Commit Graph

68 Commits

Author SHA1 Message Date
Philip Withnall
8da4fc17b9 gthreadedresolver: Fix leak on error path
Signed-off-by: Philip Withnall <pwithnall@gnome.org>

Fixes: #3236
2024-01-30 09:53:00 +00:00
Marco Trevisan (Treviño)
81068e5c00 gio: Use g_task_return_error_literal() where we don't need formatting 2023-12-20 16:14:57 +00:00
Luca Bacci
337912072a Windows: Compile with the UNICODE / _UNICODE macros
It's the recommended way to build C/C++ projects on Windows, see
https://learn.microsoft.com/en-us/windows/win32/intl/conventions-for-function-prototypes
2023-10-12 11:32:03 +02:00
Philip Withnall
82c764ce2e gthreadedresolver: Fix race between source callbacks and finalize
I had thought that because `g_source_destroy()` was called for the two
sources (cancel and timeout) in the `GTask` finalize function for a
threaded resolver operation, that it would be fine to use a plain
pointer in the source callbacks to point to the `GTask`.

That turns out to not be true: because the source callbacks are executed
in the GLib worker thread, and the `GTask` can be finalized in another
thread, it’s possible for a source callback (e.g. `cancelled_cb()`) to
be scheduled in the worker thread, then for the `GTask` to be finalized,
and then the source callback to continue execution and find itself
doing a use-after-free.

Fix that by using a weak ref to the `GTask` in the source callbacks,
rather than a plain pointer.

Signed-off-by: Philip Withnall <philip@tecnocode.co.uk>

Fixes: #3105
2023-09-11 16:02:15 +01:00
Philip Withnall
865cbe3714 gthreadedresolver: Remove some incorrect assertions
If a timeout executes on the same main context iteration as completion
or cancellation of a resolver lookup, `has_returned` will be set
multiple times. That’s fine (the `GCond` will be notified multiple
times, but that’s fine). It was triggering an incorrect assertion, so
remove that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 14:41:26 +01:00
Philip Withnall
ef08e8dd81 gthreadedresolver: Document design of GThreadedResolver
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
c3209f1d84 gthreadedresolver: Re-add cancellation and add timeout support
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
7b18e6205a gthreadedresolver: Switch to using a separate thread pool
Rather than running lookups in the global shared thread pool belonging
to `GTask`, run them in a private thread pool.

This is needed because the global shared thread pool is constrained to
only 14 threads. If there are 14 ongoing calls to
`g_task_run_in_thread()` from any library/code in the process, and then
one of them asks to do a DNS lookup, the lookup will block forever.

Under certain circumstances, particularly where there are a couple of
deep chains of dependent tasks running with `g_task_run_in_thread()`,
this can livelock the program.

Since `GResolver` is likely to be called as a frequent leaf call in
certain workloads, and in particular there are likely to be several
lookups requested at the same time, it makes sense to move resolver
lookups to a private thread pool.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
84074ce757 gthreadedresolver: Centralise GTask return handling in worker threads
This will make it simpler to handle timeouts and cancellation in future,
as all the logic for working out whether to return will all be in one
place, and all the lookup-specific code is now implemented in simple
sync functions which don’t need to care about `GTask`s.

This commit introduces no functional changes, it’s just setting up for
the following commit.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
694394207c gthreadedresolver: Combine closure structs for different lookup types
This introduces no functional changes, but will make a reorganisation of
the code simpler in the next commit.

Rather than dealing with three different closure types, this changes the
code to deal with one which is a tagged union of the three.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
6e499764e4 gthreadedresolver: Port to G_DECLARE_FINAL_TYPE
The class and its header are not public, so this should not be an API or
ABI break.

This just simplifies the code a little and allows for easy extension of
the object’s private data in future commits.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-27 12:23:25 +01:00
Philip Withnall
c256af1c2d gthreadedresolver: Add some additional debug prints
These make it a bit easier to track the ongoing resolver tasks, as the
tasks and/or their closures are not tracked in a big list somewhere.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2023-04-25 15:35:54 +01:00
Philip Withnall
09459fa44d gthreadedresolver: Comment on name expansion for SRV targets
See the commit contents. This clarifies the existing code’s behaviour
and doesn’t change it.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2622
2022-10-17 12:46:01 +01:00
Philip Withnall
5942cd7984 gio: Add SPDX license headers automatically
Add SPDX license (but not copyright) headers to all files which follow a
certain pattern in their existing non-machine-readable header comment.

