Commit Graph

30318 Commits

Author SHA1 Message Date
Michael Catanzaro
b9490a499a Merge branch '3366-menu-exporter-error-handling' into 'main'
gmenuexporter: Fix a NULL pointer dereference on an error handling path

Closes #3366

See merge request GNOME/glib!4073
2024-05-15 14:55:18 +00:00
Michael Catanzaro
412805357a Merge branch 'update-fedora-ci-image' into 'main'
ci: Update Fedora CI image to Fedora 39

See merge request GNOME/glib!4075
2024-05-15 14:27:02 +00:00
Philip Withnall
7a7137838e
gactiongroupexporter: Fix memory problems on an error handling path
Almost identically to the previous commit, fix a similar latent bug in
`g_dbus_connection_export_action_group()`, which was not ready to handle
the fledgling `GActionGroupExporter` being freed early on an error
handling path.

See the previous commit message for details of the approach.

This includes a unit test.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

Fixes: #3366
2024-05-15 14:00:09 +01:00
Philip Withnall
91fb6ea0e1 Merge branch 'docs-string-utils-header' into 'main'
docs: Fix string-utils paragraph heading

See merge request GNOME/glib!4068
2024-05-15 12:39:54 +00:00
Philip Withnall
21fa4ea91b
ci: Update Fedora CI image to Fedora 39
Fedora 37 is out of support so, as per our policy, update the CI image
to the oldest still-supported release, which is 39.

Update the mingw CI image too, as it’s built on top of the Fedora one.

Update the supported platforms documentation (and fix the Debian version
listed there to match what’s currently in CI, which is up to date).

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
2024-05-15 13:27:47 +01:00
Philip Withnall
aad1646e6f Merge branch 'structcleanup' into 'main'
Remove unused struct

See merge request GNOME/glib!4067
2024-05-15 12:19:38 +00:00
Philip Withnall
797f9c5157 Merge branch 'girepository-bitfield' into 'main'
girepository: Don't assume a bitfield has a fixed size

Closes #3355

See merge request GNOME/glib!4065
2024-05-15 11:53:51 +00:00
Philip Withnall
df2c5d925a
gmenuexporter: Fix a NULL pointer dereference on an error handling path
This latent bug wasn’t triggered until commit 3f30ec86c (or its
cherry-pick onto `glib-2-80`, 747e3af99, which was first released in
2.80.1).

That change means that `g_menu_exporter_free()` is now called on the
registration failure path by `g_dbus_connection_register_object()`
before it returns. The caller then tries to call `g_slice_free()` on the
exporter again. The call to `g_menu_exporter_free()` tries to
dereference/free members of the exporter which it expects to be
initialised — but because this is happening in an error handling path,
they are not initialised.

If it were to get any further, the `g_slice_free()` would then be a
double-free on the exporter allocation.

Fix that by making `g_menu_exporter_free()` robust to some of the
exporter members being `NULL`, and moving some of the initialisation
code higher in `g_dbus_connection_export_menu_model()`, and removing the
duplicate free code on the error handling path.

This includes a unit test.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

Fixes: #3366
2024-05-15 12:52:38 +01:00
Dr. David Alan Gilbert
1bc83f9495 Remove unused structs
gio/glocalfileinfo.c has a struct 'ThumbMD5Context'
that's been unused since
commit d013d46b98 ("Replace the copy-and-paste MD5 digest generation
with GChecksum.")
Remove it.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
2024-05-15 12:10:25 +01:00
Adam Sampson
ae33e87117 girepository: Don't assume a bitfield has a fixed size
The type used when declaring a bitfield member of a struct doesn't
affect the amount of space allocated for it - only whether it's signed
or unsigned. In standard C99 (6.2.7.1), only _Bool, signed int and
unsigned int or typedefs to them are allowed as bitfield types, but GCC
allows other integer types as an extension.

In this case, the GIBaseInfo and GIBaseInfoStack structs are meant to
have identical layout. However, type_is_embedded was declared as an
unsigned bitfield in the former and a uint32_t in the latter. This was
harmless on most platforms because the following member is an aligned
pointer, but (for example) on m68k-linux-gnu pointers only need to be
16-bit aligned, so GCC only allocates 16 bits for the bitfield.

Change the type in the declaration to unsigned int, and add an padding
bitfield following it to ensure there's space for 32 bits on all
platforms in the future.

