diff --git a/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch b/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch deleted file mode 100644 index 5bfd8ba..0000000 --- a/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch +++ /dev/null @@ -1,170 +0,0 @@ -From ee502dbbe89a5976c32eb8863c9a9d274ddb60e1 Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Mon, 14 Oct 2019 08:47:39 +0100 -Subject: [PATCH] GDBus: prefer getsockopt()-style credentials-passing APIs - -Conceptually, a D-Bus server is really trying to determine the credentials -of (the process that initiated) a connection, not the credentials that -the process had when it sent a particular message. Ideally, it does -this with a getsockopt()-style API that queries the credentials of the -connection's initiator without requiring any particular cooperation from -that process, avoiding a class of possible failures. - -The leading '\0' in the D-Bus protocol is primarily a workaround -for platforms where the message-based credentials-passing API is -strictly better than the getsockopt()-style API (for example, on -FreeBSD, SCM_CREDS includes a process ID but getpeereid() does not), -or where the getsockopt()-style API does not exist at all. As a result -libdbus, the reference implementation of D-Bus, does not implement -Linux SCM_CREDENTIALS at all - it has no reason to do so, because the -SO_PEERCRED socket option is equally informative. - -This change makes GDBusServer on Linux more closely match the behaviour -of libdbus. - -In particular, GNOME/glib#1831 indicates that when a libdbus client -connects to a GDBus server, recvmsg() sometimes yields a SCM_CREDENTIALS -message with cmsg_data={pid=0, uid=65534, gid=65534}. I think this is -most likely a race condition in the early steps to connect: - - client server - connect - accept - send '\0' <- race -> set SO_PASSCRED = 1 - receive '\0' - -If the server wins the race: - - client server - connect - accept - set SO_PASSCRED = 1 - send '\0' - receive '\0' - -then everything is fine. However, if the client wins the race: - - client server - connect - accept - send '\0' - set SO_PASSCRED = 1 - receive '\0' - -then the kernel does not record credentials for the message containing -'\0' (because SO_PASSCRED was 0 at the time). However, by the time the -server receives the message, the kernel knows that credentials are -desired. I would have expected the kernel to omit the credentials header -in this case, but it seems that instead, it synthesizes a credentials -structure with a dummy process ID 0, a dummy uid derived from -/proc/sys/kernel/overflowuid and a dummy gid derived from -/proc/sys/kernel/overflowgid. - -In an unconfigured GDBusServer, hitting this race condition results in -falling back to DBUS_COOKIE_SHA1 authentication, which in practice usually -succeeds in authenticating the peer's uid. However, we encourage AF_UNIX -servers on Unix platforms to allow only EXTERNAL authentication as a -security-hardening measure, because DBUS_COOKIE_SHA1 relies on a series -of assumptions including a cryptographically strong PRNG and a shared -home directory with no write access by others, which are not necessarily -true for all operating systems and users. EXTERNAL authentication will -fail if the server cannot determine the client's credentials. - -In particular, this caused a regression when CVE-2019-14822 was fixed -in ibus, which appears to be resolved by this commit. Qt clients -(which use libdbus) intermittently fail to connect to an ibus server -(which uses GDBusServer), because ibus no longer allows DBUS_COOKIE_SHA1 -authentication or non-matching uids. - -Signed-off-by: Simon McVittie -Closes: https://gitlab.gnome.org/GNOME/glib/issues/1831 ---- - gio/gcredentialsprivate.h | 18 ++++++++++++++++++ - gio/gdbusauth.c | 27 +++++++++++++++++++++++++-- - 2 files changed, 43 insertions(+), 2 deletions(-) - -diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h -index 06f0aed19..e9ec09b9f 100644 ---- a/gio/gcredentialsprivate.h -+++ b/gio/gcredentialsprivate.h -@@ -81,6 +81,18 @@ - */ - #undef G_CREDENTIALS_SPOOFING_SUPPORTED - -+/* -+ * G_CREDENTIALS_PREFER_MESSAGE_PASSING: -+ * -+ * Defined to 1 if the data structure transferred by the message-passing -+ * API is strictly more informative than the one transferred by the -+ * `getsockopt()`-style API, and hence should be preferred, even for -+ * protocols like D-Bus that are defined in terms of the credentials of -+ * the (process that opened the) socket, as opposed to the credentials -+ * of an individual message. -+ */ -+#undef G_CREDENTIALS_PREFER_MESSAGE_PASSING -+ - #ifdef __linux__ - #define G_CREDENTIALS_SUPPORTED 1 - #define G_CREDENTIALS_USE_LINUX_UCRED 1 -@@ -100,6 +112,12 @@ - #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred)) - #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 - #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 -+/* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API -+ * is getpeereid(), which is not as informative as struct cmsgcred - -+ * it does not tell us the PID. As a result, libdbus prefers to use -+ * SCM_CREDS, and if we implement getpeereid() in future, we should -+ * do the same. */ -+#define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1 - - #elif defined(__NetBSD__) - #define G_CREDENTIALS_SUPPORTED 1 -diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c -index 752ec23fc..14cc5d70e 100644 ---- a/gio/gdbusauth.c -+++ b/gio/gdbusauth.c -@@ -31,6 +31,7 @@ - #include "gdbusutils.h" - #include "gioenumtypes.h" - #include "gcredentials.h" -+#include "gcredentialsprivate.h" - #include "gdbusprivate.h" - #include "giostream.h" - #include "gdatainputstream.h" -@@ -969,9 +970,31 @@ _g_dbus_auth_run_server (GDBusAuth *auth, - - g_data_input_stream_set_newline_type (dis, G_DATA_STREAM_NEWLINE_TYPE_CR_LF); - -- /* first read the NUL-byte */ -+ /* read the NUL-byte, possibly with credentials attached */ - #ifdef G_OS_UNIX -- if (G_IS_UNIX_CONNECTION (auth->priv->stream)) -+#ifndef G_CREDENTIALS_PREFER_MESSAGE_PASSING -+ if (G_IS_SOCKET_CONNECTION (auth->priv->stream)) -+ { -+ GSocket *sock = g_socket_connection_get_socket (G_SOCKET_CONNECTION (auth->priv->stream)); -+ -+ local_error = NULL; -+ credentials = g_socket_get_credentials (sock, &local_error); -+ -+ if (credentials == NULL && !g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED)) -+ { -+ g_propagate_error (error, local_error); -+ goto out; -+ } -+ else -+ { -+ /* Clear the error indicator, so we can retry with -+ * g_unix_connection_receive_credentials() if necessary */ -+ g_clear_error (&local_error); -+ } -+ } -+#endif -+ -+ if (credentials == NULL && G_IS_UNIX_CONNECTION (auth->priv->stream)) - { - local_error = NULL; - credentials = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (auth->priv->stream), --- -2.23.0 - diff --git a/SOURCES/0001-Use-atomic-reference-counting-for-GSource.patch b/SOURCES/0001-Use-atomic-reference-counting-for-GSource.patch deleted file mode 100644 index 4ad90a5..0000000 --- a/SOURCES/0001-Use-atomic-reference-counting-for-GSource.patch +++ /dev/null @@ -1,170 +0,0 @@ -From 2bad3cb3bf8f0cc3f45057061f9a538ecf7742b6 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Thu, 14 Feb 2019 17:46:33 +0200 -Subject: [PATCH 1/5] Use atomic reference counting for GSource - -If attached to a context already it would use a mutex instead but at -least before that the reference counting is not thread-safe currently. ---- - glib/gmain.c | 50 +++++++++++++++----------------------------------- - 1 file changed, 15 insertions(+), 35 deletions(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index 26e68823d..5b91c3117 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -374,15 +374,6 @@ typedef struct _GSourceIter - #define SOURCE_DESTROYED(source) (((source)->flags & G_HOOK_FLAG_ACTIVE) == 0) - #define SOURCE_BLOCKED(source) (((source)->flags & G_SOURCE_BLOCKED) != 0) - --#define SOURCE_UNREF(source, context) \ -- G_STMT_START { \ -- if ((source)->ref_count > 1) \ -- (source)->ref_count--; \ -- else \ -- g_source_unref_internal ((source), (context), TRUE); \ -- } G_STMT_END -- -- - /* Forward declarations */ - - static void g_source_unref_internal (GSource *source, -@@ -977,10 +968,10 @@ g_source_iter_next (GSourceIter *iter, GSource **source) - */ - - if (iter->source && iter->may_modify) -- SOURCE_UNREF (iter->source, iter->context); -+ g_source_unref_internal (iter->source, iter->context, TRUE); - iter->source = next_source; - if (iter->source && iter->may_modify) -- iter->source->ref_count++; -+ g_source_ref (iter->source); - - *source = iter->source; - return *source != NULL; -@@ -994,7 +985,7 @@ g_source_iter_clear (GSourceIter *iter) - { - if (iter->source && iter->may_modify) - { -- SOURCE_UNREF (iter->source, iter->context); -+ g_source_unref_internal (iter->source, iter->context, TRUE); - iter->source = NULL; - } - } -@@ -1135,7 +1126,7 @@ g_source_attach_unlocked (GSource *source, - - source->context = context; - source->source_id = id; -- source->ref_count++; -+ g_source_ref (source); - - g_hash_table_insert (context->sources, GUINT_TO_POINTER (id), source); - -@@ -1675,7 +1666,7 @@ g_source_set_funcs (GSource *source, - { - g_return_if_fail (source != NULL); - g_return_if_fail (source->context == NULL); -- g_return_if_fail (source->ref_count > 0); -+ g_return_if_fail (g_atomic_int_get (&source->ref_count) > 0); - g_return_if_fail (funcs != NULL); - - source->source_funcs = funcs; -@@ -2050,19 +2041,9 @@ g_source_set_name_by_id (guint tag, - GSource * - g_source_ref (GSource *source) - { -- GMainContext *context; -- - g_return_val_if_fail (source != NULL, NULL); - -- context = source->context; -- -- if (context) -- LOCK_CONTEXT (context); -- -- source->ref_count++; -- -- if (context) -- UNLOCK_CONTEXT (context); -+ g_atomic_int_inc (&source->ref_count); - - return source; - } -@@ -2078,12 +2059,11 @@ g_source_unref_internal (GSource *source, - GSourceCallbackFuncs *old_cb_funcs = NULL; - - g_return_if_fail (source != NULL); -- -+ - if (!have_lock && context) - LOCK_CONTEXT (context); - -- source->ref_count--; -- if (source->ref_count == 0) -+ if (g_atomic_int_dec_and_test (&source->ref_count)) - { - TRACE (GLIB_SOURCE_BEFORE_FREE (source, context, - source->source_funcs->finalize)); -@@ -2107,20 +2087,20 @@ g_source_unref_internal (GSource *source, - { - /* Temporarily increase the ref count again so that GSource methods - * can be called from finalize(). */ -- source->ref_count++; -+ g_atomic_int_inc (&source->ref_count); - if (context) - UNLOCK_CONTEXT (context); - source->source_funcs->finalize (source); - if (context) - LOCK_CONTEXT (context); -- source->ref_count--; -+ g_atomic_int_add (&source->ref_count, -1); - } - - if (old_cb_funcs) - { - /* Temporarily increase the ref count again so that GSource methods - * can be called from callback_funcs.unref(). */ -- source->ref_count++; -+ g_atomic_int_inc (&source->ref_count); - if (context) - UNLOCK_CONTEXT (context); - -@@ -2128,7 +2108,7 @@ g_source_unref_internal (GSource *source, - - if (context) - LOCK_CONTEXT (context); -- source->ref_count--; -+ g_atomic_int_add (&source->ref_count, -1); - } - - g_free (source->name); -@@ -3201,7 +3181,7 @@ g_main_dispatch (GMainContext *context) - } - } - -- SOURCE_UNREF (source, context); -+ g_source_unref_internal (source, context, TRUE); - } - - g_ptr_array_set_size (context->pending_dispatches, 0); -@@ -3440,7 +3420,7 @@ g_main_context_prepare (GMainContext *context, - for (i = 0; i < context->pending_dispatches->len; i++) - { - if (context->pending_dispatches->pdata[i]) -- SOURCE_UNREF ((GSource *)context->pending_dispatches->pdata[i], context); -+ g_source_unref_internal ((GSource *)context->pending_dispatches->pdata[i], context, TRUE); - } - g_ptr_array_set_size (context->pending_dispatches, 0); - -@@ -3788,7 +3768,7 @@ g_main_context_check (GMainContext *context, - - if (source->flags & G_SOURCE_READY) - { -- source->ref_count++; -+ g_source_ref (source); - g_ptr_array_add (context->pending_dispatches, source); - - n_ready++; --- -2.31.1 - diff --git a/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch b/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch deleted file mode 100644 index 7a2aea3..0000000 --- a/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch +++ /dev/null @@ -1,56 +0,0 @@ -From d7233ef81e575e84d831414605ba6368394d88b5 Mon Sep 17 00:00:00 2001 -From: Colin Walters -Date: Mon, 15 Oct 2018 21:50:31 +0000 -Subject: [PATCH] build-sys: Pass CFLAGS to $(DTRACE) - -Fedora is using https://fedoraproject.org/wiki/Changes/Annobin -to try to ensure that all objects are built with hardening flags. -Pass down `CFLAGS` to ensure the SystemTap objects use them. ---- - gio/Makefile.am | 2 +- - glib/Makefile.am | 2 +- - gobject/Makefile.am | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/gio/Makefile.am b/gio/Makefile.am -index fc0b91855..05b20cdef 100644 ---- a/gio/Makefile.am -+++ b/gio/Makefile.am -@@ -896,7 +896,7 @@ gio_probes.h: gio_probes.d - < $@.tmp > $@ && rm -f $@.tmp - - gio_probes.lo: gio_probes.d -- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ -+ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ - - BUILT_SOURCES += gio_probes.h gio_probes.lo - CLEANFILES += gio_probes.h gio_probes.h.tmp -diff --git a/glib/Makefile.am b/glib/Makefile.am -index 90d33d082..39163aa7f 100644 ---- a/glib/Makefile.am -+++ b/glib/Makefile.am -@@ -386,7 +386,7 @@ glib_probes.h: glib_probes.d - < $@.tmp > $@ && rm -f $@.tmp - - glib_probes.lo: glib_probes.d -- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ -+ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ - - BUILT_SOURCES += glib_probes.h glib_probes.lo - CLEANFILES += glib_probes.h glib_probes.h.tmp -diff --git a/gobject/Makefile.am b/gobject/Makefile.am -index 4c28acdff..78748e96c 100644 ---- a/gobject/Makefile.am -+++ b/gobject/Makefile.am -@@ -119,7 +119,7 @@ gobject_probes.h: gobject_probes.d - < $@.tmp > $@ && rm -f $@.tmp - - gobject_probes.lo: gobject_probes.d -- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ -+ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ - - BUILT_SOURCES += gobject_probes.h gobject_probes.lo - CLEANFILES += gobject_probes.h --- -2.21.0 - diff --git a/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch b/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch deleted file mode 100644 index eb5ed23..0000000 --- a/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 64b76c7ca5cf5b4ede2f4b423114f46141890e1e Mon Sep 17 00:00:00 2001 -From: Robert Ancell -Date: Fri, 7 Sep 2018 10:19:05 +1200 -Subject: [PATCH] codegen: Change pointer casting to remove type-punning - warnings - -The existing code was generating code with undefined results that modern compilers warn about: - -accounts-generated.c:204:23: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] - (GDBusArgInfo **) &_accounts_accounts_method_info_list_cached_users_OUT_ARG_pointers, ---- - gio/gdbus-2.0/codegen/codegen.py | 22 +++++++++++----------- - 1 file changed, 11 insertions(+), 11 deletions(-) - -diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py -index e74131cdb..0d95cdcda 100644 ---- a/gio/gdbus-2.0/codegen/codegen.py -+++ b/gio/gdbus-2.0/codegen/codegen.py -@@ -1129,10 +1129,10 @@ class CodeGenerator: - '\n') - - if len(args) > 0: -- self.outfile.write('static const _ExtendedGDBusArgInfo * const %s_pointers[] =\n' -+ self.outfile.write('static const GDBusArgInfo * const %s_pointers[] =\n' - '{\n'%(prefix)) - for a in args: -- self.outfile.write(' &%s_%s,\n'%(prefix, a.name)) -+ self.outfile.write(' &%s_%s.parent_struct,\n'%(prefix, a.name)) - self.outfile.write(' NULL\n' - '};\n' - '\n') -@@ -1175,10 +1175,10 @@ class CodeGenerator: - self.outfile.write('};\n' - '\n') - -- self.outfile.write('static const _ExtendedGDBusMethodInfo * const _%s_method_info_pointers[] =\n' -+ self.outfile.write('static const GDBusMethodInfo * const _%s_method_info_pointers[] =\n' - '{\n'%(i.name_lower)) - for m in i.methods: -- self.outfile.write(' &_%s_method_info_%s,\n'%(i.name_lower, m.name_lower)) -+ self.outfile.write(' &_%s_method_info_%s.parent_struct,\n'%(i.name_lower, m.name_lower)) - self.outfile.write(' NULL\n' - '};\n' - '\n') -@@ -1209,10 +1209,10 @@ class CodeGenerator: - self.outfile.write('};\n' - '\n') - -- self.outfile.write('static const _ExtendedGDBusSignalInfo * const _%s_signal_info_pointers[] =\n' -+ self.outfile.write('static const GDBusSignalInfo * const _%s_signal_info_pointers[] =\n' - '{\n'%(i.name_lower)) - for s in i.signals: -- self.outfile.write(' &_%s_signal_info_%s,\n'%(i.name_lower, s.name_lower)) -+ self.outfile.write(' &_%s_signal_info_%s.parent_struct,\n'%(i.name_lower, s.name_lower)) - self.outfile.write(' NULL\n' - '};\n' - '\n') -@@ -1251,10 +1251,10 @@ class CodeGenerator: - self.outfile.write('};\n' - '\n') - -- self.outfile.write('static const _ExtendedGDBusPropertyInfo * const _%s_property_info_pointers[] =\n' -+ self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' - '{\n'%(i.name_lower)) - for p in i.properties: -- self.outfile.write(' &_%s_property_info_%s,\n'%(i.name_lower, p.name_lower)) -+ self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) - self.outfile.write(' NULL\n' - '};\n' - '\n') -@@ -1948,7 +1948,7 @@ class CodeGenerator: - self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' - ' GVariant *variant;\n' - ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' -- ' info = _%s_property_info_pointers[prop_id - 1];\n' -+ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' - ' variant = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (object), info->parent_struct.name);\n' - ' if (info->use_gvariant)\n' - ' {\n' -@@ -2001,7 +2001,7 @@ class CodeGenerator: - self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' - ' GVariant *variant;\n' - ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' -- ' info = _%s_property_info_pointers[prop_id - 1];\n' -+ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' - ' variant = g_dbus_gvalue_to_gvariant (value, G_VARIANT_TYPE (info->parent_struct.signature));\n' - ' g_dbus_proxy_call (G_DBUS_PROXY (object),\n' - ' "org.freedesktop.DBus.Properties.Set",\n' -@@ -2887,7 +2887,7 @@ class CodeGenerator: - ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' - ' {\n' - ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' -- ' _%s_schedule_emit_changed (skeleton, _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' -+ ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' - ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' - ' g_object_notify_by_pspec (object, pspec);\n' - ' }\n' --- -2.19.1 - diff --git a/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch b/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch deleted file mode 100644 index 764d407..0000000 --- a/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch +++ /dev/null @@ -1,118 +0,0 @@ -From 1485a97d8051b0aa047987f7b0c0bfe4ba4ce55b Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Fri, 18 Oct 2019 10:55:09 +0100 -Subject: [PATCH] credentials: Invalid Linux struct ucred means "no - information" - -On Linux, if getsockopt SO_PEERCRED is used on a TCP socket, one -might expect it to fail with an appropriate error like ENOTSUP or -EPROTONOSUPPORT. However, it appears that in fact it succeeds, but -yields a credentials structure with pid 0, uid -1 and gid -1. These -are not real process, user and group IDs that can be allocated to a -real process (pid 0 needs to be reserved to give kill(0) its documented -special semantics, and similarly uid and gid -1 need to be reserved for -setresuid() and setresgid()) so it is not meaningful to signal them to -high-level API users. - -An API user with Linux-specific knowledge can still inspect these fields -via g_credentials_get_native() if desired. - -Similarly, if SO_PASSCRED is used to receive a SCM_CREDENTIALS message -on a receiving Unix socket, but the sending socket had not enabled -SO_PASSCRED at the time that the message was sent, it is possible -for it to succeed but yield a credentials structure with pid 0, uid -/proc/sys/kernel/overflowuid and gid /proc/sys/kernel/overflowgid. Even -if we were to read those pseudo-files, we cannot distinguish between -the overflow IDs and a real process that legitimately has the same IDs -(typically they are set to 'nobody' and 'nogroup', which can be used -by a real process), so we detect this situation by noticing that -pid == 0, and to save syscalls we do not read the overflow IDs from -/proc at all. - -This results in a small API change: g_credentials_is_same_user() now -returns FALSE if we compare two credentials structures that are both -invalid. This seems like reasonable, conservative behaviour: if we cannot -prove that they are the same user, we should assume they are not. - -Signed-off-by: Simon McVittie ---- - gio/gcredentials.c | 42 +++++++++++++++++++++++++++++++++++++++--- - 1 file changed, 39 insertions(+), 3 deletions(-) - -diff --git a/gio/gcredentials.c b/gio/gcredentials.c -index c350e3c88..c4794ded7 100644 ---- a/gio/gcredentials.c -+++ b/gio/gcredentials.c -@@ -265,6 +265,35 @@ g_credentials_to_string (GCredentials *credentials) - - /* ---------------------------------------------------------------------------------------------------- */ - -+#if G_CREDENTIALS_USE_LINUX_UCRED -+/* -+ * Check whether @native contains invalid data. If getsockopt SO_PEERCRED -+ * is used on a TCP socket, it succeeds but yields a credentials structure -+ * with pid 0, uid -1 and gid -1. Similarly, if SO_PASSCRED is used on a -+ * receiving Unix socket when the sending socket did not also enable -+ * SO_PASSCRED, it can succeed but yield a credentials structure with -+ * pid 0, uid /proc/sys/kernel/overflowuid and gid -+ * /proc/sys/kernel/overflowgid. -+ */ -+static gboolean -+linux_ucred_check_valid (struct ucred *native, -+ GError **error) -+{ -+ if (native->pid == 0 -+ || native->uid == -1 -+ || native->gid == -1) -+ { -+ g_set_error_literal (error, -+ G_IO_ERROR, -+ G_IO_ERROR_INVALID_DATA, -+ _("GCredentials contains invalid data")); -+ return FALSE; -+ } -+ -+ return TRUE; -+} -+#endif -+ - /** - * g_credentials_is_same_user: - * @credentials: A #GCredentials. -@@ -294,7 +323,8 @@ g_credentials_is_same_user (GCredentials *credentials, - - ret = FALSE; - #if G_CREDENTIALS_USE_LINUX_UCRED -- if (credentials->native.uid == other_credentials->native.uid) -+ if (linux_ucred_check_valid (&credentials->native, NULL) -+ && credentials->native.uid == other_credentials->native.uid) - ret = TRUE; - #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED - if (credentials->native.cmcred_euid == other_credentials->native.cmcred_euid) -@@ -453,7 +483,10 @@ g_credentials_get_unix_user (GCredentials *credentials, - g_return_val_if_fail (error == NULL || *error == NULL, -1); - - #if G_CREDENTIALS_USE_LINUX_UCRED -- ret = credentials->native.uid; -+ if (linux_ucred_check_valid (&credentials->native, error)) -+ ret = credentials->native.uid; -+ else -+ ret = -1; - #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED - ret = credentials->native.cmcred_euid; - #elif G_CREDENTIALS_USE_NETBSD_UNPCBID -@@ -499,7 +532,10 @@ g_credentials_get_unix_pid (GCredentials *credentials, - g_return_val_if_fail (error == NULL || *error == NULL, -1); - - #if G_CREDENTIALS_USE_LINUX_UCRED -- ret = credentials->native.pid; -+ if (linux_ucred_check_valid (&credentials->native, error)) -+ ret = credentials->native.pid; -+ else -+ ret = -1; - #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED - ret = credentials->native.cmcred_pid; - #elif G_CREDENTIALS_USE_NETBSD_UNPCBID --- -2.23.0 - diff --git a/SOURCES/0001-gbytearray-Do-not-accept-too-large-byte-arrays.patch b/SOURCES/0001-gbytearray-Do-not-accept-too-large-byte-arrays.patch deleted file mode 100644 index 15aa571..0000000 --- a/SOURCES/0001-gbytearray-Do-not-accept-too-large-byte-arrays.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 89b522ed31837cb2ac107a8961fbb0f2c7fc7ccb Mon Sep 17 00:00:00 2001 -From: Krzesimir Nowak -Date: Wed, 10 Feb 2021 23:51:07 +0100 -Subject: [PATCH] gbytearray: Do not accept too large byte arrays - -GByteArray uses guint for storing the length of the byte array, but it -also has a constructor (g_byte_array_new_take) that takes length as a -gsize. gsize may be larger than guint (64 bits for gsize vs 32 bits -for guint). It is possible to call the function with a value greater -than G_MAXUINT, which will result in silent length truncation. This -may happen as a result of unreffing GBytes into GByteArray, so rather -be loud about it. - -(Test case tweaked by Philip Withnall.) ---- - glib/garray.c | 6 ++++++ - glib/gbytes.c | 4 ++++ - glib/tests/bytes.c | 37 +++++++++++++++++++++++++++++++++++-- - 3 files changed, 45 insertions(+), 2 deletions(-) - -diff --git a/glib/garray.c b/glib/garray.c -index aa3c04707..271d85ad8 100644 ---- a/glib/garray.c -+++ b/glib/garray.c -@@ -1666,6 +1666,10 @@ g_byte_array_new (void) - * Create byte array containing the data. The data will be owned by the array - * and will be freed with g_free(), i.e. it could be allocated using g_strdup(). - * -+ * Do not use it if @len is greater than %G_MAXUINT. #GByteArray -+ * stores the length of its data in #guint, which may be shorter than -+ * #gsize. -+ * - * Since: 2.32 - * - * Returns: (transfer full): a new #GByteArray -@@ -1677,6 +1681,8 @@ g_byte_array_new_take (guint8 *data, - GByteArray *array; - GRealArray *real; - -+ g_return_val_if_fail (len <= G_MAXUINT, NULL); -+ - array = g_byte_array_new (); - real = (GRealArray *)array; - g_assert (real->data == NULL); -diff --git a/glib/gbytes.c b/glib/gbytes.c -index 5141170d7..635b79535 100644 ---- a/glib/gbytes.c -+++ b/glib/gbytes.c -@@ -512,6 +512,10 @@ g_bytes_unref_to_data (GBytes *bytes, - * g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes(). In all - * other cases the data is copied. - * -+ * Do not use it if @bytes contains more than %G_MAXUINT -+ * bytes. #GByteArray stores the length of its data in #guint, which -+ * may be shorter than #gsize, that @bytes is using. -+ * - * Returns: (transfer full): a new mutable #GByteArray containing the same byte data - * - * Since: 2.32 -diff --git a/glib/tests/bytes.c b/glib/tests/bytes.c -index 5ea5c2b35..42281307b 100644 ---- a/glib/tests/bytes.c -+++ b/glib/tests/bytes.c -@@ -10,12 +10,12 @@ - */ - - #undef G_DISABLE_ASSERT --#undef G_LOG_DOMAIN - - #include - #include - #include - #include "glib.h" -+#include "glib/gstrfuncsprivate.h" - - /* Keep in sync with glib/gbytes.c */ - struct _GBytes -@@ -333,6 +333,38 @@ test_to_array_transferred (void) - g_byte_array_unref (array); - } - -+static void -+test_to_array_transferred_oversize (void) -+{ -+ g_test_message ("g_bytes_unref_to_array() can only take GBytes up to " -+ "G_MAXUINT in length; test that longer ones are rejected"); -+ -+ if (sizeof (guint) >= sizeof (gsize)) -+ { -+ g_test_skip ("Skipping test as guint is not smaller than gsize"); -+ } -+ else if (g_test_undefined ()) -+ { -+ GByteArray *array = NULL; -+ GBytes *bytes = NULL; -+ gpointer data = g_memdup2 (NYAN, N_NYAN); -+ gsize len = ((gsize) G_MAXUINT) + 1; -+ -+ bytes = g_bytes_new_take (data, len); -+ g_test_expect_message (G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, -+ "g_byte_array_new_take: assertion 'len <= G_MAXUINT' failed"); -+ array = g_bytes_unref_to_array (g_steal_pointer (&bytes)); -+ g_test_assert_expected_messages (); -+ g_assert_null (array); -+ -+ g_free (data); -+ } -+ else -+ { -+ g_test_skip ("Skipping test as testing undefined behaviour is disabled"); -+ } -+} -+ - static void - test_to_array_two_refs (void) - { -@@ -407,7 +439,8 @@ main (int argc, char *argv[]) - g_test_add_func ("/bytes/to-data/transfered", test_to_data_transferred); - g_test_add_func ("/bytes/to-data/two-refs", test_to_data_two_refs); - g_test_add_func ("/bytes/to-data/non-malloc", test_to_data_non_malloc); -- g_test_add_func ("/bytes/to-array/transfered", test_to_array_transferred); -+ g_test_add_func ("/bytes/to-array/transferred", test_to_array_transferred); -+ g_test_add_func ("/bytes/to-array/transferred-oversize", test_to_array_transferred_oversize); - g_test_add_func ("/bytes/to-array/two-refs", test_to_array_two_refs); - g_test_add_func ("/bytes/to-array/non-malloc", test_to_array_non_malloc); - g_test_add_func ("/bytes/null", test_null); --- -2.31.1 - diff --git a/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch b/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch deleted file mode 100644 index fe37025..0000000 --- a/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch +++ /dev/null @@ -1,83 +0,0 @@ -From ef1035d9d86464ea0b5dde60a7a0e190895fdf5b Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Mon, 14 Oct 2019 08:22:24 +0100 -Subject: [PATCH] gcredentialsprivate: Document the various private macros - -Signed-off-by: Simon McVittie ---- - gio/gcredentialsprivate.h | 59 +++++++++++++++++++++++++++++++++++++++ - 1 file changed, 59 insertions(+) - -diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h -index 4d1c420a8..06f0aed19 100644 ---- a/gio/gcredentialsprivate.h -+++ b/gio/gcredentialsprivate.h -@@ -22,6 +22,65 @@ - #include "gio/gcredentials.h" - #include "gio/gnetworking.h" - -+/* -+ * G_CREDENTIALS_SUPPORTED: -+ * -+ * Defined to 1 if GCredentials works. -+ */ -+#undef G_CREDENTIALS_SUPPORTED -+ -+/* -+ * G_CREDENTIALS_USE_LINUX_UCRED, etc.: -+ * -+ * Defined to 1 if GCredentials uses Linux `struct ucred`, etc. -+ */ -+#undef G_CREDENTIALS_USE_LINUX_UCRED -+#undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED -+#undef G_CREDENTIALS_USE_NETBSD_UNPCBID -+#undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED -+#undef