This commit was entirely generated using the command:
```
git ls-files gio/*.[ch] | xargs perl -0777 -pi -e 's/\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/\n \*\n \* SPDX-License-Identifier: LGPL-2.1-or-later\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/igs'
```

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #1415
2022-05-18 09:18:52 +01:00
Loic Le Page
bd5d867320 Fix global variable name hidden by local variables in gio/gthreadedresolver.c 2022-04-01 00:18:40 +01:00
Philip Withnall
0d42af06e0 gthreadedresolver: Treat query and answer counts as unsigned
They can’t be negative.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
08dee06b59 gthreadedresolver: Limit length of each record to its stated rdlength
Rather than limiting them to the full length of the answer, which may
include subsequent records.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
023fab80f9 gthreadedresolver: Add error checking to all record parsing
This should catch all kinds of invalid records, and correctly report
them as errors.

Heavily based on work by Patrick Griffis in !2134.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
81193c5aac gthreadedresolver: Don’t warn on unrecognised record types
Otherwise the code isn’t forwards-compatible, and may be DOSed by
servers returning unknown records, if `G_DEBUG=fatal-warnings` is
enabled for some reason.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
2a7b4db243 gthreadedresolver: Expose g_resolver_record_type_to_rrtype()
So that it can be used in the tests.

It’s not part of the public, documented, supported API.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
8b73d7bbf9 gthreadedresolver: Handle error returns from dn_expand() in headers
It is possible for `dn_expand()` to fail; if so, it’ll return `-1`,
which will mess up subsequent parsing.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
263ca69da8 gthreadedresolver: Check header length when parsing response
Otherwise we could read off the end of an invalid response.

oss-fuzz#42538
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-03-22 12:40:12 +00:00
Philip Withnall
4d6da4457a gthreadedresolver: Tighten up types and constness of parsing code
Not everything should be an int. This code is quite dated. We now try to
use `guint8*` to represent arbitrary binary data, rather than `guchar*`
(which makes it sound like some form of string).

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-12-15 17:04:20 +00:00
Patrick Griffis
49e667d250 gthreadedresolver: Export g_resolver_records_from_res_query()
While it’s not a supported public part of the API, exporting this
symbol from the library means we can easily test the DNS record parser,
which is important to do since it handles untrusted data from the
network.
2021-12-15 16:55:01 +00:00
Clayton Craft
44277865da
gthreadedresolver: don't ignore flags in lookup_by_name_with_flags
This fixes a bug where the family flag was ignored in lookup_data_new,
causing the resolver to call getaddrinfo with no hints set when clearly
the family hint should have been set.
2021-04-30 23:20:02 -07:00
Peter Bloomfield
a3b5e188aa gthreadedresolver: Fix logic in parse_res_text()
and avoid a sign-compare warning.

Fixes #2209
2020-09-26 11:11:44 -04:00
Philip Withnall
b08bd04abe gtask: Improve task names used internally within GLib
And improve them externally, where not otherwise set, by setting them
from the function name passed to `g_task_set_source_tag()`, if called by
third party code.

This should make profiling and debug output from GLib more useful.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-07 11:17:10 +01:00
Philip Withnall
00bfb3ab44 tree: Fix various typos and outdated terminology
This was mostly machine generated with the following command:
```
codespell \
    --builtin clear,rare,usage \
    --skip './po/*' --skip './.git/*' --skip './NEWS*' \
    --write-changes .
```
using the latest git version of `codespell` as per [these
instructions](https://github.com/codespell-project/codespell#user-content-updating).

Then I manually checked each change using `git add -p`, made a few
manual fixups and dropped a load of incorrect changes.

There are still some outdated or loaded terms used in GLib, mostly to do
with git branch terminology. They will need to be changed later as part
of a wider migration of git terminology.

If I’ve missed anything, please file an issue!

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-12 15:01:08 +01:00
Philip Withnall
89416debb0 gresolver: Convert encoding of gai_strerror() return value
It returns a string in the libc locale, which is not necessarily UTF-8.
Convert that to UTF-8 before returning it to the caller.

