Since tests/dconf-mock-gvdb.c has functions conflicting with the real
gvdb and it is intended for the former to override the latter in tests,
we have to make functions in gvdb library have weak bindings instead of
the default strong bindings to avoid duplicate symbol errors.
Fixes https://gitlab.gnome.org/GNOME/dconf/issues/47
It should not be unsigned. The type in the on-disk format is gint32, so
we need to return something at least as wide as that. However, we
should not expose the implementation detail that the on-disk format is
specifically gint32. Use a gsize, since that’s the normal type for array
lengths — but check that we’re not on a platform where (somehow) gsize
is smaller than gint32.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
glibc string.h declares memcpy() with attribute(nonnull(1,2)), causing
calls with NULL arguments to be treated as undefined behaviour.
This is consistent with ISO C99 and C11, which state that passing 0
to string functions as an array length does not remove the requirement
that the pointer to the array is a valid pointer.
gcc -fsanitize=undefined catches this while running OSTree's test suite.
Similarly, running the GLib test suite reports similar issues for
qsort(), memmove(), memcmp().
(This is a partial cherry-pick of commit e5ed410c8c from GLib.)
Signed-off-by: Simon McVittie <smcv@debian.org>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=775510
Reviewed-by: Colin Walters
GVDB is essentially part of GLib, so should have the same maintainer
list.
At least this way, it’s not just maintained by one absentee maintainer.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Drop gvdb_table_new_from_data() and add gvdb_table_new_from_bytes().
Since the underlying backingstore of a GvdbTable is now always
refcounted, drop the refcounting on GvdbTable itself.
The attempt at the simple method for preventing unbounded recursion
proved to be insufficient due to the existence of dconf databases in the
wild that violated the rule (leading to the entire content of the
database being scrapped). It also still had the ugly assert for less
than 64 levels of recursion that could have been hit by a determined
advisary.
gvdb_table_get_names() allows the dconf-service to do everything it
needs without the troubles associated with the walk approach.
Improve the robustness of gvdb-reader in two ways.
First: ensure that the result of gvdb_table_has_value() always agrees
with gvdb_table_get_value(). Those two could disagree in the case that
the value was recorded as existing but pointed to an out-of-bounds
region.
Second: prevent gvdb_table_walk() from getting stuck in finite loops due
to self-referential directories.
Our hashing of non-ASCII strings was undefined due to the fact that
'char' is signed on some platforms, unsigned on others. Always use a
signed char.
Discovered by Alexander Larsson.
https://bugzilla.gnome.org/show_bug.cgi?id=658806