G_CREDENTIALS_USE_SOLARIS_UCRED -+ -+/* -+ * G_CREDENTIALS_NATIVE_TYPE: -+ * -+ * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc. -+ */ -+#undef G_CREDENTIALS_NATIVE_TYPE -+ -+/* -+ * G_CREDENTIALS_NATIVE_SIZE: -+ * -+ * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE -+ */ -+#undef G_CREDENTIALS_NATIVE_SIZE -+ -+/* -+ * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED: -+ * -+ * Defined to 1 if we have a message-passing API in which credentials -+ * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux -+ * or `SCM_CREDS` on FreeBSD. -+ */ -+#undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED -+ -+/* -+ * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED: -+ * -+ * Defined to 1 if we have a `getsockopt()`-style API in which one end of -+ * a socket connection can directly query the credentials of the process -+ * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux -+ * or `getpeereid()` on multiple operating systems. -+ */ -+#undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED -+ -+/* -+ * G_CREDENTIALS_SPOOFING_SUPPORTED: -+ * -+ * Defined to 1 if privileged processes can spoof their credentials when -+ * using the message-passing API. -+ */ -+#undef G_CREDENTIALS_SPOOFING_SUPPORTED -+ - #ifdef __linux__ - #define G_CREDENTIALS_SUPPORTED 1 - #define G_CREDENTIALS_USE_LINUX_UCRED 1 --- -2.23.0 - diff --git a/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch b/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch deleted file mode 100644 index 09e2c84..0000000 --- a/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch +++ /dev/null @@ -1,613 +0,0 @@ -From aea538fe703652fd0a39b2ac9185133849cfdcc4 Mon Sep 17 00:00:00 2001 -From: Thomas Jost -Date: Thu, 13 Dec 2018 03:06:02 -0800 -Subject: [PATCH] gdbus-codegen: honor "Property.EmitsChangedSignal" - annotations - -Co-Authored-by: Andy Holmes ---- - gio/gdbus-2.0/codegen/codegen.py | 18 ++++++++++----- - gio/gdbus-2.0/codegen/dbustypes.py | 7 ++++++ - gio/tests/gdbus-test-codegen.c | 36 +++++++++++++++++++++++++----- - gio/tests/test-codegen.xml | 6 +++++ - 4 files changed, 56 insertions(+), 11 deletions(-) - -diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py -index f6892af95..442bd3f5d 100644 ---- a/gio/gdbus-2.0/codegen/codegen.py -+++ b/gio/gdbus-2.0/codegen/codegen.py -@@ -638,61 +638,62 @@ class CodeGenerator: - '# include \n' - '#endif\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' GDBusArgInfo parent_struct;\n' - ' gboolean use_gvariant;\n' - '} _ExtendedGDBusArgInfo;\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' GDBusMethodInfo parent_struct;\n' - ' const gchar *signal_name;\n' - ' gboolean pass_fdlist;\n' - '} _ExtendedGDBusMethodInfo;\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' GDBusSignalInfo parent_struct;\n' - ' const gchar *signal_name;\n' - '} _ExtendedGDBusSignalInfo;\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' GDBusPropertyInfo parent_struct;\n' - ' const gchar *hyphen_name;\n' -- ' gboolean use_gvariant;\n' -+ ' guint use_gvariant : 1;\n' -+ ' guint emits_changed_signal : 1;\n' - '} _ExtendedGDBusPropertyInfo;\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' GDBusInterfaceInfo parent_struct;\n' - ' const gchar *hyphen_name;\n' - '} _ExtendedGDBusInterfaceInfo;\n' - '\n') - - self.outfile.write('typedef struct\n' - '{\n' - ' const _ExtendedGDBusPropertyInfo *info;\n' - ' guint prop_id;\n' - ' GValue orig_value; /* the value before the change */\n' - '} ChangedProperty;\n' - '\n' - 'static void\n' - '_changed_property_free (ChangedProperty *data)\n' - '{\n' - ' g_value_unset (&data->orig_value);\n' - ' g_free (data);\n' - '}\n' - '\n') - - self.outfile.write('static gboolean\n' - '_g_strv_equal0 (gchar **a, gchar **b)\n' - '{\n' - ' gboolean ret = FALSE;\n' - ' guint n;\n' -@@ -933,63 +934,67 @@ class CodeGenerator: - '\n') - - # --- - - if len(i.properties) > 0: - for p in i.properties: - if p.readable and p.writable: - access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE | G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' - elif p.readable: - access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE' - elif p.writable: - access = 'G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' - else: - access = 'G_DBUS_PROPERTY_INFO_FLAGS_NONE' - num_anno = self.generate_annotations('_%s_property_%s_annotation_info'%(i.name_lower, p.name_lower), p.annotations) - self.outfile.write('static const _ExtendedGDBusPropertyInfo _%s_property_info_%s =\n' - '{\n' - ' {\n' - ' -1,\n' - ' (gchar *) "%s",\n' - ' (gchar *) "%s",\n' - ' %s,\n'%(i.name_lower, p.name_lower, p.name, p.arg.signature, access)) - if num_anno == 0: - self.outfile.write(' NULL\n') - else: - self.outfile.write(' (GDBusAnnotationInfo **) &_%s_property_%s_annotation_info_pointers\n'%(i.name_lower, p.name_lower)) - self.outfile.write(' },\n' - ' "%s",\n' - %(p.name_hyphen)) - if not utils.lookup_annotation(p.annotations, 'org.gtk.GDBus.C.ForceGVariant'): -- self.outfile.write(' FALSE\n') -+ self.outfile.write(' FALSE,\n') - else: -+ self.outfile.write(' TRUE,\n') -+ if p.emits_changed_signal: - self.outfile.write(' TRUE\n') -+ else: -+ self.outfile.write(' FALSE\n') - self.outfile.write('};\n' - '\n') - - self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' - '{\n'%(i.name_lower)) - for p in i.properties: - self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) - self.outfile.write(' NULL\n' - '};\n' - '\n') - - num_anno = self.generate_annotations('_%s_annotation_info'%(i.name_lower), i.annotations) - self.outfile.write('static const _ExtendedGDBusInterfaceInfo _%s_interface_info =\n' - '{\n' - ' {\n' - ' -1,\n' - ' (gchar *) "%s",\n'%(i.name_lower, i.name)) - if len(i.methods) == 0: - self.outfile.write(' NULL,\n') - else: - self.outfile.write(' (GDBusMethodInfo **) &_%s_method_info_pointers,\n'%(i.name_lower)) - if len(i.signals) == 0: - self.outfile.write(' NULL,\n') - else: - self.outfile.write(' (GDBusSignalInfo **) &_%s_signal_info_pointers,\n'%(i.name_lower)) - if len(i.properties) == 0: - self.outfile.write(' NULL,\n') - else: - self.outfile.write(' (GDBusPropertyInfo **) &_%s_property_info_pointers,\n'%(i.name_lower)) - if num_anno == 0: -@@ -2568,68 +2573,71 @@ class CodeGenerator: - # this allows use of g_object_freeze_notify()/g_object_thaw_notify() ... - # This is useful when updating several properties from another thread than - # where the idle will be emitted from - self.outfile.write('static void\n' - '%s_skeleton_notify (GObject *object,\n' - ' GParamSpec *pspec G_GNUC_UNUSED)\n' - '{\n' - ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' - ' g_mutex_lock (&skeleton->priv->lock);\n' - ' if (skeleton->priv->changed_properties != NULL &&\n' - ' skeleton->priv->changed_properties_idle_source == NULL)\n' - ' {\n' - ' skeleton->priv->changed_properties_idle_source = g_idle_source_new ();\n' - ' g_source_set_priority (skeleton->priv->changed_properties_idle_source, G_PRIORITY_DEFAULT);\n' - ' g_source_set_callback (skeleton->priv->changed_properties_idle_source, _%s_emit_changed, g_object_ref (skeleton), (GDestroyNotify) g_object_unref);\n' - ' g_source_set_name (skeleton->priv->changed_properties_idle_source, "[generated] _%s_emit_changed");\n' - ' g_source_attach (skeleton->priv->changed_properties_idle_source, skeleton->priv->context);\n' - ' g_source_unref (skeleton->priv->changed_properties_idle_source);\n' - ' }\n' - ' g_mutex_unlock (&skeleton->priv->lock);\n' - '}\n' - '\n' - %(i.name_lower, i.camel_name, i.ns_upper, i.name_upper, i.name_lower, i.name_lower)) - - self.outfile.write('static void\n' - '%s_skeleton_set_property (GObject *object,\n' - ' guint prop_id,\n' - ' const GValue *value,\n' - ' GParamSpec *pspec)\n' - '{\n'%(i.name_lower)) -- self.outfile.write(' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' -+ self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' -+ ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' - ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' -+ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' - ' g_mutex_lock (&skeleton->priv->lock);\n' - ' g_object_freeze_notify (object);\n' - ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' - ' {\n' -- ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' -- ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' -+ ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL &&\n' -+ ' info->emits_changed_signal)\n' -+ ' _%s_schedule_emit_changed (skeleton, info, prop_id, &skeleton->priv->properties[prop_id - 1]);\n' - ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' - ' g_object_notify_by_pspec (object, pspec);\n' - ' }\n' - ' g_mutex_unlock (&skeleton->priv->lock);\n' - ' g_object_thaw_notify (object);\n' - %(i.camel_name, i.ns_upper, i.name_upper, len(i.properties), i.name_lower, i.name_lower)) - self.outfile.write('}\n' - '\n') - - self.outfile.write('static void\n' - '%s_skeleton_init (%sSkeleton *skeleton)\n' - '{\n' - '#if GLIB_VERSION_MAX_ALLOWED >= GLIB_VERSION_2_38\n' - ' skeleton->priv = %s_skeleton_get_instance_private (skeleton);\n' - '#else\n' - ' skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, %sTYPE_%s_SKELETON, %sSkeletonPrivate);\n' - '#endif\n\n' - %(i.name_lower, i.camel_name, - i.name_lower, - i.ns_upper, i.name_upper, i.camel_name)) - self.outfile.write(' g_mutex_init (&skeleton->priv->lock);\n') - self.outfile.write(' skeleton->priv->context = g_main_context_ref_thread_default ();\n') - if len(i.properties) > 0: - self.outfile.write(' skeleton->priv->properties = g_new0 (GValue, %d);\n'%(len(i.properties))) - n = 0 - for p in i.properties: - self.outfile.write(' g_value_init (&skeleton->priv->properties[%d], %s);\n'%(n, p.arg.gtype)) - n += 1 - self.outfile.write('}\n' - '\n') -diff --git a/gio/gdbus-2.0/codegen/dbustypes.py b/gio/gdbus-2.0/codegen/dbustypes.py -index bfc69f596..359880ff7 100644 ---- a/gio/gdbus-2.0/codegen/dbustypes.py -+++ b/gio/gdbus-2.0/codegen/dbustypes.py -@@ -300,89 +300,96 @@ class Signal: - arg_count = 0 - for a in self.args: - a.post_process(interface_prefix, cns, cns_upper, cns_lower, arg_count) - arg_count += 1 - - if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': - self.deprecated = True - - class Property: - def __init__(self, name, signature, access): - self.name = name - self.signature = signature - self.access = access - self.annotations = [] - self.arg = Arg('value', self.signature) - self.arg.annotations = self.annotations - self.readable = False - self.writable = False - if self.access == 'readwrite': - self.readable = True - self.writable = True - elif self.access == 'read': - self.readable = True - elif self.access == 'write': - self.writable = True - else: - print_error('Invalid access type "{}"'.format(self.access)) - self.doc_string = '' - self.since = '' - self.deprecated = False -+ self.emits_changed_signal = True - - def post_process(self, interface_prefix, cns, cns_upper, cns_lower, containing_iface): - if len(self.doc_string) == 0: - self.doc_string = utils.lookup_docs(self.annotations) - if len(self.since) == 0: - self.since = utils.lookup_since(self.annotations) - if len(self.since) == 0: - self.since = containing_iface.since - - name = self.name - overridden_name = utils.lookup_annotation(self.annotations, 'org.gtk.GDBus.C.Name') - if utils.is_ugly_case(overridden_name): - self.name_lower = overridden_name.lower() - else: - if overridden_name: - name = overridden_name - self.name_lower = utils.camel_case_to_uscore(name).lower().replace('-', '_') - self.name_hyphen = self.name_lower.replace('_', '-') - # don't clash with the GType getter, e.g.: GType foo_bar_get_type (void); G_GNUC_CONST - if self.name_lower == 'type': - self.name_lower = 'type_' - - # recalculate arg - self.arg.annotations = self.annotations - self.arg.post_process(interface_prefix, cns, cns_upper, cns_lower, 0) - - if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': - self.deprecated = True - -+ # FIXME: for now we only support 'false' and 'const' on the signal itself, see #674913 and -+ # http://dbus.freedesktop.org/doc/dbus-specification.html#introspection-format -+ # for details -+ if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Property.EmitsChangedSignal') in ('false', 'const'): -+ self.emits_changed_signal = False -+ - class Interface: - def __init__(self, name): - self.name = name - self.methods = [] - self.signals = [] - self.properties = [] - self.annotations = [] - self.doc_string = '' - self.doc_string_brief = '' - self.since = '' - self.deprecated = False - - def post_process(self, interface_prefix, c_namespace): - if len(self.doc_string) == 0: - self.doc_string = utils.lookup_docs(self.annotations) - if len(self.doc_string_brief) == 0: - self.doc_string_brief = utils.lookup_brief_docs(self.annotations) - if len(self.since) == 0: - self.since = utils.lookup_since(self.annotations) - - if len(c_namespace) > 0: - if utils.is_ugly_case(c_namespace): - cns = c_namespace.replace('_', '') - cns_upper = c_namespace.upper() + '_' - cns_lower = c_namespace.lower() + '_' - else: - cns = c_namespace - cns_upper = utils.camel_case_to_uscore(c_namespace).upper() + '_' - cns_lower = utils.camel_case_to_uscore(c_namespace).lower() + '_' - else: -diff --git a/gio/tests/gdbus-test-codegen.c b/gio/tests/gdbus-test-codegen.c -index 1c4e83c4c..c906d05ae 100644 ---- a/gio/tests/gdbus-test-codegen.c -+++ b/gio/tests/gdbus-test-codegen.c -@@ -1740,103 +1740,127 @@ on_object_proxy_added (GDBusObjectManagerClient *manager, - gpointer user_data) - { - OMData *om_data = user_data; - om_data->num_object_proxy_added_signals += 1; - g_signal_connect (object_proxy, - "interface-added", - G_CALLBACK (on_interface_added), - om_data); - g_signal_connect (object_proxy, - "interface-removed", - G_CALLBACK (on_interface_removed), - om_data); - } - - static void - on_object_proxy_removed (GDBusObjectManagerClient *manager, - GDBusObjectProxy *object_proxy, - gpointer user_data) - { - OMData *om_data = user_data; - om_data->num_object_proxy_removed_signals += 1; - g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, - G_CALLBACK (on_interface_added), - om_data), ==, 1); - g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, - G_CALLBACK (on_interface_removed), - om_data), ==, 1); - } - - static void --property_d_changed (GObject *object, -- GParamSpec *pspec, -- gpointer user_data) -+property_changed (GObject *object, -+ GParamSpec *pspec, -+ gpointer user_data) - { - gboolean *changed = user_data; - - *changed = TRUE; - } - - static void - om_check_property_and_signal_emission (GMainLoop *loop, - FooiGenBar *skeleton, - FooiGenBar *proxy) - { - gboolean d_changed = FALSE; -+ gboolean quiet_changed = FALSE; -+ gboolean quiet_too_changed = FALSE; - guint handler; - - /* First PropertiesChanged */ - g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 0); - g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 0); - foo_igen_bar_set_i (skeleton, 1); - _g_assert_property_notify (proxy, "i"); - g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 1); - g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 1); - - /* Double-check the gdouble case */ - g_assert_cmpfloat (foo_igen_bar_get_d (skeleton), ==, 0.0); - g_assert_cmpfloat (foo_igen_bar_get_d (proxy), ==, 0.0); - foo_igen_bar_set_d (skeleton, 1.0); - _g_assert_property_notify (proxy, "d"); - - /* Verify that re-setting it to the same value doesn't cause a - * notify on the proxy, by taking advantage of the fact that - * notifications are serialized. - */ - handler = g_signal_connect (proxy, "notify::d", -- G_CALLBACK (property_d_changed), &d_changed); -+ G_CALLBACK (property_changed), &d_changed); - foo_igen_bar_set_d (skeleton, 1.0); - foo_igen_bar_set_i (skeleton, 2); - _g_assert_property_notify (proxy, "i"); - g_assert (d_changed == FALSE); - g_signal_handler_disconnect (proxy, handler); - -+ /* Verify that re-setting a property with the "EmitsChangedSignal" -+ * set to false doesn't emit a signal. */ -+ handler = g_signal_connect (proxy, "notify::quiet", -+ G_CALLBACK (property_changed), &quiet_changed); -+ foo_igen_bar_set_quiet (skeleton, "hush!"); -+ foo_igen_bar_set_i (skeleton, 3); -+ _g_assert_property_notify (proxy, "i"); -+ g_assert (quiet_changed == FALSE); -+ g_assert_cmpstr (foo_igen_bar_get_quiet (skeleton), ==, "hush!"); -+ g_signal_handler_disconnect (proxy, handler); -+ -+ /* Also verify that re-setting a property with the "EmitsChangedSignal" -+ * set to 'const' doesn't emit a signal. */ -+ handler = g_signal_connect (proxy, "notify::quiet-too", -+ G_CALLBACK (property_changed), &quiet_changed); -+ foo_igen_bar_set_quiet_too (skeleton, "hush too!"); -+ foo_igen_bar_set_i (skeleton, 4); -+ _g_assert_property_notify (proxy, "i"); -+ g_assert (quiet_too_changed == FALSE); -+ g_assert_cmpstr (foo_igen_bar_get_quiet_too (skeleton), ==, "hush too!"); -+ g_signal_handler_disconnect (proxy, handler); -+ - /* Then just a regular signal */ - foo_igen_bar_emit_another_signal (skeleton, "word"); - _g_assert_signal_received (proxy, "another-signal"); - } - - static void - check_object_manager (void) - { - FooiGenObjectSkeleton *o = NULL; - FooiGenObjectSkeleton *o2 = NULL; - FooiGenObjectSkeleton *o3 = NULL; - GDBusInterfaceSkeleton *i; - GDBusConnection *c; - GDBusObjectManagerServer *manager = NULL; - GDBusNodeInfo *info; - GError *error; - GMainLoop *loop; - OMData *om_data = NULL; - guint om_signal_id = -1; - GDBusObjectManager *pm = NULL; - GList *object_proxies; - GList *proxies; - GDBusObject *op; - GDBusProxy *p; - FooiGenBar *bar_skeleton; - GDBusInterface *iface; - gchar *path, *name, *name_owner; - GDBusConnection *c2; - GDBusObjectManagerClientFlags flags; - -@@ -2124,73 +2148,73 @@ check_object_manager (void) - "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}},)"); - - /* -------------------------------------------------- */ - - /* create a new object with two interfaces */ - o2 = foo_igen_object_skeleton_new ("/managed/second"); - i = G_DBUS_INTERFACE_SKELETON (foo_igen_bar_skeleton_new ()); - bar_skeleton = FOO_IGEN_BAR (i); /* save for later test */ - foo_igen_object_skeleton_set_bar (o2, FOO_IGEN_BAR (i)); - g_clear_object (&i); - i = G_DBUS_INTERFACE_SKELETON (foo_igen_bat_skeleton_new ()); - foo_igen_object_skeleton_set_bat (o2, FOO_IGEN_BAT (i)); - g_clear_object (&i); - /* ... add it */ - g_dbus_object_manager_server_export (manager, G_DBUS_OBJECT_SKELETON (o2)); - /* ... check we get the InterfacesAdded with _two_ interfaces */ - om_data->state = 101; - g_main_loop_run (om_data->loop); - g_assert_cmpint (om_data->state, ==, 102); - g_assert_cmpint (om_data->num_object_proxy_added_signals, ==, 5); - g_assert_cmpint (om_data->num_object_proxy_removed_signals, ==, 3); - g_assert_cmpint (om_data->num_interface_added_signals, ==, 1); - g_assert_cmpint (om_data->num_interface_removed_signals, ==, 1); - - /* -------------------------------------------------- */ - - /* Now that we have a couple of objects with interfaces, check - * that ObjectManager.GetManagedObjects() works - */ - om_check_get_all (c, loop, -- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); -+ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); - - /* Set connection to NULL, causing everything to be unexported.. verify this.. and - * then set the connection back.. and then check things still work - */ - g_dbus_object_manager_server_set_connection (manager, NULL); - info = introspect (c, g_dbus_connection_get_unique_name (c), "/managed", loop); - g_assert_cmpint (count_interfaces (info), ==, 0); /* nothing */ - g_dbus_node_info_unref (info); - - g_dbus_object_manager_server_set_connection (manager, c); - om_check_get_all (c, loop, -- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); -+ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); - - /* Also check that the ObjectManagerClient returns these objects - and - * that they are of the right GType cf. what was requested via - * the generated ::get-proxy-type signal handler - */ - object_proxies = g_dbus_object_manager_get_objects (pm); - g_assert (g_list_length (object_proxies) == 2); - g_list_free_full (object_proxies, g_object_unref); - op = g_dbus_object_manager_get_object (pm, "/managed/first"); - g_assert (op != NULL); - g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); - g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/first"); - proxies = g_dbus_object_get_interfaces (op); - g_assert (g_list_length (proxies) == 1); - g_list_free_full (proxies, g_object_unref); - p = G_DBUS_PROXY (foo_igen_object_get_com_acme_coyote (FOO_IGEN_OBJECT (op))); - g_assert (p != NULL); - g_assert_cmpint (G_TYPE_FROM_INSTANCE (p), ==, FOO_IGEN_TYPE_COM_ACME_COYOTE_PROXY); - g_assert (g_type_is_a (G_TYPE_FROM_INSTANCE (p), FOO_IGEN_TYPE_COM_ACME_COYOTE)); - g_clear_object (&p); - p = (GDBusProxy *) g_dbus_object_get_interface (op, "org.project.NonExisting"); - g_assert (p == NULL); - g_clear_object (&op); - - /* -- */ - op = g_dbus_object_manager_get_object (pm, "/managed/second"); - g_assert (op != NULL); - g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); - g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/second"); - proxies = g_dbus_object_get_interfaces (op); -diff --git a/gio/tests/test-codegen.xml b/gio/tests/test-codegen.xml -index 885a21f77..39d8769c7 100644 ---- a/gio/tests/test-codegen.xml -+++ b/gio/tests/test-codegen.xml -@@ -79,60 +79,66 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -+ -+ -+ -+ -+ -+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --- -2.21.0 - diff --git a/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch b/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch deleted file mode 100644 index 8ac8b87..0000000 --- a/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch +++ /dev/null @@ -1,27 +0,0 @@ -From fe803a6da0c7d73cd689d905258847384e11d1fd Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Mon, 17 Dec 2018 14:36:07 -0500 -Subject: [PATCH] gdbus unix addresses test: don't g_debug when also testing - stdout - -At the moment the gdbus-unix-addresses test will fail if -G_MESSAGES_DEBUG is set, since the test checks stdout, and the -test has a g_debug call. - -This commit drops the g_debug call, which isn't that useful anyway. ---- - gio/tests/gdbus-unix-addresses.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/gio/tests/gdbus-unix-addresses.c b/gio/tests/gdbus-unix-addresses.c -index e08328711..d020edd06 100644 ---- a/gio/tests/gdbus-unix-addresses.c -+++ b/gio/tests/gdbus-unix-addresses.c -@@ -106,7 +106,6 @@ set_up_mock_dbus_launch (void) - { - path = g_strconcat (g_test_get_dir (G_TEST_BUILT), ":", - g_getenv ("PATH"), NULL); -- g_debug ("PATH=%s", path); - g_setenv ("PATH", path, TRUE); - - /* libdbus won't even try X11 autolaunch if DISPLAY is unset; GDBus diff --git a/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch b/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch deleted file mode 100644 index 6c514e1..0000000 --- a/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch +++ /dev/null @@ -1,53 +0,0 @@ -From d8f8f4d637ce43f8699ba94c9b7648beda0ca174 Mon Sep 17 00:00:00 2001 -From: Ondrej Holy -Date: Thu, 23 May 2019 10:41:53 +0200 -Subject: [PATCH] gfile: Limit access to files when copying - -file_copy_fallback creates new files with default permissions and -set the correct permissions after the operation is finished. This -might cause that the files can be accessible by more users during -the operation than expected. Use G_FILE_CREATE_PRIVATE for the new -files to limit access to those files. ---- - gio/gfile.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/gio/gfile.c b/gio/gfile.c -index 24b136d80..74b58047c 100644 ---- a/gio/gfile.c -+++ b/gio/gfile.c -@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, - out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), - FALSE, NULL, - flags & G_FILE_COPY_BACKUP, -- G_FILE_CREATE_REPLACE_DESTINATION, -- info, -+ G_FILE_CREATE_REPLACE_DESTINATION | -+ G_FILE_CREATE_PRIVATE, info, - cancellable, error); - else - out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), -- FALSE, 0, info, -+ FALSE, G_FILE_CREATE_PRIVATE, info, - cancellable, error); - } - else if (flags & G_FILE_COPY_OVERWRITE) -@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, - out = (GOutputStream *)g_file_replace (destination, - NULL, - flags & G_FILE_COPY_BACKUP, -- G_FILE_CREATE_REPLACE_DESTINATION, -+ G_FILE_CREATE_REPLACE_DESTINATION | -+ G_FILE_CREATE_PRIVATE, - cancellable, error); - } - else - { -- out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); -+ out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); - } - - if (!out) --- -2.21.0 - diff --git a/SOURCES/0001-glocalfileoutputstream-Factor-out-a-flag-check.patch b/SOURCES/0001-glocalfileoutputstream-Factor-out-a-flag-check.patch deleted file mode 100644 index f73d7a4..0000000 --- a/SOURCES/0001-glocalfileoutputstream-Factor-out-a-flag-check.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 8fef6abe1131da0c8a7211c740a12ebe11cbcc51 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 10 Mar 2021 16:05:55 +0000 -Subject: [PATCH 1/3] glocalfileoutputstream: Factor out a flag check - -This clarifies the code a little. It introduces no functional changes. - -Signed-off-by: Philip Withnall ---- - gio/glocalfileoutputstream.c | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index 57d2d5dfe..6a70b2a04 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -751,6 +751,7 @@ handle_overwrite_open (const char *filename, - int res; - int mode; - int errsv; -+ gboolean replace_destination_set = (flags & G_FILE_CREATE_REPLACE_DESTINATION); - - mode = mode_from_flags_or_info (flags, reference_info); - -@@ -857,8 +858,8 @@ handle_overwrite_open (const char *filename, - * The second strategy consist simply in copying the old file - * to a backup file and rewrite the contents of the file. - */ -- -- if ((flags & G_FILE_CREATE_REPLACE_DESTINATION) || -+ -+ if (replace_destination_set || - (!