Spotted by Tomasz Miąsko.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #1732
2019-03-22 13:32:14 +00:00
Philip Withnall
3a11213b68 gresolver: Don’t use gai_strerror() on Windows, as it isn’t threadsafe
Instead, use WSAGetLastError().

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1732
2019-03-21 11:51:37 +00:00
Philip Withnall
6e7e5fff9a gthreadedresolver: Fix initialisation on FreeBSD
res_ninit() requires the __res_state struct passed to it to be
zero-filled on FreeBSD.

Spotted and analysed by Ashish SHUKLA.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes #1697
2019-02-25 11:22:45 +00:00
Patrick Griffis
d6afa6c988 gresolver: Add g_resolver_lookup_by_name_with_flags{_async,_finish,}
This allows higher levels to have more control over resolving
(ipv4 or ipv6 for now) which allows for optimizations such
as requesting both in parallel as RFC 8305 recommends.
2018-12-11 16:09:29 -05:00
Olivier Crête
8e65417c6e docs: Change Bugzilla references to GitLab
Including modifications by Philip Withnall <withnall@endlessm.com>
2018-06-15 13:04:39 +01:00
Jehan
631035342d gio: C_IN is defined in recent Android headers.
C_IN macro was added years ago in bcbaf1bef0, using same value as the
internal code of Android with the reasonning that "some parts of the API
used by the resolver objects is not public in the Android NDK (yet)".
Well since then things are changed, since it is definitely available (at
least on the API 22 of Android which I am using) in the public header
arpa/nameser_compat.h.
Let's just add a #ifndef to handle both cases when you build with an
older or recent API.
2018-06-11 15:13:55 +02:00
Sebastian
e2c16df4b5 gthreadedresolver: Fix compilation with res_nclose() but no res_nquery()
Some very odd systems have the functions to initialise and destroy a
struct __res_state, but apparently not to do a DNS query using it. Fix
the compilation on those systems.

https://bugzilla.gnome.org/show_bug.cgi?id=794606
2018-03-26 10:49:25 +01:00
Philip Withnall
40be86bb0e gio: Port GThreadedResolver to use res_nquery() to fix thread-safety
res_query() uses global state in the form of the struct __res_state
which contains the contents of resolv.conf (and other things). On Linux,
this state seems to be thread-local, so there is no problem. On OS X,
however, it is not, and hence multiple res_query() calls from parallel
threads will compete and return bogus results.

The fix for this is to use res_nquery(), introduced in BIND 8.2, which
takes an explicit state argument. This allows us to manually store the
state thread-locally. If res_nquery() isn’t available, we fall back to
res_query(). It should be available on OS X though. As a data point,
it’s available on Fedora 27.

There’s a slight complication in the fact that OS X requires the state
to be freed using res_ndestroy() rather than res_nclose(). Linux uses
res_nclose().

(See, for example, the NetBSD man page:
https://www.unix.com/man-page/netbsd/3/res_ninit/. The Linux one is
incomplete and not so useful:
http://man7.org/linux/man-pages/man3/resolver.3.html.)

The new code will call res_ninit() once per res_nquery() task. This is
not optimal, but no worse than before — since res_query() was being
called in a worker thread, on Linux, it would implicitly initialise the
thread-local struct __res_state when it was called. We’ve essentially
just made that explicit. In practical terms, this means a
stat("/etc/resolv.conf") call per res_nquery() task.

In future, we could improve this by using an explicit thread pool with
some manually-created worker threads, each of which initialises a struct
__res_state on spawning, and only updates it on receiving
the #GResolver::reload signal.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://bugzilla.gnome.org/show_bug.cgi?id=792050
2018-02-02 18:05:27 +01:00
Daniel Macks
190f64a0fb Avoid setting unused variables (-Wself-assign)
Setting a variable and then assigning it to itself avoids
-Wunused-but-set-variable but this specific trick is now caught by
-Wself-assign. Instead, actually use the value or don't bother
assigning it at all:

gdbusauth.c: call g_data_input_stream_read_byte() in void context
gdbusauthmechanismsha1.c: value is actually used
gdbusmessage.c: use consistent preprocessor-token protection
gthreadedresolver.c: skip over bytes in data blob
httpd.c: do something useful with the value

https://bugzilla.gnome.org/show_bug.cgi?id=745723
2017-09-11 22:14:18 +01:00
Sébastien Wilmet
3bf4a720c3 gio/: LGPLv2+ -> LGPLv2.1+
Sub-directories inside gio/ already processed in a previous commit:
- fam/
- gdbus-2.0/ (which contains only codegen/)
- gvdb/
- inotify/
- tests/
- win32/
- xdgmime/