Signed-off-by: Adam Sampson <ats@offog.org>
2024-05-15 12:09:21 +01:00
Matthijs Velsink
a8537918bc docs: Fix string-utils paragraph heading
Commit 425731f7 moved string utils docs to a Markdown file, but one of
the paragraph headings was left broken.
2024-05-15 12:07:44 +01:00
Emmanuele Bassi
34626188aa Merge branch 'fix-mp_limb_t-size' into 'main'
Fix several GCC 14 warnings to please msys2-mingw32 CI

See merge request GNOME/glib!4066
2024-05-15 10:52:14 +00:00
Philip Withnall
021d58b251
ci: Add a policy for how to deal with CI failures due to changes in msys2
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
2024-05-15 11:31:20 +01:00
Philip Withnall
375076fb81
tests: Fix transposed arguments to g_aligned_alloc()
Spotted by GCC 14’s `-Werror=calloc-transposed-args`. Thanks, GCC 14.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
2024-05-15 10:51:50 +01:00
Philip Withnall
edf1fd9fb3
tests: Ignore -Wdiscarded-qualifiers with volatile atomics tests
GCC 14 now emits this warning with the tests:
```
In file included from ../glib/gthread.h:34,
                 from ../glib/gasyncqueue.h:34,
                 from ../glib/glib.h:34,
                 from ../glib/tests/atomic.c:14:
../glib/tests/atomic.c: In function 'test_types':
../glib/gatomic.h:140:5: error: argument 2 of '__atomic_store' discards 'volatile' qualifier [-Werror=discarded-qualifiers]
  140 |     __atomic_store (gaps_temp_atomic, &gaps_temp_newval, __ATOMIC_SEQ_CST); \
      |     ^~~~~~~~~~~~~~
../glib/tests/atomic.c:139:3: note: in expansion of macro 'g_atomic_pointer_set'
  139 |   g_atomic_pointer_set (&vp_str_vol, NULL);
      |   ^~~~~~~~~~~~~~~~~~~~
cc1.exe: all warnings being treated as errors
```

I can’t think of a way to cast around this in the definition of
`g_atomic_pointer_set()` without making the behaviour worse (less type
safe) for modern non-volatile atomic variables.

We would like to strongly nudge users of GLib away from declaring atomic
variables as `volatile`, so letting another compiler warning be emitted
when they do is not the end of the world. As long as it doesn’t stop old
code compiling (without `-Werror`).

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
2024-05-15 10:33:35 +01:00
Philip Withnall
b9f9dd45f9 Merge branch 'wip/3v1n0/leak-fixes' into 'main'
tests: Fix various memory leaks and valgrind / ASAN errors

See merge request GNOME/glib!4059
2024-05-13 12:00:34 +00:00
Marco Trevisan (Treviño)
cbc5808545 vsaprintf: Use proper size for mp_limb_t to please msys2-mingw32 CI 2024-05-11 01:25:12 +02:00
Marco Trevisan (Treviño)
caf2f2fbda girepository/introspection: Set asan option only on address sanitizer
It's the only sanitizer failing when generating the introspection data
2024-05-10 04:16:17 +02:00
Marco Trevisan (Treviño)
f9cb8d59de glib/tests/mapping: Unref the mapped file on exit 2024-05-10 04:16:17 +02:00
Marco Trevisan (Treviño)
1d2d865f47 glib/tests/mapping: Check the exit status of the child process
In this way if it fails for some memory error we can track it
2024-05-10 04:16:17 +02:00
Marco Trevisan (Treviño)
f7b1ed1bf3 glib/tests/1bit-emufutex: Mark it as failing under ASAN 2024-05-10 04:16:17 +02:00
Marco Trevisan (Treviño)
d22e96aa72 glib/tests/assert-msg-test.py: Skip the GDB test under sanitizers 2024-05-10 04:16:17 +02:00
Marco Trevisan (Treviño)
aab0ff201b glib/tests/build: Support setting env variables for python tests 2024-05-10 02:44:07 +02:00
Marco Trevisan (Treviño)
486ad65535 gio/tests: Enable gsocketclient-slow under address santizer
The test can run properly, even though we won't do the right checks on
the preloaded library
2024-05-10 02:44:07 +02:00
Marco Trevisan (Treviño)
8032ba88d6 glib/tests/gutils-user-database: Ensure the test run under ASAN
It uses LD_PRELOAD that may break asan, so let's ignore asan load order
for now, even though that implies a partial test
2024-05-10 02:44:07 +02:00
Marco Trevisan (Treviño)
0eb6c85606 build: Define glib_sanitizers variable to easily get the sanitizers in use
It's an array containing the list of sanitizers in use, normally it
contains a value, but in some cases may have more than one (e.g.
'address' and 'undefined').