(original_stat.st_nlink > 1) && !is_symlink)) - { - char *dirname, *tmp_filename; -@@ -877,7 +878,7 @@ handle_overwrite_open (const char *filename, - - /* try to keep permissions (unless replacing) */ - -- if ( ! (flags & G_FILE_CREATE_REPLACE_DESTINATION) && -+ if (!replace_destination_set && - ( - #ifdef HAVE_FCHOWN - fchown (tmpfd, original_stat.st_uid, original_stat.st_gid) == -1 || -@@ -1016,7 +1017,7 @@ handle_overwrite_open (const char *filename, - } - } - -- if (flags & G_FILE_CREATE_REPLACE_DESTINATION) -+ if (replace_destination_set) - { - g_close (fd, NULL); - --- -2.31.1 - diff --git a/SOURCES/0001-gmain-g_main_context_check-can-skip-updating-polled-.patch b/SOURCES/0001-gmain-g_main_context_check-can-skip-updating-polled-.patch deleted file mode 100644 index cace858..0000000 --- a/SOURCES/0001-gmain-g_main_context_check-can-skip-updating-polled-.patch +++ /dev/null @@ -1,204 +0,0 @@ -From 4f0a31d66c2a6588495b8ae682f555584dafdf45 Mon Sep 17 00:00:00 2001 -From: Claudio Saavedra -Date: Wed, 21 Oct 2020 13:19:42 +0300 -Subject: [PATCH] gmain: g_main_context_check() can skip updating polled FD - sources - -If there is a file descriptor source that has a lower priority -than the one for sources that are going to be dispatched, -all subsequent file descriptor sources (internally sorted by -file descriptor identifier) do not get an update in their GPollRec -and later on wrong sources can be dispatched. - -Fix this by first finding the first GPollRec that matches the current -GPollFD, instead of relying on it to be the current one. At -the same time, document the assumptions about the ordering of the -file descriptor records and array and make explicit in the documentation -that the array needs to be passed to g_main_context_check() as it was -received from g_main_context_query(). - -Added a new test that reproduces the bug by creating two file -descriptor sources and an idle one. Since the first -file descriptor created has a lower identifier and a low priority, -the second one is not dispatched even when it has the same, higher, -priority as the idle source. After fixing this bug, both -higher priority sources are dispatched as expected. - -While this patch was written independently, a similar fix for this -bug was first submitted by Eugene M in GNOME/glib!562. Having a -second fix that basically does the same is a reassurance that we -are in the right here. - -Fixes #1592 ---- - glib/gmain.c | 32 ++++++++++++++++++++++-- - glib/tests/mainloop.c | 57 +++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 87 insertions(+), 2 deletions(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index 95992253d..a59cd686c 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -3573,7 +3573,10 @@ g_main_context_prepare (GMainContext *context, - * store #GPollFD records that need to be polled. - * @n_fds: (in): length of @fds. - * -- * Determines information necessary to poll this main loop. -+ * Determines information necessary to poll this main loop. You should -+ * be careful to pass the resulting @fds array and its length @n_fds -+ * as is when calling g_main_context_check(), as this function relies -+ * on assumptions made when the array is filled. - * - * You must have successfully acquired the context with - * g_main_context_acquire() before you may call this function. -@@ -3597,6 +3600,10 @@ g_main_context_query (GMainContext *context, - - TRACE (GLIB_MAIN_CONTEXT_BEFORE_QUERY (context, max_priority)); - -+ /* fds is filled sequentially from poll_records. Since poll_records -+ * are incrementally sorted by file descriptor identifier, fds will -+ * also be incrementally sorted. -+ */ - n_poll = 0; - lastpollrec = NULL; - for (pollrec = context->poll_records; pollrec; pollrec = pollrec->next) -@@ -3611,6 +3618,10 @@ g_main_context_query (GMainContext *context, - */ - events = pollrec->fd->events & ~(G_IO_ERR|G_IO_HUP|G_IO_NVAL); - -+ /* This optimization --using the same GPollFD to poll for more -+ * than one poll record-- relies on the poll records being -+ * incrementally sorted. -+ */ - if (lastpollrec && pollrec->fd->fd == lastpollrec->fd->fd) - { - if (n_poll - 1 < n_fds) -@@ -3656,7 +3667,10 @@ g_main_context_query (GMainContext *context, - * the last call to g_main_context_query() - * @n_fds: return value of g_main_context_query() - * -- * Passes the results of polling back to the main loop. -+ * Passes the results of polling back to the main loop. You should be -+ * careful to pass @fds and its length @n_fds as received from -+ * g_main_context_query(), as this functions relies on assumptions -+ * on how @fds is filled. - * - * You must have successfully acquired the context with - * g_main_context_acquire() before you may call this function. -@@ -3711,10 +3725,22 @@ g_main_context_check (GMainContext *context, - return FALSE; - } - -+ /* The linear iteration below relies on the assumption that both -+ * poll records and the fds array are incrementally sorted by file -+ * descriptor identifier. -+ */ - pollrec = context->poll_records; - i = 0; - while (pollrec && i < n_fds) - { -+ /* Make sure that fds is sorted by file descriptor identifier. */ -+ g_assert (i <= 0 || fds[i - 1].fd < fds[i].fd); -+ -+ /* Skip until finding the first GPollRec matching the current GPollFD. */ -+ while (pollrec && pollrec->fd->fd != fds[i].fd) -+ pollrec = pollrec->next; -+ -+ /* Update all consecutive GPollRecs that match. */ - while (pollrec && pollrec->fd->fd == fds[i].fd) - { - if (pollrec->priority <= max_priority) -@@ -3725,6 +3751,7 @@ g_main_context_check (GMainContext *context, - pollrec = pollrec->next; - } - -+ /* Iterate to next GPollFD. */ - i++; - } - -@@ -4320,6 +4347,7 @@ g_main_context_add_poll_unlocked (GMainContext *context, - newrec->fd = fd; - newrec->priority = priority; - -+ /* Poll records are incrementally sorted by file descriptor identifier. */ - prevrec = NULL; - nextrec = context->poll_records; - while (nextrec) -diff --git a/glib/tests/mainloop.c b/glib/tests/mainloop.c -index f5d672a63..397921f2d 100644 ---- a/glib/tests/mainloop.c -+++ b/glib/tests/mainloop.c -@@ -1511,6 +1511,62 @@ test_unix_file_poll (void) - close (fd); - } - -+static void -+test_unix_fd_priority (void) -+{ -+ gint fd1, fd2; -+ GMainLoop *loop; -+ GSource *source; -+ -+ gint s1 = 0; -+ gboolean s2 = FALSE, s3 = FALSE; -+ -+ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/1592"); -+ -+ loop = g_main_loop_new (NULL, FALSE); -+ -+ source = g_idle_source_new (); -+ g_source_set_callback (source, count_calls, &s1, NULL); -+ g_source_set_priority (source, 0); -+ g_source_attach (source, NULL); -+ g_source_unref (source); -+ -+ fd1 = open ("/dev/random", O_RDONLY); -+ g_assert_cmpint (fd1, >=, 0); -+ source = g_unix_fd_source_new (fd1, G_IO_IN); -+ g_source_set_callback (source, (GSourceFunc) (void (*)(void)) (flag_bool), &s2, NULL); -+ g_source_set_priority (source, 10); -+ g_source_attach (source, NULL); -+ g_source_unref (source); -+ -+ fd2 = open ("/dev/random", O_RDONLY); -+ g_assert_cmpint (fd2, >=, 0); -+ source = g_unix_fd_source_new (fd2, G_IO_IN); -+ g_source_set_callback (source, (GSourceFunc) (void (*)(void)) (flag_bool), &s3, NULL); -+ g_source_set_priority (source, 0); -+ g_source_attach (source, NULL); -+ g_source_unref (source); -+ -+ /* This tests a bug that depends on the source with the lowest FD -+ identifier to have the lowest priority. Make sure that this is -+ the case. */ -+ g_assert_cmpint (fd1, <, fd2); -+ -+ g_assert_true (g_main_context_iteration (NULL, FALSE)); -+ -+ /* Idle source should have been dispatched. */ -+ g_assert_cmpint (s1, ==, 1); -+ /* Low priority FD source shouldn't have been dispatched. */ -+ g_assert_false (s2); -+ /* Default priority FD source should have been dispatched. */ -+ g_assert_true (s3); -+ -+ g_main_loop_unref (loop); -+ -+ close (fd1); -+ close (fd2); -+} -+ - #endif - - static gboolean -@@ -1751,6 +1807,7 @@ main (int argc, char *argv[]) - g_test_add_func ("/mainloop/source-unix-fd-api", test_source_unix_fd_api); - g_test_add_func ("/mainloop/wait", test_mainloop_wait); - g_test_add_func ("/mainloop/unix-file-poll", test_unix_file_poll); -+ g_test_add_func ("/mainloop/unix-fd-priority", test_unix_fd_priority); - #endif - g_test_add_func ("/mainloop/nfds", test_nfds); - --- -2.31.1 - diff --git a/SOURCES/0001-gstrfuncs-Add-internal-g_memdup2-function.patch b/SOURCES/0001-gstrfuncs-Add-internal-g_memdup2-function.patch deleted file mode 100644 index 3a6ff17..0000000 --- a/SOURCES/0001-gstrfuncs-Add-internal-g_memdup2-function.patch +++ /dev/null @@ -1,174 +0,0 @@ -From e23bf51c6a898f5c395ffb388a0287575a3017cb Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:30:52 +0000 -Subject: [PATCH 01/12] gstrfuncs: Add internal g_memdup2() function -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This will replace the existing `g_memdup()` function for use within -GLib. It has an unavoidable security flaw of taking its `byte_size` -argument as a `guint` rather than as a `gsize`. Most callers will -expect it to be a `gsize`, and may pass in large values which could -silently be truncated, resulting in an undersize allocation compared -to what the caller expects. - -This could lead to a classic buffer overflow vulnerability for many -callers of `g_memdup()`. - -`g_memdup2()`, in comparison, takes its `byte_size` as a `gsize`. - -Spotted by Kevin Backhouse of GHSL. - -In GLib 2.68, `g_memdup2()` will be a new public API. In this version -for backport to older stable releases, it’s a new `static inline` API -in a private header, so that use of `g_memdup()` within GLib can be -fixed without adding a new API in a stable release series. - -Signed-off-by: Philip Withnall -Helps: GHSL-2021-045 -Helps: #2319 ---- - docs/reference/glib/meson.build | 1 + - glib/gstrfuncsprivate.h | 55 +++++++++++++++++++++++++++++++++ - glib/meson.build | 1 + - glib/tests/strfuncs.c | 23 ++++++++++++++ - 4 files changed, 80 insertions(+) - create mode 100644 glib/gstrfuncsprivate.h - -diff --git a/docs/reference/glib/meson.build b/docs/reference/glib/meson.build -index f0f915e96..1a3680941 100644 ---- a/docs/reference/glib/meson.build -+++ b/docs/reference/glib/meson.build -@@ -20,6 +20,7 @@ if get_option('gtk_doc') - 'gprintfint.h', - 'gmirroringtable.h', - 'gscripttable.h', -+ 'gstrfuncsprivate.h', - 'glib-mirroring-tab', - 'gnulib', - 'pcre', -diff --git a/glib/gstrfuncsprivate.h b/glib/gstrfuncsprivate.h -new file mode 100644 -index 000000000..85c88328a ---- /dev/null -+++ b/glib/gstrfuncsprivate.h -@@ -0,0 +1,55 @@ -+/* GLIB - Library of useful routines for C programming -+ * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, see . -+ */ -+ -+#include -+#include -+ -+/* -+ * g_memdup2: -+ * @mem: (nullable): the memory to copy. -+ * @byte_size: the number of bytes to copy. -+ * -+ * Allocates @byte_size bytes of memory, and copies @byte_size bytes into it -+ * from @mem. If @mem is %NULL it returns %NULL. -+ * -+ * This replaces g_memdup(), which was prone to integer overflows when -+ * converting the argument from a #gsize to a #guint. -+ * -+ * This static inline version is a backport of the new public API from -+ * GLib 2.68, kept internal to GLib for backport to older stable releases. -+ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2319. -+ * -+ * Returns: (nullable): a pointer to the newly-allocated copy of the memory, -+ * or %NULL if @mem is %NULL. -+ * Since: 2.68 -+ */ -+static inline gpointer -+g_memdup2 (gconstpointer mem, -+ gsize byte_size) -+{ -+ gpointer new_mem; -+ -+ if (mem && byte_size != 0) -+ { -+ new_mem = g_malloc (byte_size); -+ memcpy (new_mem, mem, byte_size); -+ } -+ else -+ new_mem = NULL; -+ -+ return new_mem; -+} -diff --git a/glib/meson.build b/glib/meson.build -index a2f9da81c..481fd06ff 100644 ---- a/glib/meson.build -+++ b/glib/meson.build -@@ -167,6 +167,7 @@ glib_sources = files( - 'gslist.c', - 'gstdio.c', - 'gstrfuncs.c', -+ 'gstrfuncsprivate.h', - 'gstring.c', - 'gstringchunk.c', - 'gtestutils.c', -diff --git a/glib/tests/strfuncs.c b/glib/tests/strfuncs.c -index 7e031bdb1..2aa252946 100644 ---- a/glib/tests/strfuncs.c -+++ b/glib/tests/strfuncs.c -@@ -32,6 +32,8 @@ - #include - #include "glib.h" - -+#include "gstrfuncsprivate.h" -+ - #if defined (_MSC_VER) && (_MSC_VER <= 1800) - #define isnan(x) _isnan(x) - -@@ -199,6 +201,26 @@ test_is_to_digit (void) - #undef TEST_DIGIT - } - -+/* Testing g_memdup2() function with various positive and negative cases */ -+static void -+test_memdup2 (void) -+{ -+ gchar *str_dup = NULL; -+ const gchar *str = "The quick brown fox jumps over the lazy dog"; -+ -+ /* Testing negative cases */ -+ g_assert_null (g_memdup2 (NULL, 1024)); -+ g_assert_null (g_memdup2 (str, 0)); -+ g_assert_null (g_memdup2 (NULL, 0)); -+ -+ /* Testing normal usage cases */ -+ str_dup = g_memdup2 (str, strlen (str) + 1); -+ g_assert_nonnull (str_dup); -+ g_assert_cmpstr (str, ==, str_dup); -+ -+ g_free (str_dup); -+} -+ - static void - test_strdup (void) - { -@@ -1726,6 +1748,7 @@ main (int argc, - g_test_init (&argc, &argv, NULL); - - g_test_add_func ("/strfuncs/test-is-to-digit", test_is_to_digit); -+ g_test_add_func ("/strfuncs/memdup2", test_memdup2); - g_test_add_func ("/strfuncs/strdup", test_strdup); - g_test_add_func ("/strfuncs/strndup", test_strndup); - g_test_add_func ("/strfuncs/strdup-printf", test_strdup_printf); --- -2.31.1 - diff --git a/SOURCES/0001-libcharset-Drop-a-redundant-environment-variable.patch b/SOURCES/0001-libcharset-Drop-a-redundant-environment-variable.patch deleted file mode 100644 index 2d5d1c3..0000000 --- a/SOURCES/0001-libcharset-Drop-a-redundant-environment-variable.patch +++ /dev/null @@ -1,38 +0,0 @@ -From a18f091c6c090b93cd816f8cd5be763b6e238632 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Fri, 7 Feb 2020 17:10:23 +0000 -Subject: [PATCH] libcharset: Drop a redundant environment variable - -It was used for running tests when we built with autotools, but is no -longer used in the Meson build system. If we need something similar in -future, it should be done by adding internal API to override the -directory on a per-call basis, rather than loading a path from a shared -global table every time. - -Signed-off-by: Philip Withnall - -Helps: #1919 ---- - glib/libcharset/localcharset.c | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/glib/libcharset/localcharset.c b/glib/libcharset/localcharset.c -index 0c4d544be..ab3a2678d 100644 ---- a/glib/libcharset/localcharset.c -+++ b/glib/libcharset/localcharset.c -@@ -117,11 +117,7 @@ _g_locale_get_charset_aliases (void) - const char *base = "charset.alias"; - char *file_name; - -- /* Make it possible to override the charset.alias location. This is -- necessary for running the testsuite before "make install". */ -- dir = getenv ("CHARSETALIASDIR"); -- if (dir == NULL || dir[0] == '\0') -- dir = relocate (GLIB_CHARSETALIAS_DIR); -+ dir = relocate (GLIB_CHARSETALIAS_DIR); - - /* Concatenate dir and base into freshly allocated file_name. */ - { --- -2.31.1 - diff --git a/SOURCES/0001-spawn-add-shebang-line-to-script.patch b/SOURCES/0001-spawn-add-shebang-line-to-script.patch deleted file mode 100644 index 1352561..0000000 --- a/SOURCES/0001-spawn-add-shebang-line-to-script.patch +++ /dev/null @@ -1,21 +0,0 @@ -From 521f9605e0ab019ec9a493153ca0c8fe4267d665 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Mon, 17 Dec 2018 15:46:10 -0500 -Subject: [PATCH] spawn: add shebang line to script - -downstream tools get confused when the script is missing a shebang -line, and having a shebang line doesn't hurt, so add one. ---- - glib/tests/echo-script | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/glib/tests/echo-script b/glib/tests/echo-script -index c732ed910..b609f2d39 100755 ---- a/glib/tests/echo-script -+++ b/glib/tests/echo-script -@@ -1 +1,2 @@ -+#!/bin/sh - echo "echo" --- -2.20.0 - diff --git a/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch b/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch deleted file mode 100644 index 9107242..0000000 --- a/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 85c4031696add9797e2334ced20678edcd96c869 Mon Sep 17 00:00:00 2001 -From: Mart Raudsepp -Date: Wed, 19 Dec 2018 16:22:21 +0200 -Subject: [PATCH 1/2] tests: Allocate gvariant data from the heap to guarantee - alignment - -On glib-2-58 branch we don't have !455, thus we need aligned data -for the gvariant tests to not fail on i686. - -Fixes #1626 ---- - glib/tests/gvariant.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c -index 6e417f6c1..a7b19826d 100644 ---- a/glib/tests/gvariant.c -+++ b/glib/tests/gvariant.c -@@ -4664,6 +4664,7 @@ test_stack_dict_init (void) - static void - test_normal_checking_tuples (void) - { -+ gpointer aligned_data; - const guint8 data[] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, - 'a', '(', 'a', 'o', 'a', 'o', 'a', 'a', 'o', 'a', 'a', 'o', ')' -@@ -4672,13 +4673,15 @@ test_normal_checking_tuples (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, -+ aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); - - normal_variant = g_variant_get_normal_form (variant); - g_assert_nonnull (normal_variant); - -+ g_free (aligned_data); - g_variant_unref (normal_variant); - g_variant_unref (variant); - } -@@ -4790,6 +4793,7 @@ test_recursion_limits_array_in_variant (void) - static void - test_normal_checking_array_offsets (void) - { -+ gpointer aligned_data; - const guint8 data[] = { - 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, 0x00, 0x00, - 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'g', -@@ -4798,13 +4802,15 @@ test_normal_checking_array_offsets (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, -+ aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); - - normal_variant = g_variant_get_normal_form (variant); - g_assert_nonnull (normal_variant); - -+ g_free (aligned_data); - g_variant_unref (normal_variant); - g_variant_unref (variant); - } -@@ -4838,6 +4844,7 @@ test_normal_checking_tuple_offsets (void) - static void - test_normal_checking_empty_object_path (void) - { -+ gpointer aligned_data; - const guint8 data[] = { - 0x20, 0x20, 0x00, 0x00, 0x00, 0x00, - '(', 'h', '(', 'a', 'i', 'a', 'b', 'i', 'o', ')', ')', -@@ -4846,13 +4853,15 @@ test_normal_checking_empty_object_path (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, -+ aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); - - normal_variant = g_variant_get_normal_form (variant); - g_assert_nonnull (normal_variant); - -+ g_free (aligned_data); - g_variant_unref (normal_variant); - g_variant_unref (variant); - } --- -2.19.1 - diff --git a/SOURCES/0002-GMainContext-Fix-GSource-iterator-if-iteration-can-m.patch b/SOURCES/0002-GMainContext-Fix-GSource-iterator-if-iteration-can-m.patch deleted file mode 100644 index b5c4191..0000000 --- a/SOURCES/0002-GMainContext-Fix-GSource-iterator-if-iteration-can-m.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 323d0c7658a9a44efc327840c0667044a4b98f89 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Mon, 3 Feb 2020 15:38:28 +0200 -Subject: [PATCH 2/5] GMainContext - Fix GSource iterator if iteration can - modify the list - -We first have to ref the next source and then unref the previous one. -This might be the last reference to the previous source, and freeing the -previous source might unref and free the next one which would then leave -use with a dangling pointer here. - -Fixes https://gitlab.gnome.org/GNOME/glib/issues/2031 ---- - glib/gmain.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index 5b91c3117..a3ea1d36c 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -965,13 +965,17 @@ g_source_iter_next (GSourceIter *iter, GSource **source) - * GSourceList to be removed from source_lists (if iter->source is - * the only source in its list, and it is destroyed), so we have to - * keep it reffed until after we advance iter->current_list, above. -+ * -+ * Also we first have to ref the next source before unreffing the -+ * previous one as unreffing the previous source can potentially -+ * free the next one. - */ -+ if (next_source && iter->may_modify) -+ g_source_ref (next_source); - - if (iter->source && iter->may_modify) - g_source_unref_internal (iter->source, iter->context, TRUE); - iter->source = next_source; -- if (iter->source && iter->may_modify) -- g_source_ref (iter->source); - - *source = iter->source; - return *source != NULL; --- -2.31.1 - diff --git a/SOURCES/0002-gio-Use-g_memdup2-instead-of-g_memdup-in-obvious-pla.patch b/SOURCES/0002-gio-Use-g_memdup2-instead-of-g_memdup-in-obvious-pla.patch deleted file mode 100644 index 2d14f95..0000000 --- a/SOURCES/0002-gio-Use-g_memdup2-instead-of-g_memdup-in-obvious-pla.patch +++ /dev/null @@ -1,262 +0,0 @@ -From d27057acbb26f5b3400677e22a7801bb60a9a134 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:37:56 +0000 -Subject: [PATCH 02/12] gio: Use g_memdup2() instead of g_memdup() in obvious - places -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Convert all the call sites which use `g_memdup()`’s length argument -trivially (for example, by passing a `sizeof()`), so that they use -`g_memdup2()` instead. - -In almost all of these cases the use of `g_memdup()` would not have -caused problems, but it will soon be deprecated, so best port away from -it. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gdbusconnection.c | 5 +++-- - gio/gdbusinterfaceskeleton.c | 3 ++- - gio/gfile.c | 7 ++++--- - gio/gsettingsschema.c | 5 +++-- - gio/gwin32registrykey.c | 8 +++++--- - gio/tests/async-close-output-stream.c | 6 ++++-- - gio/tests/gdbus-export.c | 5 +++-- - gio/win32/gwinhttpfile.c | 9 +++++---- - 8 files changed, 29 insertions(+), 19 deletions(-) - -diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c -index 6f7e5fefc..117c8df35 100644 ---- a/gio/gdbusconnection.c -+++ b/gio/gdbusconnection.c -@@ -119,6 +119,7 @@ - #include "gasyncinitable.h" - #include "giostream.h" - #include "gasyncresult.h" -+#include "gstrfuncsprivate.h" - #include "gtask.h" - - #ifdef G_OS_UNIX -@@ -3970,7 +3971,7 @@ _g_dbus_interface_vtable_copy (const GDBusInterfaceVTable *vtable) - /* Don't waste memory by copying padding - remember to update this - * when changing struct _GDBusInterfaceVTable in gdbusconnection.h - */ -- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); -+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); - } - - static void -@@ -3987,7 +3988,7 @@ _g_dbus_subtree_vtable_copy (const GDBusSubtreeVTable *vtable) - /* Don't waste memory by copying padding - remember to update this - * when changing struct _GDBusSubtreeVTable in gdbusconnection.h - */ -- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); -+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); - } - - static void -diff --git a/gio/gdbusinterfaceskeleton.c b/gio/gdbusinterfaceskeleton.c -index 96bd520aa..672604c49 100644 ---- a/gio/gdbusinterfaceskeleton.c -+++ b/gio/gdbusinterfaceskeleton.c -@@ -27,6 +27,7 @@ - #include "gdbusprivate.h" - #include "gdbusmethodinvocation.h" - #include "gdbusconnection.h" -+#include "gstrfuncsprivate.h" - #include "gtask.h" - #include "gioerror.h" - -@@ -697,7 +698,7 @@ add_connection_locked (GDBusInterfaceSkeleton *interface_, - * properly before building the hooked_vtable, so we create it - * once at the last minute. - */ -- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); -+ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); - interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call; - } - -diff --git a/gio/gfile.c b/gio/gfile.c -index ff313ebf8..29ebaaa62 100644 ---- a/gio/gfile.c -+++ b/gio/gfile.c -@@ -60,6 +60,7 @@ - #include "gasyncresult.h" - #include "gioerror.h" - #include "glibintl.h" -+#include "gstrfuncsprivate.h" - - - /** -@@ -7734,7 +7735,7 @@ measure_disk_usage_progress (gboolean reporting, - g_main_context_invoke_full (g_task_get_context (task), - g_task_get_priority (task), - measure_disk_usage_invoke_progress, -- g_memdup (&progress, sizeof progress), -+ g_memdup2 (&progress, sizeof progress), - g_free); - } - -@@ -7752,7 +7753,7 @@ measure_disk_usage_thread (GTask *task, - data->progress_callback ? measure_disk_usage_progress : NULL, task, - &result.disk_usage, &result.num_dirs, &result.num_files, - &error)) -- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free); -+ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free); - else - g_task_return_error (task, error); - } -@@ -7776,7 +7777,7 @@ g_file_real_measure_disk_usage_async (GFile *file, - - task = g_task_new (file, cancellable, callback, user_data); - g_task_set_source_tag (task, g_file_real_measure_disk_usage_async); -- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free); -+ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free); - g_task_set_priority (task, io_priority); - - g_task_run_in_thread (task, measure_disk_usage_thread); -diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c -index 17b7e3b01..499944395 100644 ---- a/gio/gsettingsschema.c -+++ b/gio/gsettingsschema.c -@@ -20,6 +20,7 @@ - - #include "gsettingsschema-internal.h" - #include "gsettings.h" -+#include "gstrfuncsprivate.h" - - #include "gvdb/gvdb-reader.h" - #include "strinfo.c" -@@ -1054,9 +1055,9 @@ g_settings_schema_list_children (GSettingsSchema *schema) - - if (g_str_has_suffix (key, "/")) - { -- gint length = strlen (key); -+ gsize length = strlen (key); - -- strv[j] = g_memdup (key, length); -+ strv[j] = g_memdup2 (key, length); - strv[j][length - 1] = '\0'; - j++; - } -diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c -index c19fede4e..619fd48af 100644 ---- a/gio/gwin32registrykey.c -+++ b/gio/gwin32registrykey.c -@@ -28,6 +28,8 @@ - #include - #include - -+#include "gstrfuncsprivate.h" -+ - #ifndef _WDMDDK_ - typedef enum _KEY_INFORMATION_CLASS { - KeyBasicInformation, -@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter) - new_iter->value_name_size = iter->value_name_size; - - if (iter->value_data != NULL) -- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size); -+ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size); - - new_iter->value_data_size = iter->value_data_size; - -@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter) - new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize; - - if (iter->value_data_expanded_u8 != NULL) -- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8, -- iter->value_data_expanded_charsize); -+ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8, -+ iter->value_data_expanded_charsize); - - new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize; - -diff --git a/gio/tests/async-close-output-stream.c b/gio/tests/async-close-output-stream.c -index 5f6620275..d3f97a119 100644 ---- a/gio/tests/async-close-output-stream.c -+++ b/gio/tests/async-close-output-stream.c -@@ -24,6 +24,8 @@ - #include - #include - -+#include "gstrfuncsprivate.h" -+ - #define DATA_TO_WRITE "Hello world\n" - - typedef struct -@@ -147,9 +149,9 @@ prepare_data (SetupData *data, - - data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream)); - -- g_assert_cmpint (data->expected_size, >, 0); -+ g_assert_cmpuint (data->expected_size, >, 0); - -- data->expected_output = g_memdup (written, (guint)data->expected_size); -+ data->expected_output = g_memdup2 (written, data->expected_size); - - /* then recreate the streams and prepare them for the asynchronous close */ - destroy_streams (data); -diff --git a/gio/tests/gdbus-export.c b/gio/tests/gdbus-export.c -index ef0dddeee..a3c842360 100644 ---- a/gio/tests/gdbus-export.c -+++ b/gio/tests/gdbus-export.c -@@ -23,6 +23,7 @@ - #include - - #include "gdbus-tests.h" -+#include "gstrfuncsprivate.h" - - /* all tests rely on a shared mainloop */ - static GMainLoop *loop = NULL; -@@ -652,7 +653,7 @@ subtree_introspect (GDBusConnection *connection, - g_assert_not_reached (); - } - -- return g_memdup (interfaces, 2 * sizeof (void *)); -+ return g_memdup2 (interfaces, 2 * sizeof (void *)); - } - - static const GDBusInterfaceVTable * -@@ -708,7 +709,7 @@ dynamic_subtree_introspect (GDBusConnection *connection, - { - const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL }; - -- return g_memdup (interfaces, 2 * sizeof (void *)); -+ return g_memdup2 (interfaces, 2 * sizeof (void *)); - } - - static const GDBusInterfaceVTable * -diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c -index d5df16d91..f424d21cc 100644 ---- a/gio/win32/gwinhttpfile.c -+++ b/gio/win32/gwinhttpfile.c -@@ -29,6 +29,7 @@ - #include "gio/gfile.h" - #include "gio/gfileattribute.h" - #include "gio/gfileinfo.h" -+#include "gstrfuncsprivate.h" - #include "gwinhttpfile.h" - #include "gwinhttpfileinputstream.h" - #include "gwinhttpfileoutputstream.h" -@@ -393,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file, - child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); - child->vfs = winhttp_file->vfs; - child->url = winhttp_file->url; -- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); -- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); -- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); -- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); -+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); -+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); -+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); -+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); - child->url.lpszUrlPath = wnew_path; - child->url.dwUrlPathLength = wcslen (wnew_path); - child->url.lpszExtraInfo = NULL; --- -2.31.1 - diff --git a/SOURCES/0002-glocalfileoutputstream-Fix-CREATE_REPLACE_DESTINATIO.patch b/SOURCES/0002-glocalfileoutputstream-Fix-CREATE_REPLACE_DESTINATIO.patch deleted file mode 100644 index 7991b20..0000000 --- a/SOURCES/0002-glocalfileoutputstream-Fix-CREATE_REPLACE_DESTINATIO.patch +++ /dev/null @@ -1,278 +0,0 @@ -From 6c10e8ce6905e8fcc3466eb8af707b5d0d3bdb85 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:36:07 +0000 -Subject: [PATCH 2/3] glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION - with symlinks -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking -the destination file and re-creating it from scratch. That did -previously work, but in the process the code would call `open(O_CREAT)` -on the file. If the file was a dangling symlink, this would create the -destination file (empty). That’s not an intended side-effect, and has -security implications if the symlink is controlled by a lower-privileged -process. - -Fix that by not opening the destination file if it’s a symlink, and -adjusting the rest of the code to cope with - - the fact that `fd == -1` is not an error iff `is_symlink` is true, - - and that `original_stat` will contain the `lstat()` results for the - symlink now, rather than the `stat()` results for its target (again, - iff `is_symlink` is true). - -This means that the target of the dangling symlink is no longer created, -which was the bug. The symlink itself continues to be replaced (as -before) with the new file — this is the intended behaviour of -`g_file_replace()`. - -The behaviour for non-symlink cases, or cases where the symlink was not -dangling, should be unchanged. - -Includes a unit test. - -Signed-off-by: Philip Withnall - -Fixes: #2325 ---- - gio/glocalfileoutputstream.c | 63 ++++++++++++++------- - gio/tests/file.c | 107 ++++++++++++++++++++++++++++++++++- - 2 files changed, 149 insertions(+), 21 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index 6a70b2a04..4a7766f68 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -779,16 +779,22 @@ handle_overwrite_open (const char *filename, - /* Could be a symlink, or it could be a regular ELOOP error, - * but then the next open will fail too. */ - is_symlink = TRUE; -- fd = g_open (filename, open_flags, mode); -+ if (!replace_destination_set) -+ fd = g_open (filename, open_flags, mode); - } --#else -- fd = g_open (filename, open_flags, mode); -- errsv = errno; -+#else /* if !O_NOFOLLOW */ - /* This is racy, but we do it as soon as possible to minimize the race */ - is_symlink = g_file_test (filename, G_FILE_TEST_IS_SYMLINK); -+ -+ if (!is_symlink || !replace_destination_set) -+ { -+ fd = g_open (filename, open_flags, mode); -+ errsv = errno; -+ } - #endif - -- if (fd == -1) -+ if (fd == -1 && -+ (!is_symlink || !replace_destination_set)) - { - char *display_name = g_filename_display_name (filename); - g_set_error (error, G_IO_ERROR, -@@ -800,10 +806,17 @@ handle_overwrite_open (const char *filename, - } - - #ifdef G_OS_WIN32 -- res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat); --#else -- res = fstat (fd, &original_stat); -+#error This patch has not been ported to Windows, sorry - #endif -+ -+ if (!is_symlink) -+ { -+ res = fstat (fd, &original_stat); -+ } -+ else -+ { -+ res = lstat (filename, &original_stat); -+ } - errsv = errno; - - if (res != 0) -@@ -821,16 +834,27 @@ handle_overwrite_open (const char *filename, - if (!S_ISREG (original_stat.st_mode)) - { - if (S_ISDIR (original_stat.st_mode)) -- g_set_error_literal (error, -- G_IO_ERROR, -- G_IO_ERROR_IS_DIRECTORY, -- _("Target file is a directory")); -- else -- g_set_error_literal (error, -- G_IO_ERROR, -- G_IO_ERROR_NOT_REGULAR_FILE, -- _("Target file is not a regular file")); -- goto err_out; -+ { -+ g_set_error_literal (error, -+ G_IO_ERROR, -+ G_IO_ERROR_IS_DIRECTORY, -+ _("Target file is a directory")); -+ goto err_out; -+ } -+ else if (!is_symlink || -+#ifdef S_ISLNK -+ !S_ISLNK (original_stat.st_mode) -+#else -+ FALSE -+#endif -+ ) -+ { -+ g_set_error_literal (error, -+ G_IO_ERROR, -+ G_IO_ERROR_NOT_REGULAR_FILE, -+ _("Target file is not