Commit Graph

23263 Commits

Author SHA1 Message Date
Philip Withnall
dec66d325f docs: Add a policy for handling security issues
This also gives details of how to report a security issue, including the
key point that merge requests are (unfortunately) not confidential.

Heavily based on the flatpak security policy which just landed:
https://github.com/flatpak/flatpak/blob/master/SECURITY.md

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-11 17:38:51 +00:00
Philip Withnall
b3384e5797 2.67.6
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-11 16:52:09 +00:00
Hugo Carvalho
cdfa8a627d Update Portuguese translation 2021-03-11 14:48:08 +00:00
Emmanuele Bassi
327ea4e30d Merge branch '2327-mkenums-version-macros' into 'master'
glib-mkenums: Parse and skip deprecation/availability annotations

Closes #2327

See merge request GNOME/glib!1984
2021-03-11 14:40:57 +00:00
Fran Dieguez
f1b2909e04 Update Galician translation 2021-03-11 14:21:56 +00:00
Philip Withnall
c92d9dc267 enums: Add missing GLIB_AVAILABLE_ENUMERATOR_IN_2_68 annotations
In the 2.68 cycle we’d added 3 new enumerator elements. Due to the
preceding commit, they can now be annotated with
`GLIB_AVAILABLE_ENUMERATOR_IN_2_68`, which will make it a bit easier for
third party projects to notice when they’re using these symbols without
having bumped their GLib dependency.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2327
2021-03-11 13:37:49 +00:00
Philip Withnall
856aeba9e4 glib-mkenums: Parse and skip deprecation/availability annotations
Teach `glib-mkenums` how to parse and ignore:
 - `GLIB_AVAILABLE_ENUMERATOR_IN_x_xx`
 - `GLIB_DEPRECATED_ENUMERATOR_IN_x_xx`
 - `GLIB_DEPRECATED_ENUMERATOR_IN_x_xx_FOR(x)`

Future work could expose the deprecation/availability information as
substitutions in the template file, but this commit does not do that.

It does, however, add some unit tests for the annotations.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2327
2021-03-11 13:37:49 +00:00
Sebastian Dröge
db0ec9528e Merge branch '2328-file-new-empty-path' into 'master'
glocalvfs: Create a dummy file for g_file_new_for_path("")

Closes #2328

See merge request GNOME/glib!1983
2021-03-11 09:42:19 +00:00
Tim Sabsch
3cf65c4989 Update German translation 2021-03-10 19:57:52 +00:00
Guillaume Bernard
f041188bbd Update French translation 2021-03-10 19:41:52 +00:00
Philip Withnall
519bdf665b Merge branch 'work-out-libutil-soname-at-build-time' into 'master'
gio/tests/{meson.build,pollable.c}: Determine libutil SONAME at build time

See merge request GNOME/glib!1977
2021-03-10 19:35:18 +00:00
Asier Sarasua Garmendia
e72c235734 Update Basque translation 2021-03-10 19:10:57 +00:00
Philip Withnall
d52728f994 glocalvfs: Create a dummy file for g_file_new_for_path("")
`""` is not a valid path (`stat()` on it returns `ENOENT`). Previously,
a full `GLocalFile` was being created, which ended up resolving to
`$CWD`, through path canonicalisation. That isn’t right.

Fix it by creating a `GDummyFile` instead, and adding a unit test.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2328
2021-03-10 19:10:38 +00:00
Philip Withnall
628e1c5893 gdummyfile: Return NULL from get_basename() if no path is stored
Rather than returning a URI, which definitely won’t be a valid basename.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #2328
2021-03-10 19:10:04 +00:00
Philip Withnall
c80528f17b Merge branch '2325-symlink-replace-file' into 'master'
Resolve "file-roller symlink attack"

Closes #2325

See merge request GNOME/glib!1981
2021-03-10 18:42:33 +00:00
Iain Lane
373e46c2b2
gio/tests/{meson.build,pollable.c}: Determine libutil SONAME at build time
Calling `dlopen()` with `libutil.so` makes the installed tests depend on
having glibc's development files installed. To avoid this, we can work
out the runtime library name at build time and `dlopen` that instead.

This approach is [taken from libfprint][1], thanks to Marco Trevisan.