And so use it to avoid repeated checks
2024-05-10 02:15:52 +02:00
Marco Trevisan (Treviño)
c78d0ad514 girepository/introspection: Properly check for sanitizer value
The sanitizer option is set to 'none' when not used
2024-05-09 17:51:10 +02:00
Marco Trevisan (Treviño)
d544d409cb glib/tests/gutils-user-database: Add test dependency on preload library
We do preload the library but that's not set as test dependency and so
it may not be built
2024-05-09 17:51:10 +02:00
Marco Trevisan (Treviño)
84259c46fa gio/tests/subprocess: Skip the trapped test under ASAN since it uses ptrace
And as the sanitizer tells us, it doesn't support it
2024-05-09 17:51:10 +02:00
Marco Trevisan (Treviño)
19d7040047 glib/tests/unicode: Cleanup allocated old locale if tests is skipped 2024-05-09 17:51:08 +02:00
Marco Trevisan (Treviño)
5c84823342 gio/tests/gsettings: Cleanup allocated new locales 2024-05-09 17:25:56 +02:00
Marco Trevisan (Treviño)
ddfc8e2918 glocalfile: Trash, free values when done avoiding leaks on early returns
In glocalfile we're allocating some temporary strings but we don't free
them on early returns, so free them once done and unset the variables
to prevent them being used incorrectly.
2024-05-09 17:25:56 +02:00
Marco Trevisan (Treviño)
365411ea32 gio/tests/cancellable: Explain failure on GCancellableSource tests on valgrind
It looks like that finally also valgrind notices the same leaks as
address sanitizer does. It does it more randomly but it still happens,
so better to inform about until #2309 is resolved.
2024-05-09 17:25:56 +02:00
Philip Withnall
86dd02f487 Merge branch 'convert-bytes' into 'main'
Add g_converter_convert_bytes

See merge request GNOME/glib!4035
2024-05-09 15:03:56 +00:00
Matthias Clasen
0855968727 Add g_converter_convert_bytes
Add a utility api to apply a GConverter to data in memory.

Test included.
2024-05-09 15:03:55 +00:00
Marco Trevisan
3fca627241 Merge branch 'wip/3v1n0/valgrind-ignore-alternate-stack-contents-check' into 'main'
glib/tests/unix: Do not perform stack memory checks under valgrind

Closes #3337

See merge request GNOME/glib!4050
2024-05-09 14:54:46 +00:00
Marco Trevisan
8a5612440e Merge branch 'tests-build-fixes' into 'main'
Tests: Build fixes when running `meson test` without previous builds

See merge request GNOME/glib!4058
2024-05-09 14:27:38 +00:00
Marco Trevisan (Treviño)
3de5264f24 girrepository/tests: Add full gir dependencies on tests
Tests may have runtime dependencies that are related to the typelib
dependencies, so we need to satify them or the tests will fail at
runtime if we're not building their prerequisite for other reasons.

That's saying that the tests are currently failing when explicitly
running as standalone in meson.

Co-Authored-By: Philip Withnall <philip@tecnocode.co.uk>
2024-05-09 15:48:58 +02:00
Marco Trevisan (Treviño)
5aafaa0cc9 glib/tests/constructor: Add test dependency on constructor_lib
Otherwise we may build the test but not its dependent library
2024-05-09 15:48:32 +02:00
Marco Trevisan (Treviño)
c894e89720 glib/tests/unix: Do not perform stack memory checks under valgrind
When running the alternate stack tests under valgrind the stack memory
gets corrupted that we've initialized gets somehow corrupted and this
causes a read-error while reading the stack memory area.

No matter if we use instead malloc-allocated or mmap'ed memory areas,
the result is always the same: a memory error while reading it.

  Reading byte 2645
  Reading byte 2646
  Reading byte 2647
  Reading byte 2648
  ==46100== Invalid read of size 1

Now this memory is definitely stack-allocated and unless the valgrind
stack gets corrupted, there's no way it could have been removed.

I quite trust that this is some valgrind problem only though since no
other memory analyzer I've tried (memory sanitizer mostly) has
highlighted any issue with this.