a regular file")); -+ goto err_out; -+ } - } - - if (etag != NULL) -@@ -911,7 +935,8 @@ handle_overwrite_open (const char *filename, - } - } - -- g_close (fd, NULL); -+ if (fd >= 0) -+ g_close (fd, NULL); - *temp_filename = tmp_filename; - return tmpfd; - } -diff --git a/gio/tests/file.c b/gio/tests/file.c -index 98eeb85d4..44db6e295 100644 ---- a/gio/tests/file.c -+++ b/gio/tests/file.c -@@ -671,8 +671,6 @@ test_replace_cancel (void) - guint count; - GError *error = NULL; - -- g_test_bug ("629301"); -- - path = g_dir_make_tmp ("g_file_replace_cancel_XXXXXX", &error); - g_assert_no_error (error); - tmpdir = g_file_new_for_path (path); -@@ -779,6 +777,110 @@ test_replace_cancel (void) - g_object_unref (tmpdir); - } - -+static void -+test_replace_symlink (void) -+{ -+#ifdef G_OS_UNIX -+ gchar *tmpdir_path = NULL; -+ GFile *tmpdir = NULL, *source_file = NULL, *target_file = NULL; -+ GFileOutputStream *stream = NULL; -+ const gchar *new_contents = "this is a test message which should be written to source and not target"; -+ gsize n_written; -+ GFileEnumerator *enumerator = NULL; -+ GFileInfo *info = NULL; -+ gchar *contents = NULL; -+ gsize length = 0; -+ GError *local_error = NULL; -+ -+ /* Create a fresh, empty working directory. */ -+ tmpdir_path = g_dir_make_tmp ("g_file_replace_symlink_XXXXXX", &local_error); -+ g_assert_no_error (local_error); -+ tmpdir = g_file_new_for_path (tmpdir_path); -+ -+ g_test_message ("Using temporary directory %s", tmpdir_path); -+ g_free (tmpdir_path); -+ -+ /* Create symlink `source` which points to `target`. */ -+ source_file = g_file_get_child (tmpdir, "source"); -+ target_file = g_file_get_child (tmpdir, "target"); -+ g_file_make_symbolic_link (source_file, "target", NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ /* Ensure that `target` doesn’t exist */ -+ g_assert_false (g_file_query_exists (target_file, NULL)); -+ -+ /* Replace the `source` symlink with a regular file using -+ * %G_FILE_CREATE_REPLACE_DESTINATION, which should replace it *without* -+ * following the symlink */ -+ stream = g_file_replace (source_file, NULL, FALSE /* no backup */, -+ G_FILE_CREATE_REPLACE_DESTINATION, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_output_stream_write_all (G_OUTPUT_STREAM (stream), new_contents, strlen (new_contents), -+ &n_written, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_cmpint (n_written, ==, strlen (new_contents)); -+ -+ g_output_stream_close (G_OUTPUT_STREAM (stream), NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_clear_object (&stream); -+ -+ /* At this point, there should still only be one file: `source`. It should -+ * now be a regular file. `target` should not exist. */ -+ enumerator = g_file_enumerate_children (tmpdir, -+ G_FILE_ATTRIBUTE_STANDARD_NAME "," -+ G_FILE_ATTRIBUTE_STANDARD_TYPE, -+ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_nonnull (info); -+ -+ g_assert_cmpstr (g_file_info_get_name (info), ==, "source"); -+ g_assert_cmpint (g_file_info_get_file_type (info), ==, G_FILE_TYPE_REGULAR); -+ -+ g_clear_object (&info); -+ -+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_null (info); -+ -+ g_file_enumerator_close (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_clear_object (&enumerator); -+ -+ /* Double-check that `target` doesn’t exist */ -+ g_assert_false (g_file_query_exists (target_file, NULL)); -+ -+ /* Check the content of `source`. */ -+ g_file_load_contents (source_file, -+ NULL, -+ &contents, -+ &length, -+ NULL, -+ &local_error); -+ g_assert_no_error (local_error); -+ g_assert_cmpstr (contents, ==, new_contents); -+ g_assert_cmpuint (length, ==, strlen (new_contents)); -+ g_free (contents); -+ -+ /* Tidy up. */ -+ g_file_delete (source_file, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_file_delete (tmpdir, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_clear_object (&target_file); -+ g_clear_object (&source_file); -+ g_clear_object (&tmpdir); -+#else /* if !G_OS_UNIX */ -+ g_test_skip ("Symlink replacement tests can only be run on Unix") -+#endif -+} -+ - static void - on_file_deleted (GObject *object, - GAsyncResult *result, -@@ -1170,6 +1272,7 @@ main (int argc, char *argv[]) - g_test_add_data_func ("/file/async-create-delete/4096", GINT_TO_POINTER (4096), test_create_delete); - g_test_add_func ("/file/replace-load", test_replace_load); - g_test_add_func ("/file/replace-cancel", test_replace_cancel); -+ g_test_add_func ("/file/replace-symlink", test_replace_symlink); - g_test_add_func ("/file/async-delete", test_async_delete); - #ifdef G_OS_UNIX - g_test_add_func ("/file/copy-preserve-mode", test_copy_preserve_mode); --- -2.31.1 - diff --git a/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch b/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch deleted file mode 100644 index 6699c59..0000000 --- a/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 4ef58e5661849317a1110c9b93957f2c608677dd Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Thu, 3 Jan 2019 08:21:40 +0000 -Subject: [PATCH 2/2] gvariant test: Also force alignment for tuple test data - -glib!552 (commit 9eed22b3) fixed this for the tests that failed on i686, -but this additional test failed on Debian's s390x port -(IBM z/Architecture, 64-bit big-endian). - -Signed-off-by: Simon McVittie ---- - glib/tests/gvariant.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c -index a7b19826d..c4a996c1f 100644 ---- a/glib/tests/gvariant.c -+++ b/glib/tests/gvariant.c -@@ -4820,6 +4820,7 @@ test_normal_checking_array_offsets (void) - static void - test_normal_checking_tuple_offsets (void) - { -+ gpointer aligned_data; - const guint8 data[] = { - 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, - '(', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', ')', -@@ -4828,13 +4829,15 @@ test_normal_checking_tuple_offsets (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, -- FALSE, NULL, NULL); -+ aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, -+ size, FALSE, NULL, NULL); - g_assert_nonnull (variant); - - normal_variant = g_variant_get_normal_form (variant); - g_assert_nonnull (normal_variant); - -+ g_free (aligned_data); - g_variant_unref (normal_variant); - g_variant_unref (variant); - } --- -2.19.1 - diff --git a/SOURCES/0003-GMainContext-Fix-memory-leaks-and-memory-corruption-.patch b/SOURCES/0003-GMainContext-Fix-memory-leaks-and-memory-corruption-.patch deleted file mode 100644 index e02888e..0000000 --- a/SOURCES/0003-GMainContext-Fix-memory-leaks-and-memory-corruption-.patch +++ /dev/null @@ -1,109 +0,0 @@ -From fc051ec83d8894dd754bf364562ba9be9ff999fc Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Mon, 3 Feb 2020 15:35:51 +0200 -Subject: [PATCH 3/5] GMainContext - Fix memory leaks and memory corruption - when freeing sources while freeing a context - -Instead of destroying sources directly while freeing the context, and -potentially freeing them if this was the last reference to them, collect -new references of all sources in a separate list before and at the same -time invalidate their context so that they can't access it anymore. Only -once all sources have their context invalidated, destroy them while -still keeping a reference to them. Once all sources are destroyed we get -rid of the additional references and free them if nothing else keeps a -reference to them anymore. - -This fixes a regression introduced by 26056558be in 2012. - -The previous code that invalidated the context of each source and then -destroyed it before going to the next source without keeping an -additional reference caused memory leaks or memory corruption depending -on the order of the sources in the sources lists. - -If a source was destroyed it might happen that this was the last -reference to this source, and it would then be freed. This would cause -the finalize function to be called, which might destroy and unref -another source and potentially free it. This other source would then -either -- go through the normal free logic and change the intern linked list - between the sources, while other sources that are unreffed as part of - the main context freeing would not. As such the list would be in an - inconsistent state and we might dereference freed memory. -- go through the normal destroy and free logic but because the context - pointer was already invalidated it would simply mark the source as - destroyed without actually removing it from the context. This would - then cause a memory leak because the reference owned by the context is - not freed. - -Fixes https://github.com/gtk-rs/glib/issues/583 while still keeping -https://bugzilla.gnome.org/show_bug.cgi?id=661767 fixes. ---- - glib/gmain.c | 35 ++++++++++++++++++++++++++++++++++- - 1 file changed, 34 insertions(+), 1 deletion(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index a3ea1d36c..1c249ad02 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -534,6 +534,7 @@ g_main_context_unref (GMainContext *context) - GSourceIter iter; - GSource *source; - GList *sl_iter; -+ GSList *s_iter, *remaining_sources = NULL; - GSourceList *list; - guint i; - -@@ -553,10 +554,30 @@ g_main_context_unref (GMainContext *context) - - /* g_source_iter_next() assumes the context is locked. */ - LOCK_CONTEXT (context); -- g_source_iter_init (&iter, context, TRUE); -+ -+ /* First collect all remaining sources from the sources lists and store a -+ * new reference in a separate list. Also set the context of the sources -+ * to NULL so that they can't access a partially destroyed context anymore. -+ * -+ * We have to do this first so that we have a strong reference to all -+ * sources and destroying them below does not also free them, and so that -+ * none of the sources can access the context from their finalize/dispose -+ * functions. */ -+ g_source_iter_init (&iter, context, FALSE); - while (g_source_iter_next (&iter, &source)) - { - source->context = NULL; -+ remaining_sources = g_slist_prepend (remaining_sources, g_source_ref (source)); -+ } -+ g_source_iter_clear (&iter); -+ -+ /* Next destroy all sources. As we still hold a reference to all of them, -+ * this won't cause any of them to be freed yet and especially prevents any -+ * source that unrefs another source from its finalize function to be freed. -+ */ -+ for (s_iter = remaining_sources; s_iter; s_iter = s_iter->next) -+ { -+ source = s_iter->data; - g_source_destroy_internal (source, context, TRUE); - } - UNLOCK_CONTEXT (context); -@@ -581,6 +602,18 @@ g_main_context_unref (GMainContext *context) - g_cond_clear (&context->cond); - - g_free (context); -+ -+ /* And now finally get rid of our references to the sources. This will cause -+ * them to be freed unless something else still has a reference to them. Due -+ * to setting the context pointers in the sources to NULL above, this won't -+ * ever access the context or the internal linked list inside the GSource. -+ * We already removed the sources completely from the context above. */ -+ for (s_iter = remaining_sources; s_iter; s_iter = s_iter->next) -+ { -+ source = s_iter->data; -+ g_source_unref_internal (source, NULL, FALSE); -+ } -+ g_slist_free (remaining_sources); - } - - /* Helper function used by mainloop/overflow test. --- -2.31.1 - diff --git a/SOURCES/0003-glocalfileoutputstream-Add-a-missing-O_CLOEXEC-flag-.patch b/SOURCES/0003-glocalfileoutputstream-Add-a-missing-O_CLOEXEC-flag-.patch deleted file mode 100644 index d2227a6..0000000 --- a/SOURCES/0003-glocalfileoutputstream-Add-a-missing-O_CLOEXEC-flag-.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 7f0b0d7fd744ad2f51236444005db49c80a0293d Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:42:24 +0000 -Subject: [PATCH 3/3] glocalfileoutputstream: Add a missing O_CLOEXEC flag to - replace() - -Signed-off-by: Philip Withnall ---- - gio/glocalfileoutputstream.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index 4a7766f68..275770fa4 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -56,6 +56,12 @@ - #define O_BINARY 0 - #endif - -+#ifndef O_CLOEXEC -+#define O_CLOEXEC 0 -+#else -+#define HAVE_O_CLOEXEC 1 -+#endif -+ - struct _GLocalFileOutputStreamPrivate { - char *tmp_filename; - char *original_filename; -@@ -1127,7 +1133,7 @@ _g_local_file_output_stream_replace (const char *filename, - sync_on_close = FALSE; - - /* If the file doesn't exist, create it */ -- open_flags = O_CREAT | O_EXCL | O_BINARY; -+ open_flags = O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC; - if (readable) - open_flags |= O_RDWR; - else -@@ -1157,8 +1163,11 @@ _g_local_file_output_stream_replace (const char *filename, - set_error_from_open_errno (filename, error); - return NULL; - } -- -- -+#if !defined(HAVE_O_CLOEXEC) && defined(F_SETFD) -+ else -+ fcntl (fd, F_SETFD, FD_CLOEXEC); -+#endif -+ - stream = g_object_new (G_TYPE_LOCAL_FILE_OUTPUT_STREAM, NULL); - stream->priv->fd = fd; - stream->priv->sync_on_close = sync_on_close; --- -2.31.1 - diff --git a/SOURCES/0003-gobject-Use-g_memdup2-instead-of-g_memdup-in-obvious.patch b/SOURCES/0003-gobject-Use-g_memdup2-instead-of-g_memdup-in-obvious.patch deleted file mode 100644 index dd3da75..0000000 --- a/SOURCES/0003-gobject-Use-g_memdup2-instead-of-g_memdup-in-obvious.patch +++ /dev/null @@ -1,136 +0,0 @@ -From 9d84623c724b9599071fb7f12a189746f7b0ff3f Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:39:25 +0000 -Subject: [PATCH 03/12] gobject: Use g_memdup2() instead of g_memdup() in - obvious places -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Convert all the call sites which use `g_memdup()`’s length argument -trivially (for example, by passing a `sizeof()`), so that they use -`g_memdup2()` instead. - -In almost all of these cases the use of `g_memdup()` would not have -caused problems, but it will soon be deprecated, so best port away from -it. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gobject/gsignal.c | 3 ++- - gobject/gtype.c | 9 +++++---- - gobject/gtypemodule.c | 3 ++- - gobject/tests/param.c | 4 +++- - 4 files changed, 12 insertions(+), 7 deletions(-) - -diff --git a/gobject/gsignal.c b/gobject/gsignal.c -index b22dfcca8..92555eb60 100644 ---- a/gobject/gsignal.c -+++ b/gobject/gsignal.c -@@ -28,6 +28,7 @@ - #include - - #include "gsignal.h" -+#include "gstrfuncsprivate.h" - #include "gtype-private.h" - #include "gbsearcharray.h" - #include "gvaluecollector.h" -@@ -1724,7 +1725,7 @@ g_signal_newv (const gchar *signal_name, - node->single_va_closure_is_valid = FALSE; - node->flags = signal_flags & G_SIGNAL_FLAGS_MASK; - node->n_params = n_params; -- node->param_types = g_memdup (param_types, sizeof (GType) * n_params); -+ node->param_types = g_memdup2 (param_types, sizeof (GType) * n_params); - node->return_type = return_type; - node->class_closure_bsa = NULL; - if (accumulator) -diff --git a/gobject/gtype.c b/gobject/gtype.c -index 275a8b60b..9e663ce52 100644 ---- a/gobject/gtype.c -+++ b/gobject/gtype.c -@@ -33,6 +33,7 @@ - - #include "glib-private.h" - #include "gconstructor.h" -+#include "gstrfuncsprivate.h" - - #ifdef G_OS_WIN32 - #include -@@ -1471,7 +1472,7 @@ type_add_interface_Wm (TypeNode *node, - iholder->next = iface_node_get_holders_L (iface); - iface_node_set_holders_W (iface, iholder); - iholder->instance_type = NODE_TYPE (node); -- iholder->info = info ? g_memdup (info, sizeof (*info)) : NULL; -+ iholder->info = info ? g_memdup2 (info, sizeof (*info)) : NULL; - iholder->plugin = plugin; - - /* create an iface entry for this type */ -@@ -1732,7 +1733,7 @@ type_iface_retrieve_holder_info_Wm (TypeNode *iface, - INVALID_RECURSION ("g_type_plugin_*", iholder->plugin, NODE_NAME (iface)); - - check_interface_info_I (iface, instance_type, &tmp_info); -- iholder->info = g_memdup (&tmp_info, sizeof (tmp_info)); -+ iholder->info = g_memdup2 (&tmp_info, sizeof (tmp_info)); - } - - return iholder; /* we don't modify write lock upon returning NULL */ -@@ -2013,10 +2014,10 @@ type_iface_vtable_base_init_Wm (TypeNode *iface, - IFaceEntry *pentry = type_lookup_iface_entry_L (pnode, iface); - - if (pentry) -- vtable = g_memdup (pentry->vtable, iface->data->iface.vtable_size); -+ vtable = g_memdup2 (pentry->vtable, iface->data->iface.vtable_size); - } - if (!vtable) -- vtable = g_memdup (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); -+ vtable = g_memdup2 (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); - entry->vtable = vtable; - vtable->g_type = NODE_TYPE (iface); - vtable->g_instance_type = NODE_TYPE (node); -diff --git a/gobject/gtypemodule.c b/gobject/gtypemodule.c -index c67f789b1..cf877bc0b 100644 ---- a/gobject/gtypemodule.c -+++ b/gobject/gtypemodule.c -@@ -19,6 +19,7 @@ - - #include - -+#include "gstrfuncsprivate.h" - #include "gtypeplugin.h" - #include "gtypemodule.h" - -@@ -436,7 +437,7 @@ g_type_module_register_type (GTypeModule *module, - module_type_info->loaded = TRUE; - module_type_info->info = *type_info; - if (type_info->value_table) -- module_type_info->info.value_table = g_memdup (type_info->value_table, -+ module_type_info->info.value_table = g_memdup2 (type_info->value_table, - sizeof (GTypeValueTable)); - - return module_type_info->type; -diff --git a/gobject/tests/param.c b/gobject/tests/param.c -index 758289bf8..971cff162 100644 ---- a/gobject/tests/param.c -+++ b/gobject/tests/param.c -@@ -2,6 +2,8 @@ - #include - #include - -+#include "gstrfuncsprivate.h" -+ - static void - test_param_value (void) - { -@@ -851,7 +853,7 @@ main (int argc, char *argv[]) - test_path = g_strdup_printf ("/param/implement/subprocess/%d-%d-%d-%d", - data.change_this_flag, data.change_this_type, - data.use_this_flag, data.use_this_type); -- test_data = g_memdup (&data, sizeof (TestParamImplementData)); -+ test_data = g_memdup2 (&data, sizeof (TestParamImplementData)); - g_test_add_data_func_full (test_path, test_data, test_param_implement_child, g_free); - g_free (test_path); - } --- -2.31.1 - diff --git a/SOURCES/0004-GMainContext-Move-mutex-unlocking-in-destructor-righ.patch b/SOURCES/0004-GMainContext-Move-mutex-unlocking-in-destructor-righ.patch deleted file mode 100644 index 068f317..0000000 --- a/SOURCES/0004-GMainContext-Move-mutex-unlocking-in-destructor-righ.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 1d16e92028f235ed9cd786070832d5bd71017661 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Tue, 11 Feb 2020 09:34:38 +0200 -Subject: [PATCH 4/5] GMainContext - Move mutex unlocking in destructor right - before freeing the mutex - -This does not have any behaviour changes but is cleaner. The mutex is -only unlocked now after all operations on the context are done and right -before freeing the mutex and the context itself. ---- - glib/gmain.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index 1c249ad02..44e6ed0c3 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -580,7 +580,6 @@ g_main_context_unref (GMainContext *context) - source = s_iter->data; - g_source_destroy_internal (source, context, TRUE); - } -- UNLOCK_CONTEXT (context); - - for (sl_iter = context->source_lists; sl_iter; sl_iter = sl_iter->next) - { -@@ -591,6 +590,7 @@ g_main_context_unref (GMainContext *context) - - g_hash_table_destroy (context->sources); - -+ UNLOCK_CONTEXT (context); - g_mutex_clear (&context->mutex); - - g_ptr_array_free (context->pending_dispatches, TRUE); --- -2.31.1 - diff --git a/SOURCES/0004-glib-Use-g_memdup2-instead-of-g_memdup-in-obvious-pl.patch b/SOURCES/0004-glib-Use-g_memdup2-instead-of-g_memdup-in-obvious-pl.patch deleted file mode 100644 index b8642d2..0000000 --- a/SOURCES/0004-glib-Use-g_memdup2-instead-of-g_memdup-in-obvious-pl.patch +++ /dev/null @@ -1,284 +0,0 @@ -From 3bfea0105adc5d946a82995ad439d8119b55dae2 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:41:21 +0000 -Subject: [PATCH 04/12] glib: Use g_memdup2() instead of g_memdup() in obvious - places -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Convert all the call sites which use `g_memdup()`’s length argument -trivially (for example, by passing a `sizeof()` or an existing `gsize` -variable), so that they use `g_memdup2()` instead. - -In almost all of these cases the use of `g_memdup()` would not have -caused problems, but it will soon be deprecated, so best port away from -it - -In particular, this fixes an overflow within `g_bytes_new()`, identified -as GHSL-2021-045 by GHSL team member Kevin Backhouse. - -Signed-off-by: Philip Withnall -Fixes: GHSL-2021-045 -Helps: #2319 ---- - glib/gbytes.c | 6 ++++-- - glib/gdir.c | 3 ++- - glib/ghash.c | 1 + - glib/giochannel.c | 1 + - glib/gslice.c | 3 ++- - glib/gtestutils.c | 3 ++- - glib/gvariant.c | 7 ++++--- - glib/gvarianttype.c | 3 ++- - glib/tests/array-test.c | 4 +++- - glib/tests/option-context.c | 6 ++++-- - glib/tests/uri.c | 2 ++ - 11 files changed, 27 insertions(+), 12 deletions(-) - -diff --git a/glib/gbytes.c b/glib/gbytes.c -index 3b14a51cd..5141170d7 100644 ---- a/glib/gbytes.c -+++ b/glib/gbytes.c -@@ -33,6 +33,8 @@ - - #include - -+#include "gstrfuncsprivate.h" -+ - /** - * GBytes: - * -@@ -94,7 +96,7 @@ g_bytes_new (gconstpointer data, - { - g_return_val_if_fail (data != NULL || size == 0, NULL); - -- return g_bytes_new_take (g_memdup (data, size), size); -+ return g_bytes_new_take (g_memdup2 (data, size), size); - } - - /** -@@ -490,7 +492,7 @@ g_bytes_unref_to_data (GBytes *bytes, - * Copy: Non g_malloc (or compatible) allocator, or static memory, - * so we have to copy, and then unref. - */ -- result = g_memdup (bytes->data, bytes->size); -+ result = g_memdup2 (bytes->data, bytes->size); - *size = bytes->size; - g_bytes_unref (bytes); - } -diff --git a/glib/gdir.c b/glib/gdir.c -index cb4ad0b2f..9d955d57f 100644 ---- a/glib/gdir.c -+++ b/glib/gdir.c -@@ -37,6 +37,7 @@ - #include "gconvert.h" - #include "gfileutils.h" - #include "gstrfuncs.h" -+#include "gstrfuncsprivate.h" - #include "gtestutils.h" - #include "glibintl.h" - -@@ -113,7 +114,7 @@ g_dir_open_with_errno (const gchar *path, - return NULL; - #endif - -- return g_memdup (&dir, sizeof dir); -+ return g_memdup2 (&dir, sizeof dir); - } - - /** -diff --git a/glib/ghash.c b/glib/ghash.c -index 6bb04a50d..d475e6d64 100644 ---- a/glib/ghash.c -+++ b/glib/ghash.c -@@ -34,6 +34,7 @@ - - #include "glib-private.h" - #include "gstrfuncs.h" -+#include "gstrfuncsprivate.h" - #include "gatomic.h" - #include "gtestutils.h" - #include "gslice.h" -diff --git a/glib/giochannel.c b/glib/giochannel.c -index f01817a83..ec2cada6f 100644 ---- a/glib/giochannel.c -+++ b/glib/giochannel.c -@@ -37,6 +37,7 @@ - #include "giochannel.h" - - #include "gstrfuncs.h" -+#include "gstrfuncsprivate.h" - #include "gtestutils.h" - #include "glibintl.h" - #include "gunicodeprivate.h" -diff --git a/glib/gslice.c b/glib/gslice.c -index 454c8a602..8e2359515 100644 ---- a/glib/gslice.c -+++ b/glib/gslice.c -@@ -45,6 +45,7 @@ - #include "gmain.h" - #include "gmem.h" /* gslice.h */ - #include "gstrfuncs.h" -+#include "gstrfuncsprivate.h" - #include "gutils.h" - #include "gtrashstack.h" - #include "gtestutils.h" -@@ -352,7 +353,7 @@ g_slice_get_config_state (GSliceConfig ckey, - array[i++] = allocator->contention_counters[address]; - array[i++] = allocator_get_magazine_threshold (allocator, address); - *n_values = i; -- return g_memdup (array, sizeof (array[0]) * *n_values); -+ return g_memdup2 (array, sizeof (array[0]) * *n_values); - default: - return NULL; - } -diff --git a/glib/gtestutils.c b/glib/gtestutils.c -index 0447dcda5..14e071fce 100644 ---- a/glib/gtestutils.c -+++ b/glib/gtestutils.c -@@ -49,6 +49,7 @@ - #include "gpattern.h" - #include "grand.h" - #include "gstrfuncs.h" -+#include "gstrfuncsprivate.h" - #include "gtimer.h" - #include "gslice.h" - #include "gspawn.h" -@@ -3397,7 +3398,7 @@ g_test_log_extract (GTestLogBuffer *tbuffer) - if (p <= tbuffer->data->str + mlength) - { - g_string_erase (tbuffer->data, 0, mlength); -- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg))); -+ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg))); - return TRUE; - } - -diff --git a/glib/gvariant.c b/glib/gvariant.c -index 8be9ce798..45a1a73dc 100644 ---- a/glib/gvariant.c -+++ b/glib/gvariant.c -@@ -33,6 +33,7 @@ - - #include - -+#include "gstrfuncsprivate.h" - - /** - * SECTION:gvariant -@@ -720,7 +721,7 @@ g_variant_new_variant (GVariant *value) - g_variant_ref_sink (value); - - return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT, -- g_memdup (&value, sizeof value), -+ g_memdup2 (&value, sizeof value), - 1, g_variant_is_trusted (value)); - } - -@@ -1224,7 +1225,7 @@ g_variant_new_fixed_array (const GVariantType *element_type, - return NULL; - } - -- data = g_memdup (elements, n_elements * element_size); -+ data = g_memdup2 (elements, n_elements * element_size); - value = g_variant_new_from_data (array_type, data, - n_elements * element_size, - FALSE, g_free, data); -@@ -1901,7 +1902,7 @@ g_variant_dup_bytestring (GVariant *value, - if (length) - *length = size; - -- return g_memdup (original, size + 1); -+ return g_memdup2 (original, size + 1); - } - - /** -diff --git a/glib/gvarianttype.c b/glib/gvarianttype.c -index c8433e65a..dbbf7d2d1 100644 ---- a/glib/gvarianttype.c -+++ b/glib/gvarianttype.c -@@ -28,6 +28,7 @@ - - #include - -+#include "gstrfuncsprivate.h" - - /** - * SECTION:gvarianttype -@@ -1174,7 +1175,7 @@ g_variant_type_new_tuple (const GVariantType * const *items, - g_assert (offset < sizeof buffer); - buffer[offset++] = ')'; - -- return (GVariantType *) g_memdup (buffer, offset); -+ return (GVariantType *) g_memdup2 (buffer, offset); - } - - /** -diff --git a/glib/tests/array-test.c b/glib/tests/array-test.c -index 64b996fb8..f784c06f8 100644 ---- a/glib/tests/array-test.c -+++ b/glib/tests/array-test.c -@@ -30,6 +30,8 @@ - #include - #include "glib.h" - -+#include "gstrfuncsprivate.h" -+ - static void - sum_up (gpointer data, - gpointer user_data) -@@ -913,7 +915,7 @@ byte_array_new_take (void) - GByteArray *gbarray; - guint8 *data; - -- data = g_memdup ("woooweeewow", 11); -+ data = g_memdup2 ("woooweeewow", 11); - gbarray = g_byte_array_new_take (data, 11); - g_assert (gbarray->data == data); - g_assert_cmpuint (gbarray->len, ==, 11); -diff --git a/glib/tests/option-context.c b/glib/tests/option-context.c -index a1e7b051c..be214b312 100644 ---- a/glib/tests/option-context.c -+++ b/glib/tests/option-context.c -@@ -27,6 +27,8 @@ - #include - #include - -+#include "gstrfuncsprivate.h" -+ - static GOptionEntry main_entries[] = { - { "main-switch", 0, 0, - G_OPTION_ARG_NONE, NULL, -@@ -256,7 +258,7 @@ join_stringv (int argc, char **argv) - static char ** - copy_stringv (char **argv, int argc) - { -- return g_memdup (argv, sizeof (char *) * (argc + 1)); -+ return g_memdup2 (argv, sizeof (char *) * (argc + 1)); - } - - static void -@@ -2275,7 +2277,7 @@ test_group_parse (void) - g_option_context_add_group (context, group); - - argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc); -- orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *)); -+ orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *)); - - retval = g_option_context_parse (context, &argc, &argv, &error); - -diff --git a/glib/tests/uri.c b/glib/tests/uri.c -index d292f33bf..77847ae6c 100644 ---- a/glib/tests/uri.c -+++ b/glib/tests/uri.c -@@ -27,6 +27,8 @@ - #include - #include - -+#include "gstrfuncsprivate.h" -+ - typedef struct - { - char *filename; --- -2.31.1 - diff --git a/SOURCES/0005-gmain-Fix-possible-locking-issue-in-source-unref.patch b/SOURCES/0005-gmain-Fix-possible-locking-issue-in-source-unref.patch deleted file mode 100644 index 5851f29..0000000 --- a/SOURCES/0005-gmain-Fix-possible-locking-issue-in-source-unref.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 02ad7294ad5895178df73a6cd8546c6e67097493 Mon Sep 17 00:00:00 2001 -From: Benjamin Berg -Date: Tue, 13 Oct 2020 15:09:43 +0200 -Subject: [PATCH 5/5] gmain: Fix possible locking issue in source unref - -When unref'ing child sources, the lock is already held. But instead of -passing TRUE to g_source_unref_internal it currently passes whether the -lock was already held outside of the current invocation. Just pass TRUE -to fix this possible issue. ---- - glib/gmain.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/glib/gmain.c b/glib/gmain.c -index 44e6ed0c3..95992253d 100644 ---- a/glib/gmain.c -+++ b/glib/gmain.c -@@ -2164,7 +2164,7 @@ g_source_unref_internal (GSource *source, - g_slist_remove (source->priv->child_sources, child_source); - child_source->priv->parent_source = NULL; - -- g_source_unref_internal (child_source, context, have_lock); -+ g_source_unref_internal (child_source, context, TRUE); - } - - g_slice_free (GSourcePrivate, source->priv); --- -2.31.1 - diff --git a/SOURCES/0005-gwinhttpfile-Avoid-arithmetic-overflow-when-calculat.patch b/SOURCES/0005-gwinhttpfile-Avoid-arithmetic-overflow-when-calculat.patch deleted file mode 100644 index 215b091..0000000 --- a/SOURCES/0005-gwinhttpfile-Avoid-arithmetic-overflow-when-calculat.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 14e8a9e9f26d33170ea092cd9eaf63d3d33ec6da Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 16:12:24 +0000 -Subject: [PATCH 05/12] gwinhttpfile: Avoid arithmetic overflow when - calculating a size -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e. -32-bit unsigned integers. Adding to and multiplying them may cause them -to overflow the unsigned integer bounds, even if the result is passed to -`g_memdup2()` which accepts a `gsize`. - -Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the -arithmetic is done in terms of `gsize`s rather than unsigned integers. - -Spotted by Sebastian Dröge. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/win32/gwinhttpfile.