[1]: f401f399a8
2021-03-10 18:04:17 +00:00
Philip Withnall
8f57a5b9ad ci: Set localstatedir to the system directory on FreeBSD CI machines
These changes were missing from commit 62cc3158e9 and broke CI on
FreeBSD.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 17:55:51 +00:00
Philip Withnall
57a53ec964 gioerror: Add conversion from ENXIO to G_IO_ERROR_NOT_REGULAR_FILE
`ENXIO` can be returned from `open(2)` for special files (FIFOs, device
files and domain sockets) which are not backed by anything.

This fixes the error returned by `g_file_replace()` when trying to
replace such a file, so that it now matches the documentation.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 17:55:51 +00:00
Philip Withnall
730015a8ed tests: Add comprehensive tests for static behaviour of g_file_replace()
These test all the functionality and combinations of flags I can think
of. They do not cover dynamic behaviour (for example, what would happen
if the source file is deleted by another process part-way through a call
to `g_file_replace()`).

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 17:55:51 +00:00
Philip Withnall
ac505e88c4 glocalfileoutputstream: Add a missing O_CLOEXEC flag to replace()
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 17:55:51 +00:00
Philip Withnall
87e19535fe glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION with symlinks
The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking
the destination file and re-creating it from scratch. That did
previously work, but in the process the code would call `open(O_CREAT)`
on the file. If the file was a dangling symlink, this would create the
destination file (empty). That’s not an intended side-effect, and has
security implications if the symlink is controlled by a lower-privileged
process.

Fix that by not opening the destination file if it’s a symlink, and
adjusting the rest of the code to cope with
 - the fact that `fd == -1` is not an error iff `is_symlink` is true,
 - and that `original_stat` will contain the `lstat()` results for the
   symlink now, rather than the `stat()` results for its target (again,
   iff `is_symlink` is true).

This means that the target of the dangling symlink is no longer created,
which was the bug. The symlink itself continues to be replaced (as
before) with the new file — this is the intended behaviour of
`g_file_replace()`.

The behaviour for non-symlink cases, or cases where the symlink was not
dangling, should be unchanged.

Includes a unit test.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2325
2021-03-10 17:55:51 +00:00
Philip Withnall
a5f1f1e47c glocalfileoutputstream: Factor out a flag check
This clarifies the code a little. It introduces no functional changes.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 16:05:55 +00:00
Philip Withnall
5f2eae1156 tests: Stop using g_test_bug_base() in file tests
Since a following commit is going to add a new test which references
Gitlab, so it’s best to move the URI bases inside the test cases.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 16:02:35 +00:00
Philip Withnall
d523ed4543 glocalfileoutputstream: Fix a typo in a comment
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-10 16:02:35 +00:00
Daniel Mustieles
098bd29fe7 Updated Spanish translation 2021-03-10 12:47:52 +01:00
Kukuh Syafaat
b3c00135b1 Update Indonesian translation 2021-03-10 10:12:46 +00:00
Balázs Úr
64473e7b80 Update Hungarian translation 2021-03-10 01:06:53 +00:00
Anders Jonsson
7ae5db749b Update Swedish translation 2021-03-09 21:27:18 +00:00
Jordi Mas
a882fd4fb0 Update Catalan translation 2021-03-09 20:16:30 +01:00
Yuri Chornoivan
bba0b7c7bd Update Ukrainian translation 2021-03-09 16:51:14 +00:00
Rafael Fontenelle
d811e7df73 Update Brazilian Portuguese translation 2021-03-09 15:13:34 +00:00
Sebastian Dröge
f5bb3c353d Merge branch 'suppressions' into 'master'
glib.supp: Add another system thread suppression

See merge request GNOME/glib!1980
2021-03-09 13:00:11 +00:00
Sebastian Dröge
0dc86cded2 Merge branch 'machine-id-test' into 'master'
Validate D-Bus machine ID after loading

See merge request GNOME/glib!1962
2021-03-09 12:49:51 +00:00
Sebastian Dröge
40573a8b8b Merge branch 'fix-glib-genmarshal-empty-output' into 'master'
glib-genmarshal: close output file

Closes #2341

See merge request GNOME/glib!1978
2021-03-09 12:47:22 +00:00
Sebastian Dröge
5968425fe4 Merge branch 'fix-access-rights-for-directory-monitoring-on-win32' into 'master'
Use the right permissions for directory watching on Win32

Closes gimp#4594

See merge request GNOME/glib!1976
2021-03-09 12:46:37 +00:00
Sebastian Dröge
e401825d77 Merge branch 'fix-gbitlock-asm' into 'master'
gbitlock.c: replace remaining 'asm' with '__asm__'