As per this, since the main point of the test was just checking if
signals are delivered properly even when using an alternate stack, I
think that we can just safely run a simpler version of the test when
running under valgrind. This implies assuming that sigaltstack()
does what is supposed to do, without us double-checking it, but I guess
we can trust that (especially because we're still testing it when not
using valgrind).

Closes: #3337
2024-05-09 15:42:32 +02:00
Philip Withnall
651beec963 Merge branch 'wip/3v1n0/gmessage-arg0-leak-fix' into 'main'
gdbusmessage: Clean the cached arg0 when setting the message body

See merge request GNOME/glib!4057
2024-05-09 09:30:36 +00:00
Marco Trevisan (Treviño)
8966099e9b gdbusmessage: Clean the cached arg0 when setting the message body
We're now caching arg0 but such value is not cleared when a new body is
set as it's in the connection filter test cases where we've a leak as
highlighted by both valgrind and leak sanitizer
2024-05-08 22:56:24 +02:00
Philip Withnall
c1fdfeddab Merge branch 'wip/smcv/issue3353' into 'main'
gdbusconnection: Allow name owners to have the syntax of a well-known name

Closes #3353

See merge request GNOME/glib!4053
2024-05-08 14:46:08 +00:00
Simon McVittie
7d65f6c5a2 gdbusconnection: Allow name owners to have the syntax of a well-known name
In a D-Bus-Specification-compliant message bus, the owner of a well-known
name is a unique name. However, ibus has its own small implementation
of a message bus (src/ibusbus.c) in which org.freedesktop.IBus is
special-cased to also have itself as its owner (like org.freedesktop.DBus
on a standard message bus), and connects to that bus with the
G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION flag. The ability to do
this regressed when CVE-2024-34397 was fixed.

Relax the checks to allow the owner of a well-known name to be any valid
D-Bus name, even if it is not syntactically a unique name.

Fixes: 683b14b9 "gdbus: Track name owners for signal subscriptions"
Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/3353
Bug-Debian: https://bugs.debian.org/1070730
Bug-Debian: https://bugs.debian.org/1070736
Bug-Debian: https://bugs.debian.org/1070743
Bug-Debian: https://bugs.debian.org/1070745
Signed-off-by: Simon McVittie <smcv@debian.org>
2024-05-08 14:46:08 +00:00
Philip Withnall
db28af7da6 Merge branch 'mcatanzaro/3351' into 'main'
Correct installation directory of GVariant specification

Closes #3351

See merge request GNOME/glib!4049
2024-05-08 14:37:07 +00:00
Marco Trevisan
4623c960c1 Merge branch 'fix-gdbus-connection-test' into 'main'
gdbusconnection: Fix test signal subscription ordering

See merge request GNOME/glib!4051
2024-05-07 23:38:31 +00:00
Ray Strode
47866d252f gdbusconnection: Fix test signal subscription ordering
The test case assumes signals will dispatched in a different order than
they're subscribed. In fact, signals can be dispatched in any order,
and are often dispatched in order.

This commit reorders the subscriptions so they're in order, which is
more logical, and also changes the code to only exit the event loops
when there are no pending handlers ready to dispatch.
2024-05-07 18:45:45 -04:00
Michael Catanzaro
cd45ba8638 Correct installation directory of GVariant specification
548ec9f186 accidentally moved the GVariant
spec to the toplevel /usr/share/doc directory, which is surely not
right. Let's move it back into the glib-2.0 subdirectory.

It's debatable whether this is the best place to install the GVariant
specification, since it's not part of the gi-docgen docs, but surely
it's much better than not putting it in any subdirectory.

Fixes #3351
2024-05-07 14:24:38 -05:00
Marco Trevisan
cc5445ee04 Merge branch 'gapplication-error-path-leak' into 'main'
gapplication: Fix a small leak on an error handling path

See merge request GNOME/glib!4045
2024-05-07 17:09:34 +00:00
Philip Withnall
b9e655b4d4
gapplication: Fix a small leak on an error handling path
This was highlighted (but not introduced) by
0144feb41f. Previously the test coverage
didn’t cover this branch, I think.

`iter` was leaked, and at this point `parameter` had never been set, so
clearing it was unnecessary.

Signed-off-by: Philip Withnall <pwithnall@gnome.org>

Helps: #3349
2024-05-07 17:04:28 +01:00