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c -index f424d21cc..e98031a98 100644 ---- a/gio/win32/gwinhttpfile.c -+++ b/gio/win32/gwinhttpfile.c -@@ -394,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file, - child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); - child->vfs = winhttp_file->vfs; - child->url = winhttp_file->url; -- child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); -- child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); -- child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); -- child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); -+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, ((gsize) winhttp_file->url.dwSchemeLength + 1) * 2); -+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, ((gsize) winhttp_file->url.dwHostNameLength + 1) * 2); -+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, ((gsize) winhttp_file->url.dwUserNameLength + 1) * 2); -+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, ((gsize) winhttp_file->url.dwPasswordLength + 1) * 2); - child->url.lpszUrlPath = wnew_path; - child->url.dwUrlPathLength = wcslen (wnew_path); - child->url.lpszExtraInfo = NULL; --- -2.31.1 - diff --git a/SOURCES/0006-gdatainputstream-Handle-stop_chars_len-internally-as.patch b/SOURCES/0006-gdatainputstream-Handle-stop_chars_len-internally-as.patch deleted file mode 100644 index 79ef901..0000000 --- a/SOURCES/0006-gdatainputstream-Handle-stop_chars_len-internally-as.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 587a525b7eb44e770857cfd4526ebb49ded4e4c8 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:49:00 +0000 -Subject: [PATCH 06/12] gdatainputstream: Handle stop_chars_len internally as - gsize - -Previously it was handled as a `gssize`, which meant that if the -`stop_chars` string was longer than `G_MAXSSIZE` there would be an -overflow. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gdatainputstream.c | 25 +++++++++++++++++-------- - 1 file changed, 17 insertions(+), 8 deletions(-) - -diff --git a/gio/gdatainputstream.c b/gio/gdatainputstream.c -index 9f207b158..f9891bb09 100644 ---- a/gio/gdatainputstream.c -+++ b/gio/gdatainputstream.c -@@ -27,6 +27,7 @@ - #include "gioenumtypes.h" - #include "gioerror.h" - #include "glibintl.h" -+#include "gstrfuncsprivate.h" - - #include - -@@ -856,7 +857,7 @@ static gssize - scan_for_chars (GDataInputStream *stream, - gsize *checked_out, - const char *stop_chars, -- gssize stop_chars_len) -+ gsize stop_chars_len) - { - GBufferedInputStream *bstream; - const char *buffer; -@@ -952,7 +953,7 @@ typedef struct - gsize checked; - - gchar *stop_chars; -- gssize stop_chars_len; -+ gsize stop_chars_len; - gsize length; - } GDataInputStreamReadData; - -@@ -1078,12 +1079,17 @@ g_data_input_stream_read_async (GDataInputStream *stream, - { - GDataInputStreamReadData *data; - GTask *task; -+ gsize stop_chars_len_unsigned; - - data = g_slice_new0 (GDataInputStreamReadData); -- if (stop_chars_len == -1) -- stop_chars_len = strlen (stop_chars); -- data->stop_chars = g_memdup (stop_chars, stop_chars_len); -- data->stop_chars_len = stop_chars_len; -+ -+ if (stop_chars_len < 0) -+ stop_chars_len_unsigned = strlen (stop_chars); -+ else -+ stop_chars_len_unsigned = (gsize) stop_chars_len; -+ -+ data->stop_chars = g_memdup2 (stop_chars, stop_chars_len_unsigned); -+ data->stop_chars_len = stop_chars_len_unsigned; - data->last_saw_cr = FALSE; - - task = g_task_new (stream, cancellable, callback, user_data); -@@ -1338,17 +1344,20 @@ g_data_input_stream_read_upto (GDataInputStream *stream, - gssize found_pos; - gssize res; - char *data_until; -+ gsize stop_chars_len_unsigned; - - g_return_val_if_fail (G_IS_DATA_INPUT_STREAM (stream), NULL); - - if (stop_chars_len < 0) -- stop_chars_len = strlen (stop_chars); -+ stop_chars_len_unsigned = strlen (stop_chars); -+ else -+ stop_chars_len_unsigned = (gsize) stop_chars_len; - - bstream = G_BUFFERED_INPUT_STREAM (stream); - - checked = 0; - -- while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len)) == -1) -+ while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len_unsigned)) == -1) - { - if (g_buffered_input_stream_get_available (bstream) == - g_buffered_input_stream_get_buffer_size (bstream)) --- -2.31.1 - diff --git a/SOURCES/0007-gwin32-Use-gsize-internally-in-g_wcsdup.patch b/SOURCES/0007-gwin32-Use-gsize-internally-in-g_wcsdup.patch deleted file mode 100644 index ae43683..0000000 --- a/SOURCES/0007-gwin32-Use-gsize-internally-in-g_wcsdup.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 9878d5eaeb18bc05131dee9a316f74e717626018 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:50:37 +0000 -Subject: [PATCH 07/12] gwin32: Use gsize internally in g_wcsdup() -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This allows it to handle strings up to length `G_MAXSIZE` — previously -it would overflow with such strings. - -Update the several copies of it identically. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gwin32registrykey.c | 34 ++++++++++++++++++++++++++-------- - 1 file changed, 26 insertions(+), 8 deletions(-) - -diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c -index 619fd48af..fbd65311a 100644 ---- a/gio/gwin32registrykey.c -+++ b/gio/gwin32registrykey.c -@@ -127,16 +127,34 @@ typedef enum - G_WIN32_REGISTRY_UPDATED_PATH = 1, - } GWin32RegistryKeyUpdateFlag; - -+static gsize -+g_utf16_len (const gunichar2 *str) -+{ -+ gsize result; -+ -+ for (result = 0; str[0] != 0; str++, result++) -+ ; -+ -+ return result; -+} -+ - static gunichar2 * --g_wcsdup (const gunichar2 *str, -- gssize str_size) -+g_wcsdup (const gunichar2 *str, gssize str_len) - { -- if (str_size == -1) -- { -- str_size = wcslen (str) + 1; -- str_size *= sizeof (gunichar2); -- } -- return g_memdup (str, str_size); -+ gsize str_len_unsigned; -+ gsize str_size; -+ -+ g_return_val_if_fail (str != NULL, NULL); -+ -+ if (str_len < 0) -+ str_len_unsigned = g_utf16_len (str); -+ else -+ str_len_unsigned = (gsize) str_len; -+ -+ g_assert (str_len_unsigned <= G_MAXSIZE / sizeof (gunichar2) - 1); -+ str_size = (str_len_unsigned + 1) * sizeof (gunichar2); -+ -+ return g_memdup2 (str, str_size); - } - - /** --- -2.31.1 - diff --git a/SOURCES/0008-gkeyfilesettingsbackend-Handle-long-keys-when-conver.patch b/SOURCES/0008-gkeyfilesettingsbackend-Handle-long-keys-when-conver.patch deleted file mode 100644 index b133f2f..0000000 --- a/SOURCES/0008-gkeyfilesettingsbackend-Handle-long-keys-when-conver.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 34f26a016a55a742615538dfe5392e53b61fc46d Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:58:32 +0000 -Subject: [PATCH 08/12] gkeyfilesettingsbackend: Handle long keys when - converting paths - -Previously, the code in `convert_path()` could not handle keys longer -than `G_MAXINT`, and would overflow if that was exceeded. - -Convert the code to use `gsize` and `g_memdup2()` throughout, and -change from identifying the position of the final slash in the string -using a signed offset `i`, to using a pointer to the character (and -`strrchr()`). This allows the slash to be at any position in a -`G_MAXSIZE`-long string, without sacrificing a bit of the offset for -indicating whether a slash was found. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gkeyfilesettingsbackend.c | 21 ++++++++++----------- - 1 file changed, 10 insertions(+), 11 deletions(-) - -diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c -index f74e3682c..063df1ee7 100644 ---- a/gio/gkeyfilesettingsbackend.c -+++ b/gio/gkeyfilesettingsbackend.c -@@ -33,6 +33,7 @@ - #include "gfilemonitor.h" - #include "gsimplepermission.h" - #include "gsettingsbackendinternal.h" -+#include "gstrfuncsprivate.h" - #include "giomodule-priv.h" - #include "gportalsupport.h" - -@@ -145,8 +146,8 @@ convert_path (GKeyfileSettingsBackend *kfsb, - gchar **group, - gchar **basename) - { -- gint key_len = strlen (key); -- gint i; -+ gsize key_len = strlen (key); -+ const gchar *last_slash; - - if (key_len < kfsb->prefix_len || - memcmp (key, kfsb->prefix, kfsb->prefix_len) != 0) -@@ -155,38 +156,36 @@ convert_path (GKeyfileSettingsBackend *kfsb, - key_len -= kfsb->prefix_len; - key += kfsb->prefix_len; - -- for (i = key_len; i >= 0; i--) -- if (key[i] == '/') -- break; -+ last_slash = strrchr (key, '/'); - - if (kfsb->root_group) - { - /* if a root_group was specified, make sure the user hasn't given - * a path that ghosts that group name - */ -- if (i == kfsb->root_group_len && memcmp (key, kfsb->root_group, i) == 0) -+ if (last_slash != NULL && (last_slash - key) == kfsb->root_group_len && memcmp (key, kfsb->root_group, last_slash - key) == 0) - return FALSE; - } - else - { - /* if no root_group was given, ensure that the user gave a path */ -- if (i == -1) -+ if (last_slash == NULL) - return FALSE; - } - - if (group) - { -- if (i >= 0) -+ if (last_slash != NULL) - { -- *group = g_memdup (key, i + 1); -- (*group)[i] = '\0'; -+ *group = g_memdup2 (key, (last_slash - key) + 1); -+ (*group)[(last_slash - key)] = '\0'; - } - else - *group = g_strdup (kfsb->root_group); - } - - if (basename) -- *basename = g_memdup (key + i + 1, key_len - i); -+ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key)); - - return TRUE; - } --- -2.31.1 - diff --git a/SOURCES/0009-gsocket-Use-gsize-to-track-native-sockaddr-s-size.patch b/SOURCES/0009-gsocket-Use-gsize-to-track-native-sockaddr-s-size.patch deleted file mode 100644 index 382556a..0000000 --- a/SOURCES/0009-gsocket-Use-gsize-to-track-native-sockaddr-s-size.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 4d5c5d6af772f5fe6121eec403305a1b4340327d Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 14:00:53 +0000 -Subject: [PATCH 09/12] =?UTF-8?q?gsocket:=20Use=20gsize=20to=20track=20nat?= - =?UTF-8?q?ive=20sockaddr=E2=80=99s=20size?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Don’t use an `int`, that’s potentially too small. In practical terms, -this is not a problem, since no socket address is going to be that big. - -By making these changes we can use `g_memdup2()` without warnings, -though. Fewer warnings is good. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gsocket.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/gio/gsocket.c b/gio/gsocket.c -index b4a941eb1..7f41ffd3c 100644 ---- a/gio/gsocket.c -+++ b/gio/gsocket.c -@@ -80,6 +80,8 @@ - #include "gwin32networking.h" - #endif - -+#include "gstrfuncsprivate.h" -+ - /** - * SECTION:gsocket - * @short_description: Low-level socket object -@@ -173,7 +175,7 @@ static gboolean g_socket_datagram_based_condition_wait (GDatagramBased - GError **error); - - static GSocketAddress * --cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len); -+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len); - - static gssize - g_socket_receive_message_with_timeout (GSocket *socket, -@@ -270,7 +272,7 @@ struct _GSocketPrivate - struct { - GSocketAddress *addr; - struct sockaddr *native; -- gint native_len; -+ gsize native_len; - guint64 last_used; - } recv_addr_cache[RECV_ADDR_CACHE_SIZE]; - }; -@@ -5018,14 +5020,14 @@ g_socket_send_messages_with_timeout (GSocket *socket, - } - - static GSocketAddress * --cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len) -+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len) - { - GSocketAddress *saddr; - gint i; - guint64 oldest_time = G_MAXUINT64; - gint oldest_index = 0; - -- if (native_len <= 0) -+ if (native_len == 0) - return NULL; - - saddr = NULL; -@@ -5033,7 +5035,7 @@ cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len) - { - GSocketAddress *tmp = socket->priv->recv_addr_cache[i].addr; - gpointer tmp_native = socket->priv->recv_addr_cache[i].native; -- gint tmp_native_len = socket->priv->recv_addr_cache[i].native_len; -+ gsize tmp_native_len = socket->priv->recv_addr_cache[i].native_len; - - if (!tmp) - continue; -@@ -5063,7 +5065,7 @@ cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len) - g_free (socket->priv->recv_addr_cache[oldest_index].native); - } - -- socket->priv->recv_addr_cache[oldest_index].native = g_memdup (native, native_len); -+ socket->priv->recv_addr_cache[oldest_index].native = g_memdup2 (native, native_len); - socket->priv->recv_addr_cache[oldest_index].native_len = native_len; - socket->priv->recv_addr_cache[oldest_index].addr = g_object_ref (saddr); - socket->priv->recv_addr_cache[oldest_index].last_used = g_get_monotonic_time (); -@@ -5213,6 +5215,9 @@ g_socket_receive_message_with_timeout (GSocket *socket, - { - win32_unset_event_mask (socket, FD_READ); - -+ /* addrlen has to be of type int because that’s how WSARecvFrom() is defined */ -+ G_STATIC_ASSERT (sizeof addr <= G_MAXINT); -+ - addrlen = sizeof addr; - if (address) - result = WSARecvFrom (socket->priv->fd, --- -2.31.1 - diff --git a/SOURCES/0010-gtlspassword-Forbid-very-long-TLS-passwords.patch b/SOURCES/0010-gtlspassword-Forbid-very-long-TLS-passwords.patch deleted file mode 100644 index 4a68e7c..0000000 --- a/SOURCES/0010-gtlspassword-Forbid-very-long-TLS-passwords.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 4fd0162b758d97855beed09d81c77cb1a1626bd8 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 14:07:39 +0000 -Subject: [PATCH 10/12] gtlspassword: Forbid very long TLS passwords -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The public API `g_tls_password_set_value_full()` (and the vfunc it -invokes) can only accept a `gssize` length. Ensure that nul-terminated -strings passed to `g_tls_password_set_value()` can’t exceed that length. -Use `g_memdup2()` to avoid an overflow if they’re longer than -`G_MAXUINT` similarly. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - gio/gtlspassword.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c -index 1e437a7b6..dbcec41a8 100644 ---- a/gio/gtlspassword.c -+++ b/gio/gtlspassword.c -@@ -23,6 +23,7 @@ - #include "glibintl.h" - - #include "gioenumtypes.h" -+#include "gstrfuncsprivate.h" - #include "gtlspassword.h" - - #include -@@ -287,9 +288,14 @@ g_tls_password_set_value (GTlsPassword *password, - g_return_if_fail (G_IS_TLS_PASSWORD (password)); - - if (length < 0) -- length = strlen ((gchar *)value); -+ { -+ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ -+ gsize length_unsigned = strlen ((gchar *) value); -+ g_return_if_fail (length_unsigned > G_MAXSSIZE); -+ length = (gssize) length_unsigned; -+ } - -- g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free); -+ g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free); - } - - /** --- -2.31.1 - diff --git a/SOURCES/0011-giochannel-Forbid-very-long-line-terminator-strings.patch b/SOURCES/0011-giochannel-Forbid-very-long-line-terminator-strings.patch deleted file mode 100644 index 1191991..0000000 --- a/SOURCES/0011-giochannel-Forbid-very-long-line-terminator-strings.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 0ae8a90a40335257b4f7e1f44498a8b5d4f48aab Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 14:09:40 +0000 -Subject: [PATCH 11/12] giochannel: Forbid very long line terminator strings -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The public API `GIOChannel.line_term_len` is only a `guint`. Ensure that -nul-terminated strings passed to `g_io_channel_set_line_term()` can’t -exceed that length. Use `g_memdup2()` to avoid a warning (`g_memdup()` -is due to be deprecated), but not to avoid a bug, since it’s also -limited to `G_MAXUINT`. - -Signed-off-by: Philip Withnall -Helps: #2319 ---- - glib/giochannel.c | 17 +++++++++++++---- - 1 file changed, 13 insertions(+), 4 deletions(-) - -diff --git a/glib/giochannel.c b/glib/giochannel.c -index ec2cada6f..908730fab 100644 ---- a/glib/giochannel.c -+++ b/glib/giochannel.c -@@ -885,16 +885,25 @@ g_io_channel_set_line_term (GIOChannel *channel, - const gchar *line_term, - gint length) - { -+ guint length_unsigned; -+ - g_return_if_fail (channel != NULL); - g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ - - if (line_term == NULL) -- length = 0; -- else if (length < 0) -- length = strlen (line_term); -+ length_unsigned = 0; -+ else if (length >= 0) -+ length_unsigned = (guint) length; -+ else -+ { -+ /* FIXME: We’re constrained by line_term_len being a guint here */ -+ gsize length_size = strlen (line_term); -+ g_return_if_fail (length_size > G_MAXUINT); -+ length_unsigned = (guint) length_size; -+ } - - g_free (channel->line_term); -- channel->line_term = line_term ? g_memdup (line_term, length) : NULL; -+ channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; - channel->line_term_len = length; - } - --- -2.31.1 - diff --git a/SOURCES/0012-Use-more-g_memdup2.patch b/SOURCES/0012-Use-more-g_memdup2.patch deleted file mode 100644 index 1d7de72..0000000 --- a/SOURCES/0012-Use-more-g_memdup2.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 672c3963974bef02740dc3d4ac657876583b170d Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Wed, 31 Mar 2021 10:00:46 -0500 -Subject: [PATCH 12/12] Use more g_memdup2 - -This completes the removal of g_memdup() usage for GLib 2.56. ---- - gio/gwin32appinfo.c | 3 ++- - glib/ghash.c | 2 +- - glib/tests/gvariant.c | 9 +++++---- - 3 files changed, 8 insertions(+), 6 deletions(-) - -diff --git a/gio/gwin32appinfo.c b/gio/gwin32appinfo.c -index 499bbb351..749b282dc 100644 ---- a/gio/gwin32appinfo.c -+++ b/gio/gwin32appinfo.c -@@ -32,6 +32,7 @@ - #include - #include "glibintl.h" - #include -+#include "gstrfuncsprivate.h" - - #include - -@@ -472,7 +473,7 @@ g_wcsdup (const gunichar2 *str, gssize str_size) - str_size = wcslen (str) + 1; - str_size *= sizeof (gunichar2); - } -- return g_memdup (str, str_size); -+ return g_memdup2 (str, str_size); - } - - #define URL_ASSOCIATIONS L"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\" -diff --git a/glib/ghash.c b/glib/ghash.c -index d475e6d64..608d136f4 100644 ---- a/glib/ghash.c -+++ b/glib/ghash.c -@@ -968,7 +968,7 @@ g_hash_table_insert_node (GHashTable *hash_table, - * split the table. - */ - if (G_UNLIKELY (hash_table->keys == hash_table->values && hash_table->keys[node_index] != new_value)) -- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); -+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); - - /* Step 3: Actually do the write */ - hash_table->values[node_index] = new_value; -diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c -index c4a996c1f..5903b69bc 100644 ---- a/glib/tests/gvariant.c -+++ b/glib/tests/gvariant.c -@@ -14,6 +14,7 @@ - #include "config.h" - - #include -+#include - #include - #include - #include -@@ -4673,7 +4674,7 @@ test_normal_checking_tuples (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ aligned_data = g_memdup2 (data, size); /* guarantee alignment */ - variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); -@@ -4802,7 +4803,7 @@ test_normal_checking_array_offsets (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ aligned_data = g_memdup2 (data, size); /* guarantee alignment */ - variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); -@@ -4829,7 +4830,7 @@ test_normal_checking_tuple_offsets (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ aligned_data = g_memdup2 (data, size); /* guarantee alignment */ - variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, - size, FALSE, NULL, NULL); - g_assert_nonnull (variant); -@@ -4856,7 +4857,7 @@ test_normal_checking_empty_object_path (void) - GVariant *variant = NULL; - GVariant *normal_variant = NULL; - -- aligned_data = g_memdup (data, size); /* guarantee alignment */ -+ aligned_data = g_memdup2 (data, size); /* guarantee alignment */ - variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, - FALSE, NULL, NULL); - g_assert_nonnull (variant); --- -2.31.1 - diff --git a/SOURCES/105.patch b/SOURCES/105.patch new file mode 100644 index 0000000..fa4572e --- /dev/null +++ b/SOURCES/105.patch @@ -0,0 +1,658 @@ +From 5634fd61f17d28dfc05cd47cfbd2bd2f21e6d2b1 Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:06:03 +0100 +Subject: [PATCH 1/4] gsettings: cleanup default value lookup + +There are a couple of different ways (and soon one more) to access the +default value of a key. Clean up the various places that access this to +avoid duplication. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/gsettings.c | 20 ++++---------------- + 1 file changed, 4 insertions(+), 16 deletions(-) + +diff --git a/gio/gsettings.c b/gio/gsettings.c +index 10d394d69..5e5816d57 100644 +--- a/gio/gsettings.c ++++ b/gio/gsettings.c +@@ -1204,10 +1204,7 @@ g_settings_get_value (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + g_settings_schema_key_clear (&skey); + +@@ -1304,10 +1301,7 @@ g_settings_get_default_value (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, TRUE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + g_settings_schema_key_clear (&skey); + +@@ -1360,10 +1354,7 @@ g_settings_get_enum (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + result = g_settings_schema_key_to_enum (&skey, value); + g_settings_schema_key_clear (&skey); +@@ -1473,10 +1464,7 @@ g_settings_get_flags (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + result = g_settings_schema_key_to_flags (&skey, value); + g_settings_schema_key_clear (&skey); +-- +2.21.0 + + +From 89c6e8f4a0bcda4b58dbaea713e62be01cfc2087 Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:08:17 +0100 +Subject: [PATCH 2/4] gsettingsschema: Allow per-desktop overrides +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Recognise a new 'd' option in schema keys which gives a dictionary of +per-desktop default values. This dictionary is searched for the items +found in XDG_CURRENT_DESKTOP, in the order. If nothing matches (or if +the option is missing) then the default value is used as before. + +This feature was requested by Alberts Muktupāvels and this patch is +based on an approach devised by them. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/gsettings.c | 21 +++++++++++++++++ + gio/gsettingsschema-internal.h | 2 ++ + gio/gsettingsschema.c | 41 ++++++++++++++++++++++++++++++++++ + 3 files changed, 64 insertions(+) + +diff --git a/gio/gsettings.c b/gio/gsettings.c +index 5e5816d57..f1130c095 100644 +--- a/gio/gsettings.c ++++ b/gio/gsettings.c +@@ -1739,6 +1739,13 @@ g_settings_get_mapped (GSettings *settings, + if (okay) goto okay; + } + ++ if ((value = g_settings_schema_key_get_per_desktop_default (&skey))) ++ { ++ okay = mapping (value, &result, user_data); ++ g_variant_unref (value); ++ if (okay) goto okay; ++ } ++ + if (mapping (skey.default_value, &result, user_data)) + goto okay; + +@@ -2647,6 +2654,20 @@ g_settings_binding_key_changed (GSettings *settings, + } + } + ++ if (variant == NULL) ++ { ++ variant = g_settings_schema_key_get_per_desktop_default (&binding->key); ++ if (variant && ++ !binding->get_mapping (&value, variant, binding->user_data)) ++ { ++ g_error ("Per-desktop default value for key '%s' in schema '%s' " ++ "was rejected by the binding mapping function.", ++ binding->key.name, g_settings_schema_get_id (binding->key.schema)); ++ g_variant_unref (variant); ++ variant = NULL; ++ } ++ } ++ + if (variant == NULL) + { + variant = g_variant_ref (binding->key.default_value); +diff --git a/gio/gsettingsschema-internal.h b/gio/gsettingsschema-internal.h +index f54de3b34..5f996b4bc 100644 +--- a/gio/gsettingsschema-internal.h ++++ b/gio/gsettingsschema-internal.h +@@ -37,6 +37,7 @@ struct _GSettingsSchemaKey + const GVariantType *type; + GVariant *minimum, *maximum; + GVariant *default_value; ++ GVariant *desktop_overrides; + + gint ref_count; + }; +@@ -58,6 +59,7 @@ gboolean g_settings_schema_key_type_check (GSettin + GVariant * g_settings_schema_key_range_fixup (GSettingsSchemaKey *key, + GVariant *value); + GVariant * g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key); ++GVariant * g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key); + + gint g_settings_schema_key_to_enum (GSettingsSchemaKey *key, + GVariant *value); +diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c +index f1274a369..17b7e3b01 100644 +--- a/gio/gsettingsschema.c ++++ b/gio/gsettingsschema.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + + /** + * SECTION:gsettingsschema +@@ -1283,6 +1284,11 @@ g_settings_schema_key_init (GSettingsSchemaKey *key, + endian_fixup (&key->maximum); + break; + ++ case 'd': ++ g_variant_get (data, "@a{sv}", &key->desktop_overrides); ++ endian_fixup (&key->desktop_overrides); ++ break; ++ + default: + g_warning ("unknown schema extension '%c'", code); + break; +@@ -1303,6 +1309,9 @@ g_settings_schema_key_clear (GSettingsSchemaKey *key) + if (key->maximum) + g_variant_unref (key->maximum); + ++ if (key->desktop_overrides) ++ g_variant_unref (key->desktop_overrides); ++ + g_variant_unref (key->default_value); + + g_settings_schema_unref (key->schema); +@@ -1410,6 +1419,35 @@ g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key) + return value; + } + ++GVariant * ++g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key) ++{ ++ static const gchar * const *current_desktops; ++ GVariant *value = NULL; ++ gint i; ++ ++ if (!key->desktop_overrides) ++ return NULL; ++ ++ if (g_once_init_enter (¤t_desktops)) ++ { ++ const gchar *xdg_current_desktop = g_getenv ("XDG_CURRENT_DESKTOP"); ++ gchar **tmp; ++ ++ if (xdg_current_desktop != NULL && xdg_current_desktop[0] != '\0') ++ tmp = g_strsplit (xdg_current_desktop, G_SEARCHPATH_SEPARATOR_S, -1); ++ else ++ tmp = g_new0 (gchar *, 0 + 1); ++ ++ g_once_init_leave (¤t_desktops, (const gchar **) tmp); ++ } ++ ++ for (i = 0; value == NULL && current_desktops[i] != NULL; i++) ++ value = g_variant_lookup_value (key->desktop_overrides, current_desktops[i], NULL); ++ ++ return value; ++} ++ + gint + g_settings_schema_key_to_enum (GSettingsSchemaKey *key, + GVariant *value) +@@ -1698,6 +1736,9 @@ g_settings_schema_key_get_default_value (GSettingsSchemaKey *key) + + value = g_settings_schema_key_get_translated_default (key); + ++ if (!value) ++ value = g_settings_schema_key_get_per_desktop_default (key); ++ + if (!value) + value = g_variant_ref (key->default_value); + +-- +2.21.0 + + +From 3710e830de015829c086c69181a8703645d577ec Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:10:18 +0100 +Subject: [PATCH 3/4] glib-compile-schemas: Handle per-desktop overrides + +Add a new syntax to override files: if the group name has a ':' in it, +it indicates that we want to override the default values of keys for +only one desktop. For example: + +[org.gnome.desktop.interface:Unity] +font-name='Ubuntu 12' + +Will override the settings, only if "Unity" is found in +XDG_CURRENT_DESKTOP. Multiple per-desktop overrides can be specified +for a given key: the one which comes first in XDG_CURRENT_DESKTOP will +be used. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/glib-compile-schemas.c | 83 ++++++++++++++++++++++++++++++++++---- + 1 file changed, 75 insertions(+), 8 deletions(-) + +diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c +index 2dc8c7171..59fb68ee7 100644 +--- a/gio/glib-compile-schemas.c ++++ b/gio/glib-compile-schemas.c +@@ -179,6 +179,8 @@ typedef struct + GString *unparsed_default_value; + GVariant *default_value; + ++ GVariantDict *desktop_overrides; ++ + GString *strinfo; + gboolean is_enum; + gboolean is_flags; +@@ -731,6 +733,11 @@ key_state_serialise (KeyState *state) + g_variant_builder_add (&builder, "(y(**))", 'r', + state->minimum, state->maximum); + ++ /* per-desktop overrides */ ++ if (state->desktop_overrides) ++ g_variant_builder_add (&builder, "(y@a{sv})", 'd', ++ g_variant_dict_end (state->desktop_overrides)); ++ + state->serialised = g_variant_builder_end (&builder); + } + +@@ -768,6 +775,9 @@ key_state_free (gpointer data) + if (state->serialised) + g_variant_unref (state->serialised); + ++ if (state->desktop_overrides) ++ g_variant_dict_unref (state->desktop_overrides); ++ + g_slice_free (KeyState, state); + } + +@@ -1878,6 +1888,8 @@ set_overrides (GHashTable *schema_table, + gchar **groups; + gint i; + ++ g_debug ("Processing override file '%s'", filename); ++ + key_file = g_key_file_new (); + if (!g_key_file_load_from_file (key_file, filename, 0, &error)) + { +@@ -1900,18 +1912,31 @@ set_overrides (GHashTable *schema_table, + for (i = 0; groups[i]; i++) + { + const gchar *group = groups[i]; ++ const gchar *schema_name; ++ const gchar *desktop_id; + SchemaState *schema; ++ gchar **pieces; + gchar **keys; + gint j; + +- schema = g_hash_table_lookup (schema_table, group); ++ pieces = g_strsplit (group, ":", 2); ++ schema_name = pieces[0]; ++ desktop_id = pieces[1]; ++ ++ g_debug ("Processing group '%s' (schema '%s', %s)", ++ group, schema_name, desktop_id ? desktop_id : "all desktops"); ++ ++ schema = g_hash_table_lookup (schema_table, schema_name); + + if (schema == NULL) +- /* Having the schema not be installed is expected to be a +- * common case. Don't even emit an error message about +- * that. +- */ +- continue; ++ { ++ /* Having the schema not be installed is expected to be a ++ * common case. Don't even emit an error message about ++ * that. ++ */ ++ g_strfreev (pieces); ++ continue; ++ } + + keys = g_key_file_get_keys (key_file, group, NULL, NULL); + g_assert (keys != NULL); +@@ -1939,6 +1964,32 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); ++ g_strfreev (groups); ++ g_strfreev (keys); ++ ++ return FALSE; ++ } ++ ++ if (desktop_id != NULL && state->l10n) ++ { ++ /* Let's avoid the n*m case of per-desktop localised ++ * default values, and just forbid it. ++ */ ++ fprintf (stderr, ++ _("cannot provide per-desktop overrides for localised " ++ "key '%s' in schema '%s' (override file '%s')"), ++ key, group, filename); ++ ++ if (!strict) ++ { ++ fprintf (stderr, _("; ignoring override for this key.\n")); ++ continue; ++ } ++ ++ fprintf (stderr, _(" and --strict was specified; exiting.