Closes #2344

See merge request GNOME/glib!1979
2021-03-09 12:44:29 +00:00
Philip Withnall
60de03b86a glib.supp: Add another system thread suppression
This mirrors the existing `calloc()` suppression for that code path.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-09 12:34:39 +00:00
Marek Černocký
c9adc4921a Updated Czech translation 2021-03-08 15:20:57 +01:00
Rūdolfs Mazurs
6065b53e3b Update Latvian translation 2021-03-07 17:59:56 +00:00
Changwoo Ryu
1a4f903880 Update Korean translation 2021-03-06 18:12:59 +00:00
Aleksandr Mezin
d18bdef42d gbitlock.c: replace remaining 'asm' with '__asm__'
Commit 2330f7e65e changed 'asm' to '__asm__' in
g_bit_lock and g_bit_trylock.

Replace 'asm' with '__asm__' in the remaining functions.

Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2344
2021-03-04 04:39:27 +06:00
Aleksandr Mezin
f346b9c8ce glib-genmarshal: close output file
Close output file to ensure all buffered output actually gets written.

Otherwise, glib-genmarshal output is sometimes empty (for example, when trying
to build gdk-pixbuf on Windows, with Meson installed from .msi package).

argparse.FileType doesn't get closed automagically when the script exits:
https://bugs.python.org/issue13824

Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2341
2021-03-03 12:24:29 +06:00
Мирослав Николић
14c9fc79ac Update Serbian translation 2021-03-02 21:16:14 +00:00
Aleksandr Mezin
19106af47f data-to-c.py: autodetect line endings
When GLib code is checked out with Windows line endings (happens on Windows),
data-to-c.py embedded that line endings into generated string literal. And
then they translated to double newlines in glib-compile-resources output.

clang-cl failed to compile such files because of empty lines in the middle of
multiline macros:

    #define G_MSVC_CTOR(_func,_sym_prefix) \

      static void _func(void); \

To fix the issue, enable 'universal newlines' mode when reading the input in
data-to-c.py - translate both '\n' and '\r\n' to '\n'.

Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2340
2021-03-01 23:59:34 +06:00
Philip Withnall
ef41cc28b4 ci: Ensure the machine-id is set on the Fedora CI image
Run `systemd-machine-id-setup` when creating the image, so that
`/etc/machine-id` is created with a valid ID. Since systemd isn’t
started when running the CI image with podman/Docker, it’s not created
otherwise. This causes some tests to fail.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:55:03 +00:00
Philip Withnall
da50de9b30 ci: Include details of machine ID in CI output
Include the size of the `machine-id` file, but not the value itself as
that is sensitive for non-throwaway machines. What’s most useful for
debugging CI problems is knowing whether, and where, the `machine-id` is
set.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:54:09 +00:00
Philip Withnall
62cc3158e9 ci: Set localstatedir to the system directory on CI machines
So the tests can access `/var/lib/dbus/machine-id`. This is not a
behaviour change relative to older behaviour on CI.

In future, it might make more sense to revert this commit and change the
CI scripts so they symlink
`/home/user/glib-installed/var/lib/dbus/machine-id` to the system
machine ID; or ensure that `/etc/machine-id` exists on all the CI
machines. That’s too complicated to do right now though.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:44:20 +00:00
Philip Withnall
05ff2f877c gdbusprivate: Stop hard-coding path to /var/lib
This will require distributions to ensure they pass
`--localstatedir=/var` correctly to Meson, but they should be doing that
already.

See https://mesonbuild.com/Builtin-options.html#directories for details
about how Meson treats `localstatedir` differently from most other `dir`
variables.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:44:20 +00:00
Philip Withnall
daa62a35e1 gdbusprivate: Validate machine ID after loading it
It’s unlikely that the machine ID will be invalid (it’s system
configuration), but it would be helpful to not propagate invalid IDs
further, since a lot of things rely on it.

It’s not easy to test this (it requires factoring out the code so it can
be used from a test program, or allowing it to load a machine ID from a
custom path), so I haven’t added unit tests. I’ve tested manually by
overriding the loaded machine ID.

Coverity CID: #1430944

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:44:20 +00:00
Philip Withnall
ea19358039 gdbusprivate: Simplify some variable initialisations
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-03-01 13:44:20 +00:00