totally supported is the unadorned use of the
word "inline". Depending on the flags (-std=c89, for example), even GCC
will complain about this. Detect missing C99 support and define
"inline" to "__inline" in that case. Some research shows "__inline"
appears to be the most widely-supported keyword here, but we may need to
tweak this if we get some reports of breakage.
Clean up all of the configure checks around this and define G_CAN_INLINE
unconditionally. Unfortunately, we must assume that some people are
still using G_IMPLEMENT_INLINES, we must continue to implement that
(including undefining G_CAN_INLINE and redefining G_INLINE_FUNC) if
requested.
It is not our intent to break existing users of the old-style
G_INLINE_FUNC approach and if that has happened, we may need to make
some further adjustments.
https://bugzilla.gnome.org/show_bug.cgi?id=757374
gutils.h and gutils.c define three utility functions as inlines that are
also exported via the ABI. This is done via complicated G_INLINE_FUNC
and G_IMPLEMENT_INLINES logic.
In order to be able to remove this mess, we create a another convoluted
but slightly cleaner approach: write straight-up inline versions of the
functions named _impl() in the header. Define macros with the "public"
function names that call these inlines. From the .c file, export the
ABI versions of these functions, implemented using the _impl() version.
https://bugzilla.gnome.org/show_bug.cgi?id=757374
Deprecate GTrashStack and remove the inline implementations for the
functions. This will help us clean up the mess that is inline functions
in GLib.
Because of how G_INLINE_FUNC worked, we have these functions on our ABI,
so we must continue to export them as normal functions. We are safe to
remove the inline versions, however, because any existing binaries will
continue to carry them and any new builds will just start using the
non-inline versions.
https://bugzilla.gnome.org/show_bug.cgi?id=757374
Whole program optimization is enabled by default in visual studio
release builds, and this causes constructors (for e.g. resources) to be
optimized away as they are not referenced from elsewhere.
This works around this by some pragma magic.
https://bugzilla.gnome.org/show_bug.cgi?id=752837
Add various (nullable) and (optional) annotations which were missing
from a variety of functions. Also port a couple of existing (allow-none)
annotations in the same files to use (nullable) and (optional) as
appropriate instead.
Secondly, add various (not nullable) annotations as needed by the new
default in gobject-introspection of marking gpointers as (nullable). See
https://bugzilla.gnome.org/show_bug.cgi?id=729660.
This includes adding some stub documentation comments for the
assertion macro error functions, which weren’t previously documented.
The new comments are purely to allow for annotations, and hence are
marked as (skip) to prevent the symbols appearing in the GIR file.
https://bugzilla.gnome.org/show_bug.cgi?id=719966
It's a platform-specific macro, so it belongs in glibconfig.h.
This ensures that g-ir-scanner will not pick the wrong definition
for introspection.
https://bugzilla.gnome.org/show_bug.cgi?id=757294
Add some simple testcases for the new bounds-checked integer arithmetic
helpers.
Include a second build of the testcase to make sure we test the fallback
code even if we are on a compiler that supports the intrinsics.
https://bugzilla.gnome.org/show_bug.cgi?id=503096
Add some helpers for builds-checked unsigned integer arithmetic to GLib.
These will be based on compiler intrinsics where they are available,
falling back to standard manual checks otherwise.
The fallback case needs to be implemented as a function (which we do
inline) because we cannot rely on statement expressions. We also
implement the intrinsics case as an inline in order to avoid people
accidentally writing non-portable code which depends on static
evaluation of the builtin.
For now there is only support for addition and multiplication for guint,
guint64 and gsize. It may make sense to add support for subtraction or
for the signed equivalents of those types in the future if we find a use
for that.
https://bugzilla.gnome.org/show_bug.cgi?id=503096
Add a dummy definition for Clang's __has_builtin() macro. This will
allow us to use __has_builtin() unconditionally, in the same way as we
already do for __has_feature().
https://bugzilla.gnome.org/show_bug.cgi?id=503096
The Windows API function RtlGetVersion() is actually a function that is
decorated by WINAPI (i.e. __stdcall), so we need to correct this so that
the symbol can be loaded correctly from ntdll.dll, so that we won't crash as
a result. Should fix the crash due to stack overflow on 32-bit builds.
https://bugzilla.gnome.org/show_bug.cgi?id=756179
ntdef.h is a header that is normally only shipped with MinGW, not Visual
Studio, which broke the build in commit 975cb91. Fix this by including
winternl.h, which typedef's the NTSTATUS type in question on both Visual
Studio and MinGW/mingw-w64, as well as pre-2008 Visual Studio.
Clean up this inclusion part a little bit as well.
If we fail to PeekMessage or PostMessage we should make sure
that the output parameter bytes_read/written is set 0 instead
of being left uninitialized. This fixes an assertion in the io
channel call where the following invariant is checked:
(status == G_IO_STATUS_NORMAL) || (read_size == 0)
Ignore trailing whitespace when reading boolean values. Currently it is
very easy to manually edit a keyfile to be:
[section]
key=true_
Where '_' is a space character. g_key_file_get_boolean will read this value as
false and this is hard for a user to detect (it will be reported in GError
as an invalid value).