\n")); ++ g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -1969,6 +2020,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _("--strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -1997,6 +2049,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -2025,6 +2078,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -2032,11 +2086,24 @@ set_overrides (GHashTable *schema_table, + } + } + +- g_variant_unref (state->default_value); +- state->default_value = value; ++ if (desktop_id != NULL) ++ { ++ if (state->desktop_overrides == NULL) ++ state->desktop_overrides = g_variant_dict_new (NULL); ++ ++ g_variant_dict_insert_value (state->desktop_overrides, desktop_id, value); ++ g_variant_unref (value); ++ } ++ else ++ { ++ g_variant_unref (state->default_value); ++ state->default_value = value; ++ } ++ + g_free (string); + } + ++ g_strfreev (pieces); + g_strfreev (keys); + } + +-- +2.21.0 + + +From 2ca9218fb46f32fa02bed43c6e60243c8c5d656f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Alberts=20Muktup=C4=81vels?= +Date: Tue, 19 Jun 2018 23:39:24 +0300 +Subject: [PATCH 4/4] Add a test for per-desktop overrides + +--- + gio/glib-compile-schemas.c | 1 + + gio/tests/Makefile.am | 2 + + gio/tests/gsettings.c | 106 ++++++++++++++++++- + gio/tests/org.gtk.test.gschema.override.orig | 2 + + gio/tests/org.gtk.test.gschema.xml.orig | 6 ++ + 5 files changed, 116 insertions(+), 1 deletion(-) + create mode 100644 gio/tests/org.gtk.test.gschema.override.orig + +diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c +index 59fb68ee7..00dd64146 100644 +--- a/gio/glib-compile-schemas.c ++++ b/gio/glib-compile-schemas.c +@@ -2139,6 +2139,7 @@ main (int argc, char **argv) + + /* These options are only for use in the gschema-compile tests */ + { "schema-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &schema_files, NULL, NULL }, ++ { "override-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &override_files, NULL, NULL }, + { NULL } + }; + +diff --git a/gio/tests/Makefile.am b/gio/tests/Makefile.am +index 49a19bf4a..b41317ad9 100644 +--- a/gio/tests/Makefile.am ++++ b/gio/tests/Makefile.am +@@ -367,12 +367,14 @@ test.mo: de.po + EXTRA_DIST += de.po + dist_uninstalled_test_data += \ + org.gtk.test.gschema.xml.orig \ ++ org.gtk.test.gschema.override.orig \ + org.gtk.schemasourcecheck.gschema.xml \ + testenum.h \ + enums.xml.template + # Generated while running the testcase itself... + CLEANFILES += \ + org.gtk.test.gschema.xml \ ++ org.gtk.test.gschema.override \ + org.gtk.test.enums.xml \ + gsettings.store \ + gschemas.compiled \ +diff --git a/gio/tests/gsettings.c b/gio/tests/gsettings.c +index 2be4122fe..acdeead4c 100644 +--- a/gio/tests/gsettings.c ++++ b/gio/tests/gsettings.c +@@ -2192,6 +2192,7 @@ G_GNUC_END_IGNORE_DEPRECATIONS + "org.gtk.test.range.direct", + "org.gtk.test.mapped", + "org.gtk.test.descriptions", ++ "org.gtk.test.per-desktop", + NULL)); + } + +@@ -2583,6 +2584,100 @@ test_default_value (void) + g_object_unref (settings); + } + ++static gboolean ++string_map_func (GVariant *value, ++ gpointer *result, ++ gpointer user_data) ++{ ++ const gchar *str; ++ ++ str = g_variant_get_string (value, NULL); ++ *result = g_variant_new_string (str); ++ ++ return TRUE; ++} ++ ++/* Test that per-desktop values from org.gtk.test.gschema.override ++ * does not change default value if current desktop is not listed in ++ * $XDG_CURRENT_DESKTOP. ++ */ ++static void ++test_per_desktop (void) ++{ ++ GSettings *settings; ++ TestObject *obj; ++ gpointer p; ++ gchar *str; ++ ++ settings = g_settings_new ("org.gtk.test.per-desktop"); ++ obj = test_object_new (); ++ ++ if (!g_test_subprocess ()) ++ { ++ g_test_trap_subprocess ("/gsettings/per-desktop/subprocess", 0, 0); ++ g_test_trap_assert_passed (); ++ } ++ ++ str = g_settings_get_string (settings, "desktop"); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); ++ ++ str = g_variant_dup_string (p, NULL); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ g_variant_unref (p); ++ ++ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); ++ ++ g_object_get (obj, "string", &str, NULL); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ g_object_unref (settings); ++ g_object_unref (obj); ++} ++ ++/* Test that per-desktop values from org.gtk.test.gschema.override ++ * are successfully loaded based on the value of $XDG_CURRENT_DESKTOP. ++ */ ++static void ++test_per_desktop_subprocess (void) ++{ ++ GSettings *settings; ++ TestObject *obj; ++ gpointer p; ++ gchar *str; ++ ++ g_setenv ("XDG_CURRENT_DESKTOP", "GNOME-Classic:GNOME", TRUE); ++ ++ settings = g_settings_new ("org.gtk.test.per-desktop"); ++ obj = test_object_new (); ++ ++ str = g_settings_get_string (settings, "desktop"); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); ++ ++ str = g_variant_dup_string (p, NULL); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ g_variant_unref (p); ++ ++ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); ++ ++ g_object_get (obj, "string", &str, NULL); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ g_object_unref (settings); ++ g_object_unref (obj); ++} ++ + static void + test_extended_schema (void) + { +@@ -2603,6 +2698,7 @@ int + main (int argc, char *argv[]) + { + gchar *schema_text; ++ gchar *override_text; + gchar *enums; + gint result; + +@@ -2625,6 +2721,7 @@ main (int argc, char *argv[]) + g_setenv ("XDG_DATA_DIRS", ".", TRUE); + g_setenv ("XDG_DATA_HOME", ".", TRUE); + g_setenv ("GSETTINGS_SCHEMA_DIR", ".", TRUE); ++ g_setenv ("XDG_CURRENT_DESKTOP", "", TRUE); + + if (!backend_set) + g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); +@@ -2647,6 +2744,10 @@ main (int argc, char *argv[]) + g_assert (g_file_set_contents ("org.gtk.test.gschema.xml", schema_text, -1, NULL)); + g_free (schema_text); + ++ g_assert (g_file_get_contents (SRCDIR "/org.gtk.test.gschema.override.orig", &override_text, NULL, NULL)); ++ g_assert (g_file_set_contents ("org.gtk.test.gschema.override", override_text, -1, NULL)); ++ g_free (override_text); ++ + /* Meson build defines this, autotools build does not */ + #ifndef GLIB_COMPILE_SCHEMAS + #define GLIB_COMPILE_SCHEMAS "../glib-compile-schemas" +@@ -2655,7 +2756,8 @@ main (int argc, char *argv[]) + g_remove ("gschemas.compiled"); + g_assert (g_spawn_command_line_sync (GLIB_COMPILE_SCHEMAS " --targetdir=. " + "--schema-file=org.gtk.test.enums.xml " +- "--schema-file=org.gtk.test.gschema.xml", ++ "--schema-file=org.gtk.test.gschema.xml " ++ "--override-file=org.gtk.test.gschema.override", + NULL, NULL, &result, NULL)); + g_assert (result == 0); + +@@ -2736,6 +2838,8 @@ main (int argc, char *argv[]) + g_test_add_func ("/gsettings/read-descriptions", test_read_descriptions); + g_test_add_func ("/gsettings/test-extended-schema", test_extended_schema); + g_test_add_func ("/gsettings/default-value", test_default_value); ++ g_test_add_func ("/gsettings/per-desktop", test_per_desktop); ++ g_test_add_func ("/gsettings/per-desktop/subprocess", test_per_desktop_subprocess); + + result = g_test_run (); + +diff --git a/gio/tests/org.gtk.test.gschema.override.orig b/gio/tests/org.gtk.test.gschema.override.orig +new file mode 100644 +index 000000000..6694baace +--- /dev/null ++++ b/gio/tests/org.gtk.test.gschema.override.orig +@@ -0,0 +1,2 @@ ++[org.gtk.test.per-desktop:GNOME-Classic] ++desktop = "GNOME Classic" +diff --git a/gio/tests/org.gtk.test.gschema.xml.orig b/gio/tests/org.gtk.test.gschema.xml.orig +index c07558335..fbcdce683 100644 +--- a/gio/tests/org.gtk.test.gschema.xml.orig ++++ b/gio/tests/org.gtk.test.gschema.xml.orig +@@ -209,4 +209,10 @@ + + + ++ ++ ++ "GNOME" ++ ++ ++ + +-- +2.21.0 + diff --git a/SOURCES/1176.patch b/SOURCES/1176.patch new file mode 100644 index 0000000..7322a12 --- /dev/null +++ b/SOURCES/1176.patch @@ -0,0 +1,371 @@ +From ef1035d9d86464ea0b5dde60a7a0e190895fdf5b Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 14 Oct 2019 08:22:24 +0100 +Subject: [PATCH] gcredentialsprivate: Document the various private macros + +Signed-off-by: Simon McVittie +--- + gio/gcredentialsprivate.h | 59 +++++++++++++++++++++++++++++++++++++++ + 1 file changed, 59 insertions(+) + +diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h +index 4d1c420a8..06f0aed19 100644 +--- a/gio/gcredentialsprivate.h ++++ b/gio/gcredentialsprivate.h +@@ -22,6 +22,65 @@ + #include "gio/gcredentials.h" + #include "gio/gnetworking.h" + ++/* ++ * G_CREDENTIALS_SUPPORTED: ++ * ++ * Defined to 1 if GCredentials works. ++ */ ++#undef G_CREDENTIALS_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_USE_LINUX_UCRED, etc.: ++ * ++ * Defined to 1 if GCredentials uses Linux `struct ucred`, etc. ++ */ ++#undef G_CREDENTIALS_USE_LINUX_UCRED ++#undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED ++#undef G_CREDENTIALS_USE_NETBSD_UNPCBID ++#undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED ++#undef G_CREDENTIALS_USE_SOLARIS_UCRED ++ ++/* ++ * G_CREDENTIALS_NATIVE_TYPE: ++ * ++ * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc. ++ */ ++#undef G_CREDENTIALS_NATIVE_TYPE ++ ++/* ++ * G_CREDENTIALS_NATIVE_SIZE: ++ * ++ * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE ++ */ ++#undef G_CREDENTIALS_NATIVE_SIZE ++ ++/* ++ * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED: ++ * ++ * Defined to 1 if we have a message-passing API in which credentials ++ * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux ++ * or `SCM_CREDS` on FreeBSD. ++ */ ++#undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED: ++ * ++ * Defined to 1 if we have a `getsockopt()`-style API in which one end of ++ * a socket connection can directly query the credentials of the process ++ * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux ++ * or `getpeereid()` on multiple operating systems. ++ */ ++#undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_SPOOFING_SUPPORTED: ++ * ++ * Defined to 1 if privileged processes can spoof their credentials when ++ * using the message-passing API. ++ */ ++#undef G_CREDENTIALS_SPOOFING_SUPPORTED ++ + #ifdef __linux__ + #define G_CREDENTIALS_SUPPORTED 1 + #define G_CREDENTIALS_USE_LINUX_UCRED 1 +-- +2.23.0 + +From ee502dbbe89a5976c32eb8863c9a9d274ddb60e1 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 14 Oct 2019 08:47:39 +0100 +Subject: [PATCH] GDBus: prefer getsockopt()-style credentials-passing APIs + +Conceptually, a D-Bus server is really trying to determine the credentials +of (the process that initiated) a connection, not the credentials that +the process had when it sent a particular message. Ideally, it does +this with a getsockopt()-style API that queries the credentials of the +connection's initiator without requiring any particular cooperation from +that process, avoiding a class of possible failures. + +The leading '\0' in the D-Bus protocol is primarily a workaround +for platforms where the message-based credentials-passing API is +strictly better than the getsockopt()-style API (for example, on +FreeBSD, SCM_CREDS includes a process ID but getpeereid() does not), +or where the getsockopt()-style API does not exist at all. As a result +libdbus, the reference implementation of D-Bus, does not implement +Linux SCM_CREDENTIALS at all - it has no reason to do so, because the +SO_PEERCRED socket option is equally informative. + +This change makes GDBusServer on Linux more closely match the behaviour +of libdbus. + +In particular, GNOME/glib#1831 indicates that when a libdbus client +connects to a GDBus server, recvmsg() sometimes yields a SCM_CREDENTIALS +message with cmsg_data={pid=0, uid=65534, gid=65534}. I think this is +most likely a race condition in the early steps to connect: + + client server + connect + accept + send '\0' <- race -> set SO_PASSCRED = 1 + receive '\0' + +If the server wins the race: + + client server + connect + accept + set SO_PASSCRED = 1 + send '\0' + receive '\0' + +then everything is fine. However, if the client wins the race: + + client server + connect + accept + send '\0' + set SO_PASSCRED = 1 + receive '\0' + +then the kernel does not record credentials for the message containing +'\0' (because SO_PASSCRED was 0 at the time). However, by the time the +server receives the message, the kernel knows that credentials are +desired. I would have expected the kernel to omit the credentials header +in this case, but it seems that instead, it synthesizes a credentials +structure with a dummy process ID 0, a dummy uid derived from +/proc/sys/kernel/overflowuid and a dummy gid derived from +/proc/sys/kernel/overflowgid. + +In an unconfigured GDBusServer, hitting this race condition results in +falling back to DBUS_COOKIE_SHA1 authentication, which in practice usually +succeeds in authenticating the peer's uid. However, we encourage AF_UNIX +servers on Unix platforms to allow only EXTERNAL authentication as a +security-hardening measure, because DBUS_COOKIE_SHA1 relies on a series +of assumptions including a cryptographically strong PRNG and a shared +home directory with no write access by others, which are not necessarily +true for all operating systems and users. EXTERNAL authentication will +fail if the server cannot determine the client's credentials. + +In particular, this caused a regression when CVE-2019-14822 was fixed +in ibus, which appears to be resolved by this commit. Qt clients +(which use libdbus) intermittently fail to connect to an ibus server +(which uses GDBusServer), because ibus no longer allows DBUS_COOKIE_SHA1 +authentication or non-matching uids. + +Signed-off-by: Simon McVittie +Closes: https://gitlab.gnome.org/GNOME/glib/issues/1831 +--- + gio/gcredentialsprivate.h | 18 ++++++++++++++++++ + gio/gdbusauth.c | 27 +++++++++++++++++++++++++-- + 2 files changed, 43 insertions(+), 2 deletions(-) + +diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h +index 06f0aed19..e9ec09b9f 100644 +--- a/gio/gcredentialsprivate.h ++++ b/gio/gcredentialsprivate.h +@@ -81,6 +81,18 @@ + */ + #undef G_CREDENTIALS_SPOOFING_SUPPORTED + ++/* ++ * G_CREDENTIALS_PREFER_MESSAGE_PASSING: ++ * ++ * Defined to 1 if the data structure transferred by the message-passing ++ * API is strictly more informative than the one transferred by the ++ * `getsockopt()`-style API, and hence should be preferred, even for ++ * protocols like D-Bus that are defined in terms of the credentials of ++ * the (process that opened the) socket, as opposed to the credentials ++ * of an individual message. ++ */ ++#undef G_CREDENTIALS_PREFER_MESSAGE_PASSING ++ + #ifdef __linux__ + #define G_CREDENTIALS_SUPPORTED 1 + #define G_CREDENTIALS_USE_LINUX_UCRED 1 +@@ -100,6 +112,12 @@ + #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred)) + #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 + #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 ++/* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API ++ * is getpeereid(), which is not as informative as struct cmsgcred - ++ * it does not tell us the PID. As a result, libdbus prefers to use ++ * SCM_CREDS, and if we implement getpeereid() in future, we should ++ * do the same. */ ++#define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1 + + #elif defined(__NetBSD__) + #define G_CREDENTIALS_SUPPORTED 1 +diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c +index 752ec23fc..14cc5d70e 100644 +--- a/gio/gdbusauth.c ++++ b/gio/gdbusauth.c +@@ -31,6 +31,7 @@ + #include "gdbusutils.h" + #include "gioenumtypes.h" + #include "gcredentials.h" ++#include "gcredentialsprivate.h" + #include "gdbusprivate.h" + #include "giostream.h" + #include "gdatainputstream.h" +@@ -969,9 +970,31 @@ _g_dbus_auth_run_server (GDBusAuth *auth, + + g_data_input_stream_set_newline_type (dis, G_DATA_STREAM_NEWLINE_TYPE_CR_LF); + +- /* first read the NUL-byte */ ++ /* read the NUL-byte, possibly with credentials attached */ + #ifdef G_OS_UNIX +- if (G_IS_UNIX_CONNECTION (auth->priv->stream)) ++#ifndef G_CREDENTIALS_PREFER_MESSAGE_PASSING ++ if (G_IS_SOCKET_CONNECTION (auth->priv->stream)) ++ { ++ GSocket *sock = g_socket_connection_get_socket (G_SOCKET_CONNECTION (auth->priv->stream)); ++ ++ local_error = NULL; ++ credentials = g_socket_get_credentials (sock, &local_error); ++ ++ if (credentials == NULL && !g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED)) ++ { ++ g_propagate_error (error, local_error); ++ goto out; ++ } ++ else ++ { ++ /* Clear the error indicator, so we can retry with ++ * g_unix_connection_receive_credentials() if necessary */ ++ g_clear_error (&local_error); ++ } ++ } ++#endif ++ ++ if (credentials == NULL && G_IS_UNIX_CONNECTION (auth->priv->stream)) + { + local_error = NULL; + credentials = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (auth->priv->stream), +-- +2.23.0 + +From 1485a97d8051b0aa047987f7b0c0bfe4ba4ce55b Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Fri, 18 Oct 2019 10:55:09 +0100 +Subject: [PATCH] credentials: Invalid Linux struct ucred means "no + information" + +On Linux, if getsockopt SO_PEERCRED is used on a TCP socket, one +might expect it to fail with an appropriate error like ENOTSUP or +EPROTONOSUPPORT. However, it appears that in fact it succeeds, but +yields a credentials structure with pid 0, uid -1 and gid -1. These +are not real process, user and group IDs that can be allocated to a +real process (pid 0 needs to be reserved to give kill(0) its documented +special semantics, and similarly uid and gid -1 need to be reserved for +setresuid() and setresgid()) so it is not meaningful to signal them to +high-level API users. + +An API user with Linux-specific knowledge can still inspect these fields +via g_credentials_get_native() if desired. + +Similarly, if SO_PASSCRED is used to receive a SCM_CREDENTIALS message +on a receiving Unix socket, but the sending socket had not enabled +SO_PASSCRED at the time that the message was sent, it is possible +for it to succeed but yield a credentials structure with pid 0, uid +/proc/sys/kernel/overflowuid and gid /proc/sys/kernel/overflowgid. Even +if we were to read those pseudo-files, we cannot distinguish between +the overflow IDs and a real process that legitimately has the same IDs +(typically they are set to 'nobody' and 'nogroup', which can be used +by a real process), so we detect this situation by noticing that +pid == 0, and to save syscalls we do not read the overflow IDs from +/proc at all. + +This results in a small API change: g_credentials_is_same_user() now +returns FALSE if we compare two credentials structures that are both +invalid. This seems like reasonable, conservative behaviour: if we cannot +prove that they are the same user, we should assume they are not. + +Signed-off-by: Simon McVittie +--- + gio/gcredentials.c | 42 +++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 39 insertions(+), 3 deletions(-) + +diff --git a/gio/gcredentials.c b/gio/gcredentials.c +index c350e3c88..c4794ded7 100644 +--- a/gio/gcredentials.c ++++ b/gio/gcredentials.c +@@ -265,6 +265,35 @@ g_credentials_to_string (GCredentials *credentials) + + /* ---------------------------------------------------------------------------------------------------- */ + ++#if G_CREDENTIALS_USE_LINUX_UCRED ++/* ++ * Check whether @native contains invalid data. If getsockopt SO_PEERCRED ++ * is used on a TCP socket, it succeeds but yields a credentials structure ++ * with pid 0, uid -1 and gid -1. Similarly, if SO_PASSCRED is used on a ++ * receiving Unix socket when the sending socket did not also enable ++ * SO_PASSCRED, it can succeed but yield a credentials structure with ++ * pid 0, uid /proc/sys/kernel/overflowuid and gid ++ * /proc/sys/kernel/overflowgid. ++ */ ++static gboolean ++linux_ucred_check_valid (struct ucred *native, ++ GError **error) ++{ ++ if (native->pid == 0 ++ || native->uid == -1 ++ || native->gid == -1) ++ { ++ g_set_error_literal (error, ++ G_IO_ERROR, ++ G_IO_ERROR_INVALID_DATA, ++ _("GCredentials contains invalid data")); ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++#endif ++ + /** + * g_credentials_is_same_user: + * @credentials: A #GCredentials. +@@ -294,7 +323,8 @@ g_credentials_is_same_user (GCredentials *credentials, + + ret = FALSE; + #if G_CREDENTIALS_USE_LINUX_UCRED +- if (credentials->native.uid == other_credentials->native.uid) ++ if (linux_ucred_check_valid (&credentials->native, NULL) ++ && credentials->native.uid == other_credentials->native.uid) + ret = TRUE; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + if (credentials->native.cmcred_euid == other_credentials->native.cmcred_euid) +@@ -453,7 +483,10 @@ g_credentials_get_unix_user (GCredentials *credentials, + g_return_val_if_fail (error == NULL || *error == NULL, -1); + + #if G_CREDENTIALS_USE_LINUX_UCRED +- ret = credentials->native.uid; ++ if (linux_ucred_check_valid (&credentials->native, error)) ++ ret = credentials->native.uid; ++ else ++ ret = -1; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + ret = credentials->native.cmcred_euid; + #elif G_CREDENTIALS_USE_NETBSD_UNPCBID +@@ -499,7 +532,10 @@ g_credentials_get_unix_pid (GCredentials *credentials, + g_return_val_if_fail (error == NULL || *error == NULL, -1); + + #if G_CREDENTIALS_USE_LINUX_UCRED +- ret = credentials->native.pid; ++ if (linux_ucred_check_valid (&credentials->native, error)) ++ ret = credentials->native.pid; ++ else ++ ret = -1; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + ret = credentials->native.cmcred_pid; + #elif G_CREDENTIALS_USE_NETBSD_UNPCBID +-- +2.23.0 + diff --git a/SOURCES/1369.patch b/SOURCES/1369.patch new file mode 100644 index 0000000..2d5d1c3 --- /dev/null +++ b/SOURCES/1369.patch @@ -0,0 +1,38 @@ +From a18f091c6c090b93cd816f8cd5be763b6e238632 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Fri, 7 Feb 2020 17:10:23 +0000 +Subject: [PATCH] libcharset: Drop a redundant environment variable + +It was used for running tests when we built with autotools, but is no +longer used in the Meson build system. If we need something similar in +future, it should be done by adding internal API to override the +directory on a per-call basis, rather than loading a path from a shared +global table every time. + +Signed-off-by: Philip Withnall + +Helps: #1919 +--- + glib/libcharset/localcharset.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/glib/libcharset/localcharset.c b/glib/libcharset/localcharset.c +index 0c4d544be..ab3a2678d 100644 +--- a/glib/libcharset/localcharset.c ++++ b/glib/libcharset/localcharset.c +@@ -117,11 +117,7 @@ _g_locale_get_charset_aliases (void) + const char *base = "charset.alias"; + char *file_name; + +- /* Make it possible to override the charset.alias location. This is +- necessary for running the testsuite before "make install". */ +- dir = getenv ("CHARSETALIASDIR"); +- if (dir == NULL || dir[0] == '\0') +- dir = relocate (GLIB_CHARSETALIAS_DIR); ++ dir = relocate (GLIB_CHARSETALIAS_DIR); + + /* Concatenate dir and base into freshly allocated file_name. */ + { +-- +2.31.1 + diff --git a/SOURCES/1713.patch b/SOURCES/1713.patch new file mode 100644 index 0000000..cace858 --- /dev/null +++ b/SOURCES/1713.patch @@ -0,0 +1,204 @@ +From 4f0a31d66c2a6588495b8ae682f555584dafdf45 Mon Sep 17 00:00:00 2001 +From: Claudio Saavedra +Date: Wed, 21 Oct 2020 13:19:42 +0300 +Subject: [PATCH] gmain: g_main_context_check() can skip updating polled FD + sources + +If there is a file descriptor source that has a lower priority +than the one for sources that are going to be dispatched, +all subsequent file descriptor sources (internally sorted by +file descriptor identifier) do not get an update in their GPollRec +and later on wrong sources can be dispatched. + +Fix this by first finding the first GPollRec that matches the current +GPollFD, instead of relying on it to be the current one. At +the same time, document the assumptions about the ordering of the +file descriptor records and array and make explicit in the documentation +that the array needs to be passed to g_main_context_check() as it was +received from g_main_context_query(). + +Added a new test that reproduces the bug by creating two file +descriptor sources and an idle one. Since the first +file descriptor created has a lower identifier and a low priority, +the second one is not dispatched even when it has the same, higher, +priority as the idle source. After fixing this bug, both +higher priority sources are dispatched as expected. + +While this patch was written independently, a similar fix for this +bug was first submitted by Eugene M in GNOME/glib!562. Having a +second fix that basically does the same is a reassurance that we +are in the right here. + +Fixes #1592 +--- + glib/gmain.c | 32 ++++++++++++++++++++++-- + glib/tests/mainloop.c | 57 +++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 87 insertions(+), 2 deletions(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index 95992253d..a59cd686c 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -3573,7 +3573,10 @@ g_main_context_prepare (GMainContext *context, + * store #GPollFD records that need to be polled. + * @n_fds: (in): length of @fds. + * +- * Determines information necessary to poll this main loop. ++ * Determines information necessary to poll this main loop. You should ++ * be careful to pass the resulting @fds array and its length @n_fds ++ * as is when calling g_main_context_check(), as this function relies ++ * on assumptions made when the array is filled. + * + * You must have successfully acquired the context with + * g_main_context_acquire() before you may call this function. +@@ -3597,6 +3600,10 @@ g_main_context_query (GMainContext *context, + + TRACE (GLIB_MAIN_CONTEXT_BEFORE_QUERY (context, max_priority)); + ++ /* fds is filled sequentially from poll_records. Since poll_records ++ * are incrementally sorted by file descriptor identifier, fds will ++ * also be incrementally sorted. ++ */ + n_poll = 0; + lastpollrec = NULL; + for (pollrec = context->poll_records; pollrec; pollrec = pollrec->next) +@@ -3611,6 +3618,10 @@ g_main_context_query (GMainContext *context, + */ + events = pollrec->fd->events & ~(G_IO_ERR|G_IO_HUP|G_IO_NVAL); + ++ /* This optimization --using the same GPollFD to poll for more ++ * than one poll record-- relies on the poll records being ++ * incrementally sorted. ++ */ + if (lastpollrec && pollrec->fd->fd == lastpollrec->fd->fd) + { + if (n_poll - 1 < n_fds) +@@ -3656,7 +3667,10 @@ g_main_context_query (GMainContext *context, + * the last call to g_main_context_query() + * @n_fds: return value of g_main_context_query() + * +- * Passes the results of polling back to the main loop. ++ * Passes the results of polling back to the main loop. You should be ++ * careful to pass @fds and its length @n_fds as received from ++ * g_main_context_query(), as this functions relies on assumptions ++ * on how @fds is filled. + * + * You must have successfully acquired the context with + * g_main_context_acquire() before you may call this function. +@@ -3711,10 +3725,22 @@ g_main_context_check (GMainContext *context, + return FALSE; + } + ++ /* The linear iteration below relies on the assumption that both ++ * poll records and the fds array are incrementally sorted by file ++ * descriptor identifier. ++ */ + pollrec = context->poll_records; + i = 0; + while (pollrec && i < n_fds) + { ++ /* Make sure that fds is sorted by file descriptor identifier. */ ++ g_assert (i <= 0 || fds[i - 1].fd < fds[i].fd); ++ ++ /* Skip until finding the first GPollRec matching the current GPollFD. */ ++ while (pollrec && pollrec->fd->fd != fds[i].fd) ++ pollrec = pollrec->next; ++ ++ /* Update all consecutive GPollRecs that match. */ + while (pollrec && pollrec->fd->fd == fds[i].fd) + { + if (pollrec->priority <= max_priority) +@@ -3725,6 +3751,7 @@ g_main_context_check (GMainContext *context, + pollrec = pollrec->next; + } + ++ /* Iterate to next GPollFD. */ + i++; + } + +@@ -4320,6 +4347,7 @@ g_main_context_add_poll_unlocked (GMainContext *context, + newrec->fd = fd; + newrec->priority = priority; + ++ /* Poll records are incrementally sorted by file descriptor identifier. */ + prevrec = NULL; + nextrec = context->poll_records; + while (nextrec) +diff --git a/glib/tests/mainloop.c b/glib/tests/mainloop.c +index f5d672a63..397921f2d 100644 +--- a/glib/tests/mainloop.c ++++ b/glib/tests/mainloop.c +@@ -1511,6 +1511,62 @@ test_unix_file_poll (void) + close (fd); + } + ++static void ++test_unix_fd_priority (void) ++{ ++ gint fd1, fd2; ++ GMainLoop *loop; ++ GSource *source; ++ ++ gint s1 = 0; ++ gboolean s2 = FALSE, s3 = FALSE; ++ ++ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/1592"); ++ ++ loop = g_main_loop_new (NULL, FALSE); ++ ++ source = g_idle_source_new (); ++ g_source_set_callback (source, count_calls, &s1, NULL); ++ g_source_set_priority (source, 0); ++ g_source_attach (source, NULL); ++ g_source_unref (source); ++ ++ fd1 = open ("/dev/random", O_RDONLY); ++ g_assert_cmpint (fd1, >=, 0); ++ source = g_unix_fd_source_new (fd1, G_IO_IN); ++ g_source_set_callback (source, (GSourceFunc) (void (*)(void)) (flag_bool), &s2, NULL); ++ g_source_set_priority (source, 10); ++ g_source_attach (source, NULL); ++ g_source_unref (source); ++ ++ fd2 = open ("/dev/random", O_RDONLY); ++ g_assert_cmpint (fd2, >=, 0); ++ source = g_unix_fd_source_new (fd2, G_IO_IN); ++ g_source_set_callback (source, (GSourceFunc) (void (*)(void)) (flag_bool), &s3, NULL); ++ g_source_set_priority (source, 0); ++ g_source_attach (source, NULL); ++ g_source_unref (source); ++ ++ /* This tests a bug that depends on the source with the lowest FD ++ identifier to have the lowest priority. Make sure that this is ++ the case. */ ++ g_assert_cmpint (fd1, <, fd2); ++ ++ g_assert_true (g_main_context_iteration (NULL, FALSE)); ++ ++ /* Idle source should have been dispatched. */ ++ g_assert_cmpint (s1, ==, 1); ++ /* Low priority FD source shouldn't have been dispatched. */ ++ g_assert_false (s2); ++ /* Default priority FD source should have been dispatched. */ ++ g_assert_true (s3); ++ ++ g_main_loop_unref (loop); ++ ++ close (fd1); ++ close (fd2); ++} ++ + #endif + + static gboolean +@@ -1751,6 +1807,7 @@ main (int argc, char *argv[]) + g_test_add_func ("/mainloop/source-unix-fd-api", test_source_unix_fd_api); + g_test_add_func ("/mainloop/wait", test_mainloop_wait); + g_test_add_func ("/mainloop/unix-file-poll", test_unix_file_poll); ++ g_test_add_func ("/mainloop/unix-fd-priority", test_unix_fd_priority); + #endif + g_test_add_func ("/mainloop/nfds", test_nfds); + +-- +2.31.1 + diff --git a/SOURCES/309.patch b/SOURCES/309.patch new file mode 100644 index 0000000..eb5ed23 --- /dev/null +++ b/SOURCES/309.patch @@ -0,0 +1,100 @@ +From 64b76c7ca5cf5b4ede2f4b423114f46141890e1e Mon Sep 17 00:00:00 2001 +From: Robert Ancell +Date: Fri, 7 Sep 2018 10:19:05 +1200 +Subject: [PATCH] codegen: Change pointer casting to remove type-punning + warnings + +The existing code was generating code with undefined results that modern compilers warn about: + +accounts-generated.c:204:23: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] + (GDBusArgInfo **) &_accounts_accounts_method_info_list_cached_users_OUT_ARG_pointers, +--- + gio/gdbus-2.0/codegen/codegen.py | 22 +++++++++++----------- + 1 file changed, 11 insertions(+), 11 deletions(-) + +diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py +index e74131cdb..0d95cdcda 100644 +--- a/gio/gdbus-2.0/codegen/codegen.py ++++ b/gio/gdbus-2.0/codegen/codegen.py +@@ -1129,10 +1129,10 @@ class CodeGenerator: + '\n') + + if len(args) > 0: +- self.outfile.write('static const _ExtendedGDBusArgInfo * const %s_pointers[] =\n' ++ self.outfile.write('static const GDBusArgInfo * const %s_pointers[] =\n' + '{\n'%(prefix)) + for a in args: +- self.outfile.write(' &%s_%s,\n'%(prefix, a.name)) ++ self.outfile.write(' &%s_%s.parent_struct,\n'%(prefix, a.name)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1175,10 +1175,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusMethodInfo * const _%s_method_info_pointers[] =\n' ++ self.outfile.write('static const GDBusMethodInfo * const _%s_method_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for m in i.methods: +- self.outfile.write(' &_%s_method_info_%s,\n'%(i.name_lower, m.name_lower)) ++ self.outfile.write(' &_%s_method_info_%s.parent_struct,\n'%(i.name_lower, m.