Other sub-directories inside gio/:
- completion/: no license headers
- kqueue/: not LGPL, BSD-style license

https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-29 19:53:34 +02:00
Piotr Drąg
10c490cdfe Use Unicode in translatable strings
See https://developer.gnome.org/hig/stable/typography.html

https://bugzilla.gnome.org/show_bug.cgi?id=772221
2016-10-12 21:30:42 +02:00
Philip Withnall
3613b7a366 gio: Add source tags to various GTasks constructed in GLib
This makes them easier to identify when debugging and profiling.

This patch was somewhat less than interesting to write.

https://bugzilla.gnome.org/show_bug.cgi?id=767765
2016-06-29 15:16:52 +01:00
Mike Frysinger
e5e08ebedb gthreadedresolver.c: Fix for Android 5.0+
https://bugzilla.gnome.org/show_bug.cgi?id=756477
2015-10-13 09:04:39 -04:00
Colin Walters
e55a953642 gthreadedresolver: Unref unexpected address
I don't believe any real app would hit this, but we do leak
if it occurs.

Spotted by static analysis.

https://bugzilla.gnome.org/show_bug.cgi?id=733576
2014-07-23 07:43:41 -04:00
Philip Withnall
956921e51f gresolver: Ensure GThreadedResolver always sets an error if resolution fails
It was previously possible for GThreadedResolver to return an empty list
and no error in response to a g_resolver_lookup_by_name() call, if it
happened that all the addresses returned by getaddrinfo() could not be
converted from native addresses to GSocketAddresses.

Fix that by setting a G_RESOLVER_ERROR_NOT_FOUND if the returned list is
empty.

https://bugzilla.gnome.org/show_bug.cgi?id=728776
2014-04-25 09:52:01 +01:00
Dan Winship
c565d645e9 gio: remove an unneeded pragma
ddf82a25 removed the use of non-literal format strings from
gthreadedresolver.c, but left the "#pragma GCC diagnostic ignored
-Wformat-nonliteral" behind.
2014-04-24 12:18:36 -04:00
Dan Winship
5575a3e9cb gio: don't accept nonstandard IPv4 "numbers-and-dots" addresses
In addition to the standard "192.168.1.1" format, there are numerous
legacy IPv4 address formats (such as "192.168.257",
"0xc0.0xa8.0x01.0x01", "0300.0250.0001.0001", "3232235777", and
"0xc0a80101"). However, none of these forms are ever used any more
except in phishing attempts. GLib wasn't supposed to be accepting
these addresses (neither g_hostname_is_ip_address() nor
g_inet_address_new_from_string() recognizes them), but getaddrinfo()
accepts them, and so the parts of gio that use getaddrinfo()
accidentally did accept those formats.

Fix GNetworkAddress and GResolver to reject these address formats.

https://bugzilla.gnome.org/show_bug.cgi?id=679957
2014-02-15 10:22:24 -05:00
Daniel Mustieles
078dbda148 Updated FSF's address 2014-01-31 14:31:55 +01:00
Ryan Lortie
ddf82a2576 [PATCH] Fix trivial non literal format uses
Based on a patch from Henrique Dante de Almeida <hdante@gmail.com>.

https://bugzilla.gnome.org/show_bug.cgi?id=691608
2013-12-08 14:22:51 -05:00
John Ralls
ab5aa2aa3a Fix the -Werror=format-nonliteral fixes for older GCCs
They don't allow that pragma inside functions.
2013-09-29 11:33:30 -07:00
John Ralls
09d83640a8 More -Werror=format-nonliteral fixes
This fixes the build with CLang.

https://bugzilla.gnome.org/show_bug.cgi?id=702516
2013-09-29 11:03:16 -04:00
Sebastian Dröge
bcbaf1bef0 Fix compilation on Android with the bionic C library
https://bugzilla.gnome.org/show_bug.cgi?id=689223
2013-04-16 13:24:26 +02:00