Trailing whitespace is ignored for numbers for the same reason. This was
fixed in 7a45dde4fe.
https://bugzilla.gnome.org/show_bug.cgi?id=664740
We were using the time() library call to get the current time from the
system in order to compare it to the time returned by
g_date_time_new_now().
Of course, we took care to ensure that the time (in seconds) didn't
change in the middle of this process by checking the before and after
value of the system time.
Unfortunately, the system time as measured by time() was being taken
from a less-accurate clock source than the time used by GDateTime. As a
result, we could have GDateTime already into the next second while the
"seconds" value of the time returned by time() was still in the last
one, even when checked "after".
Avoid the problem by using the same ultimate source for time --
g_get_real_time().
This is based on a similar patch from Iain Lane, but it uses
g_get_real_time() instead of g_get_current_time().
https://bugzilla.gnome.org/show_bug.cgi?id=754994
This function provides an O(1) check to determine if a sequence is empty.
Compare this to the two following alternatives to perform the same check.
O(h): if (0 == g_sequence_get_length (seq))
O(2h): if (g_sequence_get_begin_iter(seq) == g_sequence_get_end_iter(seq))
Where `h' is the height of the tree.
https://bugzilla.gnome.org/show_bug.cgi?id=756316
It updates it to the version c5d07ce91a8ad51591154450442fa4376441fdfa
As a difference with upstream we need to ensure:
* Include "g-gnulib.h" so the methods get the gnulib namespace.
* xsize.h uses G_MAXSIZE instead of SIZE_MAX and the methods are
marked as static inline.
* Some defines are named different from the ones in glib i.e
HAVE_LONG_LONG_INT is HAVE_LONG_LONG
All the unit tests pass properly with and without --enable-included-printf.
It has also been tested on Windows.
https://bugzilla.gnome.org/show_bug.cgi?id=756382
By default g_log_default_handler always assumes that stdout
and stderr are file descriptors 1 and 2. On Win32 this isn't
always the case as the win32 API functions AttachConsole and
freopen can be used to dynamically attach GUI applications to
a console and the file descriptors of stderr and stdout will
become different than 1 and 2.
Fix it by using fputs with the FILE directly instead of
using the file descriptors.
https://bugzilla.gnome.org/show_bug.cgi?id=692085
The VerifyVersionInfo() Win32 API has been deprecated in Windows 10, and
there is no direct replacement for it, except by using a lower-level
RtlGetVersion() that we aquire from the Windows DDK or from ntdll.dll.
Switch g_win32_check_windows_version() to use RtlGetVersion(), and
compare its results with the input parameters.
https://bugzilla.gnome.org/show_bug.cgi?id=756179
Some testutils external symbols are marked semi-internals, other
internals. It is not obvious what guarantees these symbols provide.
However, tests are now installable, and require the ABI stability
that glib provides for the rest of the symbols.
In my case, I would like to introduce g_assert* compat code for older
glib versions, and be able to use the so-called "internal" ABI.
I propose this change to the headers comments to explain the stability
guarantees. Removing the "internal" = you must not use this, in favor
of semi-internal = this is not documented.
https://bugzilla.gnome.org/show_bug.cgi?id=756077
In all these functions, group_name is guaranteed to be non-NULL by the
function preconditions, so there is no need to handle it as NULL when
building error messages. Remove some unnecessary string literals as a
result.
Coverity CID: 1325438–1325441
Copy the flatten-first logic from g_variant_get(), and for the same
reason: if the user is requesting a direct pointer access to a
tree-based child inside of argument to this function then that child
could disappear later.
Forcing serialisation means that the pointer will remain valid as long
as the passed-in instance exists, which is the usual expectation with
GVariant API.
https://bugzilla.gnome.org/show_bug.cgi?id=755374
Despite knowing about GError, there are multiple cases where developers
have still used traditional numeric error codes, and then got themselves
into a mess about bindability and generation of error messages.
Try and avoid this by including a brief paragraph on the benefits of
GError over EINVAL-style error codes.
https://bugzilla.gnome.org/show_bug.cgi?id=743011
This means that the top of the documentation can link forward to this
important section, and random people on the internet can link directly
to it on developer.gnome.org.
https://bugzilla.gnome.org/show_bug.cgi?id=743011
This reverts commit 662bf991c0. It is not
a straight up revert because the old commit involved various long since
removed ChangeLog files and we'd end up mudding the patch.
The system_header GCC pragma is breaking warnings in the various
g_return_* macros; GCC stopped warning when using a macro with a return
value in a function that returns void, as well as when using a macro
with no return value in a function that has a non-void return value.
Suppressing this kind of warnings is not a good idea.
Other compilers are unaffected, even ones like Clang with a GCC
compatibility layer.
Given the fact that the original commit was added 14 years ago as a
workaround in the old days of GTK+ 1.2, I think it's safe to drop it.
https://bugzilla.gnome.org/show_bug.cgi?id=753310
For all test cases where the text length is given as -1, also
call g_utf8_validate() with the actual string length to exercise
the known-length case. Unknown-length and known-length validation
use different code paths, but most of the tests only exercised with
unknown-length parameter.
https://bugzilla.gnome.org/show_bug.cgi?id=754924
A recent change permitted some characters from range 0x80-0xbf as
would-be valid sequence starters for length 2, as long as
continuation characters were OK.
https://bugzilla.gnome.org/show_bug.cgi?id=738504