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1209,10 +1209,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusSignalInfo * const _%s_signal_info_pointers[] =\n' ++ self.outfile.write('static const GDBusSignalInfo * const _%s_signal_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for s in i.signals: +- self.outfile.write(' &_%s_signal_info_%s,\n'%(i.name_lower, s.name_lower)) ++ self.outfile.write(' &_%s_signal_info_%s.parent_struct,\n'%(i.name_lower, s.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1251,10 +1251,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusPropertyInfo * const _%s_property_info_pointers[] =\n' ++ self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for p in i.properties: +- self.outfile.write(' &_%s_property_info_%s,\n'%(i.name_lower, p.name_lower)) ++ self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1948,7 +1948,7 @@ class CodeGenerator: + self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' + ' GVariant *variant;\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' +- ' info = _%s_property_info_pointers[prop_id - 1];\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' variant = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (object), info->parent_struct.name);\n' + ' if (info->use_gvariant)\n' + ' {\n' +@@ -2001,7 +2001,7 @@ class CodeGenerator: + self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' + ' GVariant *variant;\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' +- ' info = _%s_property_info_pointers[prop_id - 1];\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' variant = g_dbus_gvalue_to_gvariant (value, G_VARIANT_TYPE (info->parent_struct.signature));\n' + ' g_dbus_proxy_call (G_DBUS_PROXY (object),\n' + ' "org.freedesktop.DBus.Properties.Set",\n' +@@ -2887,7 +2887,7 @@ class CodeGenerator: + ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' + ' {\n' + ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' +- ' _%s_schedule_emit_changed (skeleton, _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' ++ ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_object_notify_by_pspec (object, pspec);\n' + ' }\n' +-- +2.19.1 + diff --git a/SOURCES/409.patch b/SOURCES/409.patch new file mode 100644 index 0000000..7a2aea3 --- /dev/null +++ b/SOURCES/409.patch @@ -0,0 +1,56 @@ +From d7233ef81e575e84d831414605ba6368394d88b5 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Mon, 15 Oct 2018 21:50:31 +0000 +Subject: [PATCH] build-sys: Pass CFLAGS to $(DTRACE) + +Fedora is using https://fedoraproject.org/wiki/Changes/Annobin +to try to ensure that all objects are built with hardening flags. +Pass down `CFLAGS` to ensure the SystemTap objects use them. +--- + gio/Makefile.am | 2 +- + glib/Makefile.am | 2 +- + gobject/Makefile.am | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/gio/Makefile.am b/gio/Makefile.am +index fc0b91855..05b20cdef 100644 +--- a/gio/Makefile.am ++++ b/gio/Makefile.am +@@ -896,7 +896,7 @@ gio_probes.h: gio_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + gio_probes.lo: gio_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += gio_probes.h gio_probes.lo + CLEANFILES += gio_probes.h gio_probes.h.tmp +diff --git a/glib/Makefile.am b/glib/Makefile.am +index 90d33d082..39163aa7f 100644 +--- a/glib/Makefile.am ++++ b/glib/Makefile.am +@@ -386,7 +386,7 @@ glib_probes.h: glib_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + glib_probes.lo: glib_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += glib_probes.h glib_probes.lo + CLEANFILES += glib_probes.h glib_probes.h.tmp +diff --git a/gobject/Makefile.am b/gobject/Makefile.am +index 4c28acdff..78748e96c 100644 +--- a/gobject/Makefile.am ++++ b/gobject/Makefile.am +@@ -119,7 +119,7 @@ gobject_probes.h: gobject_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + gobject_probes.lo: gobject_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += gobject_probes.h gobject_probes.lo + CLEANFILES += gobject_probes.h +-- +2.21.0 + diff --git a/SOURCES/50.patch b/SOURCES/50.patch new file mode 100644 index 0000000..8ac8b87 --- /dev/null +++ b/SOURCES/50.patch @@ -0,0 +1,27 @@ +From fe803a6da0c7d73cd689d905258847384e11d1fd Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 17 Dec 2018 14:36:07 -0500 +Subject: [PATCH] gdbus unix addresses test: don't g_debug when also testing + stdout + +At the moment the gdbus-unix-addresses test will fail if +G_MESSAGES_DEBUG is set, since the test checks stdout, and the +test has a g_debug call. + +This commit drops the g_debug call, which isn't that useful anyway. +--- + gio/tests/gdbus-unix-addresses.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/gio/tests/gdbus-unix-addresses.c b/gio/tests/gdbus-unix-addresses.c +index e08328711..d020edd06 100644 +--- a/gio/tests/gdbus-unix-addresses.c ++++ b/gio/tests/gdbus-unix-addresses.c +@@ -106,7 +106,6 @@ set_up_mock_dbus_launch (void) + { + path = g_strconcat (g_test_get_dir (G_TEST_BUILT), ":", + g_getenv ("PATH"), NULL); +- g_debug ("PATH=%s", path); + g_setenv ("PATH", path, TRUE); + + /* libdbus won't even try X11 autolaunch if DISPLAY is unset; GDBus diff --git a/SOURCES/532.patch b/SOURCES/532.patch new file mode 100644 index 0000000..09e2c84 --- /dev/null +++ b/SOURCES/532.patch @@ -0,0 +1,613 @@ +From aea538fe703652fd0a39b2ac9185133849cfdcc4 Mon Sep 17 00:00:00 2001 +From: Thomas Jost +Date: Thu, 13 Dec 2018 03:06:02 -0800 +Subject: [PATCH] gdbus-codegen: honor "Property.EmitsChangedSignal" + annotations + +Co-Authored-by: Andy Holmes +--- + gio/gdbus-2.0/codegen/codegen.py | 18 ++++++++++----- + gio/gdbus-2.0/codegen/dbustypes.py | 7 ++++++ + gio/tests/gdbus-test-codegen.c | 36 +++++++++++++++++++++++++----- + gio/tests/test-codegen.xml | 6 +++++ + 4 files changed, 56 insertions(+), 11 deletions(-) + +diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py +index f6892af95..442bd3f5d 100644 +--- a/gio/gdbus-2.0/codegen/codegen.py ++++ b/gio/gdbus-2.0/codegen/codegen.py +@@ -638,61 +638,62 @@ class CodeGenerator: + '# include \n' + '#endif\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusArgInfo parent_struct;\n' + ' gboolean use_gvariant;\n' + '} _ExtendedGDBusArgInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusMethodInfo parent_struct;\n' + ' const gchar *signal_name;\n' + ' gboolean pass_fdlist;\n' + '} _ExtendedGDBusMethodInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusSignalInfo parent_struct;\n' + ' const gchar *signal_name;\n' + '} _ExtendedGDBusSignalInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusPropertyInfo parent_struct;\n' + ' const gchar *hyphen_name;\n' +- ' gboolean use_gvariant;\n' ++ ' guint use_gvariant : 1;\n' ++ ' guint emits_changed_signal : 1;\n' + '} _ExtendedGDBusPropertyInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusInterfaceInfo parent_struct;\n' + ' const gchar *hyphen_name;\n' + '} _ExtendedGDBusInterfaceInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' const _ExtendedGDBusPropertyInfo *info;\n' + ' guint prop_id;\n' + ' GValue orig_value; /* the value before the change */\n' + '} ChangedProperty;\n' + '\n' + 'static void\n' + '_changed_property_free (ChangedProperty *data)\n' + '{\n' + ' g_value_unset (&data->orig_value);\n' + ' g_free (data);\n' + '}\n' + '\n') + + self.outfile.write('static gboolean\n' + '_g_strv_equal0 (gchar **a, gchar **b)\n' + '{\n' + ' gboolean ret = FALSE;\n' + ' guint n;\n' +@@ -933,63 +934,67 @@ class CodeGenerator: + '\n') + + # --- + + if len(i.properties) > 0: + for p in i.properties: + if p.readable and p.writable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE | G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' + elif p.readable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE' + elif p.writable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' + else: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_NONE' + num_anno = self.generate_annotations('_%s_property_%s_annotation_info'%(i.name_lower, p.name_lower), p.annotations) + self.outfile.write('static const _ExtendedGDBusPropertyInfo _%s_property_info_%s =\n' + '{\n' + ' {\n' + ' -1,\n' + ' (gchar *) "%s",\n' + ' (gchar *) "%s",\n' + ' %s,\n'%(i.name_lower, p.name_lower, p.name, p.arg.signature, access)) + if num_anno == 0: + self.outfile.write(' NULL\n') + else: + self.outfile.write(' (GDBusAnnotationInfo **) &_%s_property_%s_annotation_info_pointers\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' },\n' + ' "%s",\n' + %(p.name_hyphen)) + if not utils.lookup_annotation(p.annotations, 'org.gtk.GDBus.C.ForceGVariant'): +- self.outfile.write(' FALSE\n') ++ self.outfile.write(' FALSE,\n') + else: ++ self.outfile.write(' TRUE,\n') ++ if p.emits_changed_signal: + self.outfile.write(' TRUE\n') ++ else: ++ self.outfile.write(' FALSE\n') + self.outfile.write('};\n' + '\n') + + self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for p in i.properties: + self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') + + num_anno = self.generate_annotations('_%s_annotation_info'%(i.name_lower), i.annotations) + self.outfile.write('static const _ExtendedGDBusInterfaceInfo _%s_interface_info =\n' + '{\n' + ' {\n' + ' -1,\n' + ' (gchar *) "%s",\n'%(i.name_lower, i.name)) + if len(i.methods) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusMethodInfo **) &_%s_method_info_pointers,\n'%(i.name_lower)) + if len(i.signals) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusSignalInfo **) &_%s_signal_info_pointers,\n'%(i.name_lower)) + if len(i.properties) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusPropertyInfo **) &_%s_property_info_pointers,\n'%(i.name_lower)) + if num_anno == 0: +@@ -2568,68 +2573,71 @@ class CodeGenerator: + # this allows use of g_object_freeze_notify()/g_object_thaw_notify() ... + # This is useful when updating several properties from another thread than + # where the idle will be emitted from + self.outfile.write('static void\n' + '%s_skeleton_notify (GObject *object,\n' + ' GParamSpec *pspec G_GNUC_UNUSED)\n' + '{\n' + ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' + ' g_mutex_lock (&skeleton->priv->lock);\n' + ' if (skeleton->priv->changed_properties != NULL &&\n' + ' skeleton->priv->changed_properties_idle_source == NULL)\n' + ' {\n' + ' skeleton->priv->changed_properties_idle_source = g_idle_source_new ();\n' + ' g_source_set_priority (skeleton->priv->changed_properties_idle_source, G_PRIORITY_DEFAULT);\n' + ' g_source_set_callback (skeleton->priv->changed_properties_idle_source, _%s_emit_changed, g_object_ref (skeleton), (GDestroyNotify) g_object_unref);\n' + ' g_source_set_name (skeleton->priv->changed_properties_idle_source, "[generated] _%s_emit_changed");\n' + ' g_source_attach (skeleton->priv->changed_properties_idle_source, skeleton->priv->context);\n' + ' g_source_unref (skeleton->priv->changed_properties_idle_source);\n' + ' }\n' + ' g_mutex_unlock (&skeleton->priv->lock);\n' + '}\n' + '\n' + %(i.name_lower, i.camel_name, i.ns_upper, i.name_upper, i.name_lower, i.name_lower)) + + self.outfile.write('static void\n' + '%s_skeleton_set_property (GObject *object,\n' + ' guint prop_id,\n' + ' const GValue *value,\n' + ' GParamSpec *pspec)\n' + '{\n'%(i.name_lower)) +- self.outfile.write(' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' ++ self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' ++ ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' g_mutex_lock (&skeleton->priv->lock);\n' + ' g_object_freeze_notify (object);\n' + ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' + ' {\n' +- ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' +- ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' ++ ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL &&\n' ++ ' info->emits_changed_signal)\n' ++ ' _%s_schedule_emit_changed (skeleton, info, prop_id, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_object_notify_by_pspec (object, pspec);\n' + ' }\n' + ' g_mutex_unlock (&skeleton->priv->lock);\n' + ' g_object_thaw_notify (object);\n' + %(i.camel_name, i.ns_upper, i.name_upper, len(i.properties), i.name_lower, i.name_lower)) + self.outfile.write('}\n' + '\n') + + self.outfile.write('static void\n' + '%s_skeleton_init (%sSkeleton *skeleton)\n' + '{\n' + '#if GLIB_VERSION_MAX_ALLOWED >= GLIB_VERSION_2_38\n' + ' skeleton->priv = %s_skeleton_get_instance_private (skeleton);\n' + '#else\n' + ' skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, %sTYPE_%s_SKELETON, %sSkeletonPrivate);\n' + '#endif\n\n' + %(i.name_lower, i.camel_name, + i.name_lower, + i.ns_upper, i.name_upper, i.camel_name)) + self.outfile.write(' g_mutex_init (&skeleton->priv->lock);\n') + self.outfile.write(' skeleton->priv->context = g_main_context_ref_thread_default ();\n') + if len(i.properties) > 0: + self.outfile.write(' skeleton->priv->properties = g_new0 (GValue, %d);\n'%(len(i.properties))) + n = 0 + for p in i.properties: + self.outfile.write(' g_value_init (&skeleton->priv->properties[%d], %s);\n'%(n, p.arg.gtype)) + n += 1 + self.outfile.write('}\n' + '\n') +diff --git a/gio/gdbus-2.0/codegen/dbustypes.py b/gio/gdbus-2.0/codegen/dbustypes.py +index bfc69f596..359880ff7 100644 +--- a/gio/gdbus-2.0/codegen/dbustypes.py ++++ b/gio/gdbus-2.0/codegen/dbustypes.py +@@ -300,89 +300,96 @@ class Signal: + arg_count = 0 + for a in self.args: + a.post_process(interface_prefix, cns, cns_upper, cns_lower, arg_count) + arg_count += 1 + + if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': + self.deprecated = True + + class Property: + def __init__(self, name, signature, access): + self.name = name + self.signature = signature + self.access = access + self.annotations = [] + self.arg = Arg('value', self.signature) + self.arg.annotations = self.annotations + self.readable = False + self.writable = False + if self.access == 'readwrite': + self.readable = True + self.writable = True + elif self.access == 'read': + self.readable = True + elif self.access == 'write': + self.writable = True + else: + print_error('Invalid access type "{}"'.format(self.access)) + self.doc_string = '' + self.since = '' + self.deprecated = False ++ self.emits_changed_signal = True + + def post_process(self, interface_prefix, cns, cns_upper, cns_lower, containing_iface): + if len(self.doc_string) == 0: + self.doc_string = utils.lookup_docs(self.annotations) + if len(self.since) == 0: + self.since = utils.lookup_since(self.annotations) + if len(self.since) == 0: + self.since = containing_iface.since + + name = self.name + overridden_name = utils.lookup_annotation(self.annotations, 'org.gtk.GDBus.C.Name') + if utils.is_ugly_case(overridden_name): + self.name_lower = overridden_name.lower() + else: + if overridden_name: + name = overridden_name + self.name_lower = utils.camel_case_to_uscore(name).lower().replace('-', '_') + self.name_hyphen = self.name_lower.replace('_', '-') + # don't clash with the GType getter, e.g.: GType foo_bar_get_type (void); G_GNUC_CONST + if self.name_lower == 'type': + self.name_lower = 'type_' + + # recalculate arg + self.arg.annotations = self.annotations + self.arg.post_process(interface_prefix, cns, cns_upper, cns_lower, 0) + + if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': + self.deprecated = True + ++ # FIXME: for now we only support 'false' and 'const' on the signal itself, see #674913 and ++ # http://dbus.freedesktop.org/doc/dbus-specification.html#introspection-format ++ # for details ++ if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Property.EmitsChangedSignal') in ('false', 'const'): ++ self.emits_changed_signal = False ++ + class Interface: + def __init__(self, name): + self.name = name + self.methods = [] + self.signals = [] + self.properties = [] + self.annotations = [] + self.doc_string = '' + self.doc_string_brief = '' + self.since = '' + self.deprecated = False + + def post_process(self, interface_prefix, c_namespace): + if len(self.doc_string) == 0: + self.doc_string = utils.lookup_docs(self.annotations) + if len(self.doc_string_brief) == 0: + self.doc_string_brief = utils.lookup_brief_docs(self.annotations) + if len(self.since) == 0: + self.since = utils.lookup_since(self.annotations) + + if len(c_namespace) > 0: + if utils.is_ugly_case(c_namespace): + cns = c_namespace.replace('_', '') + cns_upper = c_namespace.upper() + '_' + cns_lower = c_namespace.lower() + '_' + else: + cns = c_namespace + cns_upper = utils.camel_case_to_uscore(c_namespace).upper() + '_' + cns_lower = utils.camel_case_to_uscore(c_namespace).lower() + '_' + else: +diff --git a/gio/tests/gdbus-test-codegen.c b/gio/tests/gdbus-test-codegen.c +index 1c4e83c4c..c906d05ae 100644 +--- a/gio/tests/gdbus-test-codegen.c ++++ b/gio/tests/gdbus-test-codegen.c +@@ -1740,103 +1740,127 @@ on_object_proxy_added (GDBusObjectManagerClient *manager, + gpointer user_data) + { + OMData *om_data = user_data; + om_data->num_object_proxy_added_signals += 1; + g_signal_connect (object_proxy, + "interface-added", + G_CALLBACK (on_interface_added), + om_data); + g_signal_connect (object_proxy, + "interface-removed", + G_CALLBACK (on_interface_removed), + om_data); + } + + static void + on_object_proxy_removed (GDBusObjectManagerClient *manager, + GDBusObjectProxy *object_proxy, + gpointer user_data) + { + OMData *om_data = user_data; + om_data->num_object_proxy_removed_signals += 1; + g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, + G_CALLBACK (on_interface_added), + om_data), ==, 1); + g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, + G_CALLBACK (on_interface_removed), + om_data), ==, 1); + } + + static void +-property_d_changed (GObject *object, +- GParamSpec *pspec, +- gpointer user_data) ++property_changed (GObject *object, ++ GParamSpec *pspec, ++ gpointer user_data) + { + gboolean *changed = user_data; + + *changed = TRUE; + } + + static void + om_check_property_and_signal_emission (GMainLoop *loop, + FooiGenBar *skeleton, + FooiGenBar *proxy) + { + gboolean d_changed = FALSE; ++ gboolean quiet_changed = FALSE; ++ gboolean quiet_too_changed = FALSE; + guint handler; + + /* First PropertiesChanged */ + g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 0); + g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 0); + foo_igen_bar_set_i (skeleton, 1); + _g_assert_property_notify (proxy, "i"); + g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 1); + g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 1); + + /* Double-check the gdouble case */ + g_assert_cmpfloat (foo_igen_bar_get_d (skeleton), ==, 0.0); + g_assert_cmpfloat (foo_igen_bar_get_d (proxy), ==, 0.0); + foo_igen_bar_set_d (skeleton, 1.0); + _g_assert_property_notify (proxy, "d"); + + /* Verify that re-setting it to the same value doesn't cause a + * notify on the proxy, by taking advantage of the fact that + * notifications are serialized. + */ + handler = g_signal_connect (proxy, "notify::d", +- G_CALLBACK (property_d_changed), &d_changed); ++ G_CALLBACK (property_changed), &d_changed); + foo_igen_bar_set_d (skeleton, 1.0); + foo_igen_bar_set_i (skeleton, 2); + _g_assert_property_notify (proxy, "i"); + g_assert (d_changed == FALSE); + g_signal_handler_disconnect (proxy, handler); + ++ /* Verify that re-setting a property with the "EmitsChangedSignal" ++ * set to false doesn't emit a signal. */ ++ handler = g_signal_connect (proxy, "notify::quiet", ++ G_CALLBACK (property_changed), &quiet_changed); ++ foo_igen_bar_set_quiet (skeleton, "hush!"); ++ foo_igen_bar_set_i (skeleton, 3); ++ _g_assert_property_notify (proxy, "i"); ++ g_assert (quiet_changed == FALSE); ++ g_assert_cmpstr (foo_igen_bar_get_quiet (skeleton), ==, "hush!"); ++ g_signal_handler_disconnect (proxy, handler); ++ ++ /* Also verify that re-setting a property with the "EmitsChangedSignal" ++ * set to 'const' doesn't emit a signal. */ ++ handler = g_signal_connect (proxy, "notify::quiet-too", ++ G_CALLBACK (property_changed), &quiet_changed); ++ foo_igen_bar_set_quiet_too (skeleton, "hush too!"); ++ foo_igen_bar_set_i (skeleton, 4); ++ _g_assert_property_notify (proxy, "i"); ++ g_assert (quiet_too_changed == FALSE); ++ g_assert_cmpstr (foo_igen_bar_get_quiet_too (skeleton), ==, "hush too!"); ++ g_signal_handler_disconnect (proxy, handler); ++ + /* Then just a regular signal */ + foo_igen_bar_emit_another_signal (skeleton, "word"); + _g_assert_signal_received (proxy, "another-signal"); + } + + static void + check_object_manager (void) + { + FooiGenObjectSkeleton *o = NULL; + FooiGenObjectSkeleton *o2 = NULL; + FooiGenObjectSkeleton *o3 = NULL; + GDBusInterfaceSkeleton *i; + GDBusConnection *c; + GDBusObjectManagerServer *manager = NULL; + GDBusNodeInfo *info; + GError *error; + GMainLoop *loop; + OMData *om_data = NULL; + guint om_signal_id = -1; + GDBusObjectManager *pm = NULL; + GList *object_proxies; + GList *proxies; + GDBusObject *op; + GDBusProxy *p; + FooiGenBar *bar_skeleton; + GDBusInterface *iface; + gchar *path, *name, *name_owner; + GDBusConnection *c2; + GDBusObjectManagerClientFlags flags; + +@@ -2124,73 +2148,73 @@ check_object_manager (void) + "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}},)"); + + /* -------------------------------------------------- */ + + /* create a new object with two interfaces */ + o2 = foo_igen_object_skeleton_new ("/managed/second"); + i = G_DBUS_INTERFACE_SKELETON (foo_igen_bar_skeleton_new ()); + bar_skeleton = FOO_IGEN_BAR (i); /* save for later test */ + foo_igen_object_skeleton_set_bar (o2, FOO_IGEN_BAR (i)); + g_clear_object (&i); + i = G_DBUS_INTERFACE_SKELETON (foo_igen_bat_skeleton_new ()); + foo_igen_object_skeleton_set_bat (o2, FOO_IGEN_BAT (i)); + g_clear_object (&i); + /* ... add it */ + g_dbus_object_manager_server_export (manager, G_DBUS_OBJECT_SKELETON (o2)); + /* ... check we get the InterfacesAdded with _two_ interfaces */ + om_data->state = 101; + g_main_loop_run (om_data->loop); + g_assert_cmpint (om_data->state, ==, 102); + g_assert_cmpint (om_data->num_object_proxy_added_signals, ==, 5); + g_assert_cmpint (om_data->num_object_proxy_removed_signals, ==, 3); + g_assert_cmpint (om_data->num_interface_added_signals, ==, 1); + g_assert_cmpint (om_data->num_interface_removed_signals, ==, 1); + + /* -------------------------------------------------- */ + + /* Now that we have a couple of objects with interfaces, check + * that ObjectManager.GetManagedObjects() works + */ + om_check_get_all (c, loop, +- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); ++ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); + + /* Set connection to NULL, causing everything to be unexported.. verify this.. and + * then set the connection back.. and then check things still work + */ + g_dbus_object_manager_server_set_connection (manager, NULL); + info = introspect (c, g_dbus_connection_get_unique_name (c), "/managed", loop); + g_assert_cmpint (count_interfaces (info), ==, 0); /* nothing */ + g_dbus_node_info_unref (info); + + g_dbus_object_manager_server_set_connection (manager, c); + om_check_get_all (c, loop, +- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); ++ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); + + /* Also check that the ObjectManagerClient returns these objects - and + * that they are of the right GType cf. what was requested via + * the generated ::get-proxy-type signal handler + */ + object_proxies = g_dbus_object_manager_get_objects (pm); + g_assert (g_list_length (object_proxies) == 2); + g_list_free_full (object_proxies, g_object_unref); + op = g_dbus_object_manager_get_object (pm, "/managed/first"); + g_assert (op != NULL); + g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); + g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/first"); + proxies = g_dbus_object_get_interfaces (op); + g_assert (g_list_length (proxies) == 1); + g_list_free_full (proxies, g_object_unref); + p = G_DBUS_PROXY (foo_igen_object_get_com_acme_coyote (FOO_IGEN_OBJECT (op))); + g_assert (p != NULL); + g_assert_cmpint (G_TYPE_FROM_INSTANCE (p), ==, FOO_IGEN_TYPE_COM_ACME_COYOTE_PROXY); + g_assert (g_type_is_a (G_TYPE_FROM_INSTANCE (p), FOO_IGEN_TYPE_COM_ACME_COYOTE)); + g_clear_object (&p); + p = (GDBusProxy *) g_dbus_object_get_interface (op, "org.project.NonExisting"); + g_assert (p == NULL); + g_clear_object (&op); + + /* -- */ + op = g_dbus_object_manager_get_object (pm, "/managed/second"); + g_assert (op != NULL); + g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); + g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/second"); + proxies = g_dbus_object_get_interfaces (op); +diff --git a/gio/tests/test-codegen.xml b/gio/tests/test-codegen.xml +index 885a21f77..39d8769c7 100644 +--- a/gio/tests/test-codegen.xml ++++ b/gio/tests/test-codegen.xml +@@ -79,60 +79,66 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ++ ++ ++ ++ ++ ++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +-- +2.21.0 + diff --git a/SOURCES/546.patch b/SOURCES/546.patch new file mode 100644 index 0000000..1352561 --- /dev/null +++ b/SOURCES/546.patch @@ -0,0 +1,21 @@ +From 521f9605e0ab019ec9a493153ca0c8fe4267d665 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 17 Dec 2018 15:46:10 -0500 +Subject: [PATCH] spawn: add shebang line to script + +downstream tools get confused when the script is missing a shebang +line, and having a shebang line doesn't hurt, so add one. +--- + glib/tests/echo-script | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/glib/tests/echo-script b/glib/tests/echo-script +index c732ed910..b609f2d39 100755 +--- a/glib/tests/echo-script ++++ b/glib/tests/echo-script +@@ -1 +1,2 @@ ++#!/bin/sh + echo "echo" +-- +2.20.0 + diff --git a/SOURCES/CVE-2019-12450.patch b/SOURCES/CVE-2019-12450.patch new file mode 100644 index 0000000..6c514e1 --- /dev/null +++ b/SOURCES/CVE-2019-12450.patch @@ -0,0 +1,53 @@ +From d8f8f4d637ce43f8699ba94c9b7648beda0ca174 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy +Date: Thu, 23 May 2019 10:41:53 +0200 +Subject: [PATCH] gfile: Limit access to files when copying + +file_copy_fallback creates new files with default permissions and +set the correct permissions after the operation is finished. This +might cause that the files can be accessible by more users during +the operation than expected. Use G_FILE_CREATE_PRIVATE for the new +files to limit access to those files. +--- + gio/gfile.