Replacing file destination will also remove a symlink in case the user has moved the
real file to another location. Fix this by removing G_FILE_CREATE_REPLACE_DESTINATION flag.
See also: https://gitlab.gnome.org/GNOME/epiphany/issues/198
It worked when I first wrote it, but I broke it during the late stages
of code review. str is already freed here, so this is a use-after-free
vulnerability for starters. It also causes the file saved to be always
empty.
It's confused both myself and Jan-Michael, when reviewing my changes to
this code. It's weird for the serialize function to take ownership of
the passed FileBuilder. Don't do that.
We can also add a convenience free function.
I'm not auditing all the public functions in this file for precondition
checks, but since I'm adding an async version of this function, it
makes sense to ensure there are matching checks for the sync version.
This is just an async version of gvdb_table_write_contents().
Future work: someone could write an async version of gvdb_table_new(),
then sync I/O would no longer be required to construct a GvdbTable.
glibc string.h declares memcpy() with attribute(nonnull(1,2)), causing
calls with NULL arguments to be treated as undefined behaviour.
This is consistent with ISO C99 and C11, which state that passing 0
to string functions as an array length does not remove the requirement
that the pointer to the array is a valid pointer.
gcc -fsanitize=undefined catches this while running OSTree's test suite.
Similarly, running the GLib test suite reports similar issues for
qsort(), memmove(), memcmp().
(This is a partial cherry-pick of commit e5ed410c8c from GLib.)
Signed-off-by: Simon McVittie <smcv@debian.org>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=775510
Reviewed-by: Colin Walters
Our hashing of non-ASCII strings was undefined due to the fact that
'char' is signed on some platforms, unsigned on others. Always use a
signed char.
Discovered by Alexander Larsson.
https://bugzilla.gnome.org/show_bug.cgi?id=658806