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/gio/gfile.c b/gio/gfile.c +index 24b136d80..74b58047c 100644 +--- a/gio/gfile.c ++++ b/gio/gfile.c +@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, + out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), + FALSE, NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, +- info, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, info, + cancellable, error); + else + out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), +- FALSE, 0, info, ++ FALSE, G_FILE_CREATE_PRIVATE, info, + cancellable, error); + } + else if (flags & G_FILE_COPY_OVERWRITE) +@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, + out = (GOutputStream *)g_file_replace (destination, + NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, + cancellable, error); + } + else + { +- out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); ++ out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); + } + + if (!out) +-- +2.21.0 + diff --git a/SOURCES/CVE-2021-27218.patch b/SOURCES/CVE-2021-27218.patch new file mode 100644 index 0000000..15aa571 --- /dev/null +++ b/SOURCES/CVE-2021-27218.patch @@ -0,0 +1,129 @@ +From 89b522ed31837cb2ac107a8961fbb0f2c7fc7ccb Mon Sep 17 00:00:00 2001 +From: Krzesimir Nowak +Date: Wed, 10 Feb 2021 23:51:07 +0100 +Subject: [PATCH] gbytearray: Do not accept too large byte arrays + +GByteArray uses guint for storing the length of the byte array, but it +also has a constructor (g_byte_array_new_take) that takes length as a +gsize. gsize may be larger than guint (64 bits for gsize vs 32 bits +for guint). It is possible to call the function with a value greater +than G_MAXUINT, which will result in silent length truncation. This +may happen as a result of unreffing GBytes into GByteArray, so rather +be loud about it. + +(Test case tweaked by Philip Withnall.) +--- + glib/garray.c | 6 ++++++ + glib/gbytes.c | 4 ++++ + glib/tests/bytes.c | 37 +++++++++++++++++++++++++++++++++++-- + 3 files changed, 45 insertions(+), 2 deletions(-) + +diff --git a/glib/garray.c b/glib/garray.c +index aa3c04707..271d85ad8 100644 +--- a/glib/garray.c ++++ b/glib/garray.c +@@ -1666,6 +1666,10 @@ g_byte_array_new (void) + * Create byte array containing the data. The data will be owned by the array + * and will be freed with g_free(), i.e. it could be allocated using g_strdup(). + * ++ * Do not use it if @len is greater than %G_MAXUINT. #GByteArray ++ * stores the length of its data in #guint, which may be shorter than ++ * #gsize. ++ * + * Since: 2.32 + * + * Returns: (transfer full): a new #GByteArray +@@ -1677,6 +1681,8 @@ g_byte_array_new_take (guint8 *data, + GByteArray *array; + GRealArray *real; + ++ g_return_val_if_fail (len <= G_MAXUINT, NULL); ++ + array = g_byte_array_new (); + real = (GRealArray *)array; + g_assert (real->data == NULL); +diff --git a/glib/gbytes.c b/glib/gbytes.c +index 5141170d7..635b79535 100644 +--- a/glib/gbytes.c ++++ b/glib/gbytes.c +@@ -512,6 +512,10 @@ g_bytes_unref_to_data (GBytes *bytes, + * g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes(). In all + * other cases the data is copied. + * ++ * Do not use it if @bytes contains more than %G_MAXUINT ++ * bytes. #GByteArray stores the length of its data in #guint, which ++ * may be shorter than #gsize, that @bytes is using. ++ * + * Returns: (transfer full): a new mutable #GByteArray containing the same byte data + * + * Since: 2.32 +diff --git a/glib/tests/bytes.c b/glib/tests/bytes.c +index 5ea5c2b35..42281307b 100644 +--- a/glib/tests/bytes.c ++++ b/glib/tests/bytes.c +@@ -10,12 +10,12 @@ + */ + + #undef G_DISABLE_ASSERT +-#undef G_LOG_DOMAIN + + #include + #include + #include + #include "glib.h" ++#include "glib/gstrfuncsprivate.h" + + /* Keep in sync with glib/gbytes.c */ + struct _GBytes +@@ -333,6 +333,38 @@ test_to_array_transferred (void) + g_byte_array_unref (array); + } + ++static void ++test_to_array_transferred_oversize (void) ++{ ++ g_test_message ("g_bytes_unref_to_array() can only take GBytes up to " ++ "G_MAXUINT in length; test that longer ones are rejected"); ++ ++ if (sizeof (guint) >= sizeof (gsize)) ++ { ++ g_test_skip ("Skipping test as guint is not smaller than gsize"); ++ } ++ else if (g_test_undefined ()) ++ { ++ GByteArray *array = NULL; ++ GBytes *bytes = NULL; ++ gpointer data = g_memdup2 (NYAN, N_NYAN); ++ gsize len = ((gsize) G_MAXUINT) + 1; ++ ++ bytes = g_bytes_new_take (data, len); ++ g_test_expect_message (G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL, ++ "g_byte_array_new_take: assertion 'len <= G_MAXUINT' failed"); ++ array = g_bytes_unref_to_array (g_steal_pointer (&bytes)); ++ g_test_assert_expected_messages (); ++ g_assert_null (array); ++ ++ g_free (data); ++ } ++ else ++ { ++ g_test_skip ("Skipping test as testing undefined behaviour is disabled"); ++ } ++} ++ + static void + test_to_array_two_refs (void) + { +@@ -407,7 +439,8 @@ main (int argc, char *argv[]) + g_test_add_func ("/bytes/to-data/transfered", test_to_data_transferred); + g_test_add_func ("/bytes/to-data/two-refs", test_to_data_two_refs); + g_test_add_func ("/bytes/to-data/non-malloc", test_to_data_non_malloc); +- g_test_add_func ("/bytes/to-array/transfered", test_to_array_transferred); ++ g_test_add_func ("/bytes/to-array/transferred", test_to_array_transferred); ++ g_test_add_func ("/bytes/to-array/transferred-oversize", test_to_array_transferred_oversize); + g_test_add_func ("/bytes/to-array/two-refs", test_to_array_two_refs); + g_test_add_func ("/bytes/to-array/non-malloc", test_to_array_non_malloc); + g_test_add_func ("/bytes/null", test_null); +-- +2.31.1 + diff --git a/SOURCES/CVE-2021-27219.patch b/SOURCES/CVE-2021-27219.patch new file mode 100644 index 0000000..8374e68 --- /dev/null +++ b/SOURCES/CVE-2021-27219.patch @@ -0,0 +1,849 @@ +From 7b46597384de916b4027ebaff662d06ff3ea2bc8 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:30:52 +0000 +Subject: [PATCH 1/6] gstrfuncs: Add internal g_memdup2() function +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will replace the existing `g_memdup()` function for use within +GLib. It has an unavoidable security flaw of taking its `byte_size` +argument as a `guint` rather than as a `gsize`. Most callers will +expect it to be a `gsize`, and may pass in large values which could +silently be truncated, resulting in an undersize allocation compared +to what the caller expects. + +This could lead to a classic buffer overflow vulnerability for many +callers of `g_memdup()`. + +`g_memdup2()`, in comparison, takes its `byte_size` as a `gsize`. + +Spotted by Kevin Backhouse of GHSL. + +In GLib 2.68, `g_memdup2()` will be a new public API. In this version +for backport to older stable releases, it’s a new `static inline` API +in a private header, so that use of `g_memdup()` within GLib can be +fixed without adding a new API in a stable release series. + +Signed-off-by: Philip Withnall +Helps: CVE-2021-27219 +Helps: GHSL-2021-045 +Helps: #2319 +(cherry picked from commit 5e5f75a77e399c638be66d74e5daa8caeb433e00) +--- + docs/reference/glib/meson.build | 1 + + glib/gstrfuncsprivate.h | 55 +++++++++++++++++++++++++++++++++ + glib/meson.build | 1 + + glib/tests/strfuncs.c | 23 ++++++++++++++ + 4 files changed, 80 insertions(+) + create mode 100644 glib/gstrfuncsprivate.h + +diff --git a/docs/reference/glib/meson.build b/docs/reference/glib/meson.build +index f0f915e96..1a3680941 100644 +--- a/docs/reference/glib/meson.build ++++ b/docs/reference/glib/meson.build +@@ -20,6 +20,7 @@ if get_option('gtk_doc') + 'gprintfint.h', + 'gmirroringtable.h', + 'gscripttable.h', ++ 'gstrfuncsprivate.h', + 'glib-mirroring-tab', + 'gnulib', + 'pcre', +diff --git a/glib/gstrfuncsprivate.h b/glib/gstrfuncsprivate.h +new file mode 100644 +index 000000000..85c88328a +--- /dev/null ++++ b/glib/gstrfuncsprivate.h +@@ -0,0 +1,55 @@ ++/* GLIB - Library of useful routines for C programming ++ * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, see . ++ */ ++ ++#include ++#include ++ ++/* ++ * g_memdup2: ++ * @mem: (nullable): the memory to copy. ++ * @byte_size: the number of bytes to copy. ++ * ++ * Allocates @byte_size bytes of memory, and copies @byte_size bytes into it ++ * from @mem. If @mem is %NULL it returns %NULL. ++ * ++ * This replaces g_memdup(), which was prone to integer overflows when ++ * converting the argument from a #gsize to a #guint. ++ * ++ * This static inline version is a backport of the new public API from ++ * GLib 2.68, kept internal to GLib for backport to older stable releases. ++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2319. ++ * ++ * Returns: (nullable): a pointer to the newly-allocated copy of the memory, ++ * or %NULL if @mem is %NULL. ++ * Since: 2.68 ++ */ ++static inline gpointer ++g_memdup2 (gconstpointer mem, ++ gsize byte_size) ++{ ++ gpointer new_mem; ++ ++ if (mem && byte_size != 0) ++ { ++ new_mem = g_malloc (byte_size); ++ memcpy (new_mem, mem, byte_size); ++ } ++ else ++ new_mem = NULL; ++ ++ return new_mem; ++} +diff --git a/glib/meson.build b/glib/meson.build +index a2f9da81c..481fd06ff 100644 +--- a/glib/meson.build ++++ b/glib/meson.build +@@ -167,6 +167,7 @@ glib_sources = files( + 'gslist.c', + 'gstdio.c', + 'gstrfuncs.c', ++ 'gstrfuncsprivate.h', + 'gstring.c', + 'gstringchunk.c', + 'gtestutils.c', +diff --git a/glib/tests/strfuncs.c b/glib/tests/strfuncs.c +index 7e031bdb1..2aa252946 100644 +--- a/glib/tests/strfuncs.c ++++ b/glib/tests/strfuncs.c +@@ -32,6 +32,8 @@ + #include + #include "glib.h" + ++#include "gstrfuncsprivate.h" ++ + #if defined (_MSC_VER) && (_MSC_VER <= 1800) + #define isnan(x) _isnan(x) + +@@ -199,6 +201,26 @@ test_is_to_digit (void) + #undef TEST_DIGIT + } + ++/* Testing g_memdup2() function with various positive and negative cases */ ++static void ++test_memdup2 (void) ++{ ++ gchar *str_dup = NULL; ++ const gchar *str = "The quick brown fox jumps over the lazy dog"; ++ ++ /* Testing negative cases */ ++ g_assert_null (g_memdup2 (NULL, 1024)); ++ g_assert_null (g_memdup2 (str, 0)); ++ g_assert_null (g_memdup2 (NULL, 0)); ++ ++ /* Testing normal usage cases */ ++ str_dup = g_memdup2 (str, strlen (str) + 1); ++ g_assert_nonnull (str_dup); ++ g_assert_cmpstr (str, ==, str_dup); ++ ++ g_free (str_dup); ++} ++ + static void + test_strdup (void) + { +@@ -1726,6 +1748,7 @@ main (int argc, + g_test_init (&argc, &argv, NULL); + + g_test_add_func ("/strfuncs/test-is-to-digit", test_is_to_digit); ++ g_test_add_func ("/strfuncs/memdup2", test_memdup2); + g_test_add_func ("/strfuncs/strdup", test_strdup); + g_test_add_func ("/strfuncs/strndup", test_strndup); + g_test_add_func ("/strfuncs/strdup-printf", test_strdup_printf); +-- +2.31.1 + +From d6aab169954d9e6e77753dee68e1b3f5932f6dee Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:41:21 +0000 +Subject: [PATCH 2/6] glib: Use g_memdup2() instead of g_memdup() in obvious + places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()` or an existing `gsize` +variable), so that they use `g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it + +In particular, this fixes an overflow within `g_bytes_new()`, identified +as GHSL-2021-045 (aka CVE-2021-27219) by GHSL team member Kevin Backhouse. + +Adapted for GLib 2.58 by Simon McVittie. + +Signed-off-by: Philip Withnall +Fixes: CVE-2021-27219 +Fixes: GHSL-2021-045 +Helps: #2319 +(cherry picked from commit 0736b7c1e7cf4232c5d7eb2b0fbfe9be81bd3baa) +[Backport to 2.58: Omit changes to ghash.c, will be a separate commit] +[Backport to 2.58: Omit changes to giochannel.c, not needed in this branch] +[Backport to 2.58: Omit changes to uri test, not needed in this branch] +Signed-off-by: Simon McVittie +--- + glib/gbytes.c | 6 ++++-- + glib/gdir.c | 3 ++- + glib/gslice.c | 3 ++- + glib/gtestutils.c | 3 ++- + glib/gvariant.c | 7 ++++--- + glib/gvarianttype.c | 3 ++- + glib/tests/array-test.c | 2 +- + glib/tests/option-context.c | 6 ++++-- + 8 files changed, 21 insertions(+), 12 deletions(-) + +diff --git a/glib/gbytes.c b/glib/gbytes.c +index 3b14a51cd..5141170d7 100644 +--- a/glib/gbytes.c ++++ b/glib/gbytes.c +@@ -33,6 +33,8 @@ + + #include + ++#include "gstrfuncsprivate.h" ++ + /** + * GBytes: + * +@@ -94,7 +96,7 @@ g_bytes_new (gconstpointer data, + { + g_return_val_if_fail (data != NULL || size == 0, NULL); + +- return g_bytes_new_take (g_memdup (data, size), size); ++ return g_bytes_new_take (g_memdup2 (data, size), size); + } + + /** +@@ -490,7 +492,7 @@ g_bytes_unref_to_data (GBytes *bytes, + * Copy: Non g_malloc (or compatible) allocator, or static memory, + * so we have to copy, and then unref. + */ +- result = g_memdup (bytes->data, bytes->size); ++ result = g_memdup2 (bytes->data, bytes->size); + *size = bytes->size; + g_bytes_unref (bytes); + } +diff --git a/glib/gdir.c b/glib/gdir.c +index cb4ad0b2f..9d955d57f 100644 +--- a/glib/gdir.c ++++ b/glib/gdir.c +@@ -37,6 +37,7 @@ + #include "gconvert.h" + #include "gfileutils.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gtestutils.h" + #include "glibintl.h" + +@@ -113,7 +114,7 @@ g_dir_open_with_errno (const gchar *path, + return NULL; + #endif + +- return g_memdup (&dir, sizeof dir); ++ return g_memdup2 (&dir, sizeof dir); + } + + /** +diff --git a/glib/gslice.c b/glib/gslice.c +index 454c8a602..8e2359515 100644 +--- a/glib/gslice.c ++++ b/glib/gslice.c +@@ -45,6 +45,7 @@ + #include "gmain.h" + #include "gmem.h" /* gslice.h */ + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gutils.h" + #include "gtrashstack.h" + #include "gtestutils.h" +@@ -352,7 +353,7 @@ g_slice_get_config_state (GSliceConfig ckey, + array[i++] = allocator->contention_counters[address]; + array[i++] = allocator_get_magazine_threshold (allocator, address); + *n_values = i; +- return g_memdup (array, sizeof (array[0]) * *n_values); ++ return g_memdup2 (array, sizeof (array[0]) * *n_values); + default: + return NULL; + } +diff --git a/glib/gtestutils.c b/glib/gtestutils.c +index 0447dcda5..14e071fce 100644 +--- a/glib/gtestutils.c ++++ b/glib/gtestutils.c +@@ -49,6 +49,7 @@ + #include "gpattern.h" + #include "grand.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gtimer.h" + #include "gslice.h" + #include "gspawn.h" +@@ -3397,7 +3398,7 @@ g_test_log_extract (GTestLogBuffer *tbuffer) + if (p <= tbuffer->data->str + mlength) + { + g_string_erase (tbuffer->data, 0, mlength); +- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg))); ++ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg))); + return TRUE; + } + +diff --git a/glib/gvariant.c b/glib/gvariant.c +index 8be9ce798..45a1a73dc 100644 +--- a/glib/gvariant.c ++++ b/glib/gvariant.c +@@ -33,6 +33,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + + /** + * SECTION:gvariant +@@ -720,7 +721,7 @@ g_variant_new_variant (GVariant *value) + g_variant_ref_sink (value); + + return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT, +- g_memdup (&value, sizeof value), ++ g_memdup2 (&value, sizeof value), + 1, g_variant_is_trusted (value)); + } + +@@ -1224,7 +1225,7 @@ g_variant_new_fixed_array (const GVariantType *element_type, + return NULL; + } + +- data = g_memdup (elements, n_elements * element_size); ++ data = g_memdup2 (elements, n_elements * element_size); + value = g_variant_new_from_data (array_type, data, + n_elements * element_size, + FALSE, g_free, data); +@@ -1901,7 +1902,7 @@ g_variant_dup_bytestring (GVariant *value, + if (length) + *length = size; + +- return g_memdup (original, size + 1); ++ return g_memdup2 (original, size + 1); + } + + /** +diff --git a/glib/gvarianttype.c b/glib/gvarianttype.c +index c8433e65a..dbbf7d2d1 100644 +--- a/glib/gvarianttype.c ++++ b/glib/gvarianttype.c +@@ -28,6 +28,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + + /** + * SECTION:gvarianttype +@@ -1174,7 +1175,7 @@ g_variant_type_new_tuple (const GVariantType * const *items, + g_assert (offset < sizeof buffer); + buffer[offset++] = ')'; + +- return (GVariantType *) g_memdup (buffer, offset); ++ return (GVariantType *) g_memdup2 (buffer, offset); + } + + /** +-- +2.31.1 + +From 7e2c2a07508a97b9d75e402afe4749b02a34dd8b Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Thu, 18 Mar 2021 10:31:00 +0000 +Subject: [PATCH 3/6] ghash: Use g_memdup2() instead of g_memdup() + +Backport of part of commit 0736b7c1e7cf4232c5d7eb2b0fbfe9be81bd3baa +to the simpler structure of the GHashTable code in glib-2-58. + +Helps: #2319 +Signed-off-by: Simon McVittie +--- + glib/ghash.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/glib/ghash.c b/glib/ghash.c +index 6bb04a50d..608d136f4 100644 +--- a/glib/ghash.c ++++ b/glib/ghash.c +@@ -34,6 +34,7 @@ + + #include "glib-private.h" + #include "gstrfuncs.h" ++#include "gstrfuncsprivate.h" + #include "gatomic.h" + #include "gtestutils.h" + #include "gslice.h" +@@ -967,7 +968,7 @@ g_hash_table_insert_node (GHashTable *hash_table, + * split the table. + */ + if (G_UNLIKELY (hash_table->keys == hash_table->values && hash_table->keys[node_index] != new_value)) +- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); ++ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); + + /* Step 3: Actually do the write */ + hash_table->values[node_index] = new_value; +-- +2.31.1 + +From 9e0c87610dccd1b0eaca28a3baa521ea6a24f46b Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:39:25 +0000 +Subject: [PATCH 4/6] gobject: Use g_memdup2() instead of g_memdup() in obvious + places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()`), so that they use +`g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it. + +Signed-off-by: Philip Withnall +Helps: #2319 +(cherry picked from commit 6110caea45b235420b98cd41d845cc92238f6781) +--- + gobject/gsignal.c | 3 ++- + gobject/gtype.c | 9 +++++---- + gobject/gtypemodule.c | 3 ++- + gobject/tests/param.c | 4 +++- + 4 files changed, 12 insertions(+), 7 deletions(-) + +diff --git a/gobject/gsignal.c b/gobject/gsignal.c +index b22dfcca8..92555eb60 100644 +--- a/gobject/gsignal.c ++++ b/gobject/gsignal.c +@@ -28,6 +28,7 @@ + #include + + #include "gsignal.h" ++#include "gstrfuncsprivate.h" + #include "gtype-private.h" + #include "gbsearcharray.h" + #include "gvaluecollector.h" +@@ -1724,7 +1725,7 @@ g_signal_newv (const gchar *signal_name, + node->single_va_closure_is_valid = FALSE; + node->flags = signal_flags & G_SIGNAL_FLAGS_MASK; + node->n_params = n_params; +- node->param_types = g_memdup (param_types, sizeof (GType) * n_params); ++ node->param_types = g_memdup2 (param_types, sizeof (GType) * n_params); + node->return_type = return_type; + node->class_closure_bsa = NULL; + if (accumulator) +diff --git a/gobject/gtype.c b/gobject/gtype.c +index 275a8b60b..9e663ce52 100644 +--- a/gobject/gtype.c ++++ b/gobject/gtype.c +@@ -33,6 +33,7 @@ + + #include "glib-private.h" + #include "gconstructor.h" ++#include "gstrfuncsprivate.h" + + #ifdef G_OS_WIN32 + #include +@@ -1471,7 +1472,7 @@ type_add_interface_Wm (TypeNode *node, + iholder->next = iface_node_get_holders_L (iface); + iface_node_set_holders_W (iface, iholder); + iholder->instance_type = NODE_TYPE (node); +- iholder->info = info ? g_memdup (info, sizeof (*info)) : NULL; ++ iholder->info = info ? g_memdup2 (info, sizeof (*info)) : NULL; + iholder->plugin = plugin; + + /* create an iface entry for this type */ +@@ -1732,7 +1733,7 @@ type_iface_retrieve_holder_info_Wm (TypeNode *iface, + INVALID_RECURSION ("g_type_plugin_*", iholder->plugin, NODE_NAME (iface)); + + check_interface_info_I (iface, instance_type, &tmp_info); +- iholder->info = g_memdup (&tmp_info, sizeof (tmp_info)); ++ iholder->info = g_memdup2 (&tmp_info, sizeof (tmp_info)); + } + + return iholder; /* we don't modify write lock upon returning NULL */ +@@ -2013,10 +2014,10 @@ type_iface_vtable_base_init_Wm (TypeNode *iface, + IFaceEntry *pentry = type_lookup_iface_entry_L (pnode, iface); + + if (pentry) +- vtable = g_memdup (pentry->vtable, iface->data->iface.vtable_size); ++ vtable = g_memdup2 (pentry->vtable, iface->data->iface.vtable_size); + } + if (!vtable) +- vtable = g_memdup (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); ++ vtable = g_memdup2 (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); + entry->vtable = vtable; + vtable->g_type = NODE_TYPE (iface); + vtable->g_instance_type = NODE_TYPE (node); +diff --git a/gobject/gtypemodule.c b/gobject/gtypemodule.c +index c67f789b1..cf877bc0b 100644 +--- a/gobject/gtypemodule.c ++++ b/gobject/gtypemodule.c +@@ -19,6 +19,7 @@ + + #include + ++#include "gstrfuncsprivate.h" + #include "gtypeplugin.h" + #include "gtypemodule.h" + +@@ -436,7 +437,7 @@ g_type_module_register_type (GTypeModule *module, + module_type_info->loaded = TRUE; + module_type_info->info = *type_info; + if (type_info->value_table) +- module_type_info->info.value_table = g_memdup (type_info->value_table, ++ module_type_info->info.value_table = g_memdup2 (type_info->value_table, + sizeof (GTypeValueTable)); + + return module_type_info->type; +diff --git a/gobject/tests/param.c b/gobject/tests/param.c +index 758289bf8..971cff162 100644 +--- a/gobject/tests/param.c ++++ b/gobject/tests/param.c +@@ -2,6 +2,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + static void + test_param_value (void) + { +@@ -851,7 +853,7 @@ main (int argc, char *argv[]) + test_path = g_strdup_printf ("/param/implement/subprocess/%d-%d-%d-%d", + data.change_this_flag, data.change_this_type, + data.use_this_flag, data.use_this_type); +- test_data = g_memdup (&data, sizeof (TestParamImplementData)); ++ test_data = g_memdup2 (&data, sizeof (TestParamImplementData)); + g_test_add_data_func_full (test_path, test_data, test_param_implement_child, g_free); + g_free (test_path); + } +-- +2.31.1 + +From d3f7a79540fc1e85eb82c2987e9f7e2dbd93ff74 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 4 Feb 2021 13:37:56 +0000 +Subject: [PATCH 5/6] gio: Use g_memdup2() instead of g_memdup() in obvious + places +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Convert all the call sites which use `g_memdup()`’s length argument +trivially (for example, by passing a `sizeof()`), so that they use +`g_memdup2()` instead. + +In almost all of these cases the use of `g_memdup()` would not have +caused problems, but it will soon be deprecated, so best port away from +it. + +Signed-off-by: Philip Withnall +Helps: #2319 +(cherry picked from commit be8834340a2d928ece82025463ae23dee2c333d0) +--- + gio/gdbusconnection.c | 5 +++-- + gio/gdbusinterfaceskeleton.c | 3 ++- + gio/gfile.c | 7 ++++--- + gio/gsettingsschema.c | 5 +++-- + gio/gwin32registrykey.c | 8 +++++--- + gio/tests/async-close-output-stream.c | 6 ++++-- + gio/tests/gdbus-export.c | 5 +++-- + gio/win32/gwinhttpfile.c | 9 +++++---- + 8 files changed, 29 insertions(+), 19 deletions(-) + +diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c +index 6f7e5fefc..117c8df35 100644 +--- a/gio/gdbusconnection.c ++++ b/gio/gdbusconnection.c +@@ -119,6 +119,7 @@ + #include "gasyncinitable.h" + #include "giostream.h" + #include "gasyncresult.h" ++#include "gstrfuncsprivate.h" + #include "gtask.h" + + #ifdef G_OS_UNIX +@@ -3970,7 +3971,7 @@ _g_dbus_interface_vtable_copy (const GDBusInterfaceVTable *vtable) + /* Don't waste memory by copying padding - remember to update this + * when changing struct _GDBusInterfaceVTable in gdbusconnection.h + */ +- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); ++ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); + } + + static void +@@ -3987,7 +3988,7 @@ _g_dbus_subtree_vtable_copy (const GDBusSubtreeVTable *vtable) + /* Don't waste memory by copying padding - remember to update this + * when changing struct _GDBusSubtreeVTable in gdbusconnection.h + */ +- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); ++ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); + } + + static void +diff --git a/gio/gdbusinterfaceskeleton.c b/gio/gdbusinterfaceskeleton.c +index 96bd520aa..672604c49 100644 +--- a/gio/gdbusinterfaceskeleton.c ++++ b/gio/gdbusinterfaceskeleton.c +@@ -27,6 +27,7 @@ + #include "gdbusprivate.h" + #include "gdbusmethodinvocation.h" + #include "gdbusconnection.h" ++#include "gstrfuncsprivate.h" + #include "gtask.h" + #include "gioerror.h" + +@@ -697,7 +698,7 @@ add_connection_locked (GDBusInterfaceSkeleton *interface_, + * properly before building the hooked_vtable, so we create it + * once at the last minute. + */ +- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); ++ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); + interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call; + } + +diff --git a/gio/gfile.c b/gio/gfile.c +index ff313ebf8..29ebaaa62 100644 +--- a/gio/gfile.c ++++ b/gio/gfile.c +@@ -60,6 +60,7 @@ + #include "gasyncresult.h" + #include "gioerror.h" + #include "glibintl.h" ++#include "gstrfuncsprivate.h" + + + /** +@@ -7734,7 +7735,7 @@ measure_disk_usage_progress (gboolean reporting, + g_main_context_invoke_full (g_task_get_context (task), + g_task_get_priority (task), + measure_disk_usage_invoke_progress, +- g_memdup (&progress, sizeof progress), ++ g_memdup2 (&progress, sizeof progress), + g_free); + } + +@@ -7752,7 +7753,7 @@ measure_disk_usage_thread (GTask *task, + data->progress_callback ? measure_disk_usage_progress : NULL, task, + &result.disk_usage, &result.num_dirs, &result.num_files, + &error)) +- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free); ++ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free); + else + g_task_return_error (task, error); + } +@@ -7776,7 +7777,7 @@ g_file_real_measure_disk_usage_async (GFile *file, + + task = g_task_new (file, cancellable, callback, user_data); + g_task_set_source_tag (task, g_file_real_measure_disk_usage_async); +- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free); ++ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free); + g_task_set_priority (task, io_priority); + + g_task_run_in_thread (task, measure_disk_usage_thread); +diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c +index 17b7e3b01..499944395 100644 +--- a/gio/gsettingsschema.c ++++ b/gio/gsettingsschema.c +@@ -20,6 +20,7 @@ + + #include "gsettingsschema-internal.h" + #include "gsettings.h" ++#include "gstrfuncsprivate.h" + + #include "gvdb/gvdb-reader.h" + #include "strinfo.c" +@@ -1054,9 +1055,9 @@ g_settings_schema_list_children (GSettingsSchema *schema) + + if (g_str_has_suffix (key, "/")) + { +- gint length = strlen (key); ++ gsize length = strlen (key); + +- strv[j] = g_memdup (key, length); ++ strv[j] = g_memdup2 (key, length); + strv[j][length - 1] = '\0'; + j++; + } +diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c +index c19fede4e..619fd48af 100644 +--- a/gio/gwin32registrykey.c ++++ b/gio/gwin32registrykey.c +@@ -28,6 +28,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + #ifndef _WDMDDK_ + typedef enum _KEY_INFORMATION_CLASS { + KeyBasicInformation, +@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter) + new_iter->value_name_size = iter->value_name_size; + + if (iter->value_data != NULL) +- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size); ++ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size); + + new_iter->value_data_size = iter->value_data_size; + +@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter) + new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize; + + if (iter->value_data_expanded_u8 != NULL) +- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8, +- iter->value_data_expanded_charsize); ++ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8, ++ iter->value_data_expanded_charsize); + + new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize; + +diff --git a/gio/tests/async-close-output-stream.c b/gio/tests/async-close-output-stream.c +index 5f6620275..d3f97a119 100644 +--- a/gio/tests/async-close-output-stream.c ++++ b/gio/tests/async-close-output-stream.c +@@ -24,6 +24,8 @@ + #include + #include + ++#include "gstrfuncsprivate.h" ++ + #define DATA_TO_WRITE "Hello world\n" + + typedef struct +@@ -147,9 +149,9 @@ prepare_data (SetupData *data, + + data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream)); + +- g_assert_cmpint (data->expected_size, >, 0); ++ g_assert_cmpuint (data->expected_size, >, 0); + +- data->expected_output = g_memdup (written, (guint)data->expected_size); ++ data->expected_output = g_memdup2 (written, data->expected_size); + + /* then recreate the streams and prepare them for the asynchronous close */ + destroy_streams (data); +diff --git a/gio/tests/gdbus-export.c b/gio/tests/gdbus-export.c +index ef0dddeee..a3c842360 100644 +--- a/gio/tests/gdbus-export.c ++++ b/gio/tests/gdbus-export.c +@@ -23,6 +23,7 @@ + #include + + #include "gdbus-tests.h" ++#include "gstrfuncsprivate.h" + + /* all tests rely on a shared mainloop */ + static GMainLoop *loop = NULL; +@@ -652,7 +653,7 @@ subtree_introspect (GDBusConnection *connection, + g_assert_not_reached (); + } + +- return g_memdup (interfaces, 2 * sizeof (void *)); ++ return g_memdup2 (interfaces, 2 * sizeof (void *)); + } + + static const GDBusInterfaceVTable * +@@ -708,7 +709,7 @@ dynamic_subtree_introspect (GDBusConnection *connection, + { + const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL }; + +- return g_memdup (interfaces, 2 * sizeof (void *)); ++ return g_memdup2 (interfaces, 2 * sizeof (void *)); + } + + static const GDBusInterfaceVTable * +diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c +index d5df16d91..f424d21cc 100644 +--- a/gio/win32/gwinhttpfile.c ++++ b/gio/win32/gwinhttpfile.c +@@ -29,6 +29,7 @@ + #include "gio/gfile.h" + #include "gio/gfileattribute.h" + #include "gio/gfileinfo.h" ++#include "gstrfuncsprivate.h" + #include "gwinhttpfile.h" + #include "gwinhttpfileinputstream.h" + #include "gwinhttpfileoutputstream.h" +@@ -393,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file, + child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); + child->vfs = winhttp_file->vfs; + child->url = winhttp_file->url; +- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); +- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); +- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); +- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); ++ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); ++ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); ++ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); ++ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); + child->url.lpszUrlPath = wnew_path; + child->url.dwUrlPathLength = wcslen (wnew_path); + child->url.lpszExtraInfo = NULL; +-- +2.31.1 + +From 661f5edc901219a1a99bb51f171be13063878bd6 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 20 May 2021 15:58:53 -0500 +Subject: [PATCH 6/6] gdatainputstream: replace easy use of g_memdup() + +This code is passing a gsize, so might as well switch this to g_memdup2(). + +This is the only use of g_memdup() in GLib 2.56 that is not part of GLib +2.58. All other uses analyzed in glib!2000. +--- + gio/gdatainputstream.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/gio/gdatainputstream.c b/gio/gdatainputstream.c +index 9f207b158..ebef7c797 100644 +--- a/gio/gdatainputstream.c ++++ b/gio/gdatainputstream.c +@@ -27,6 +27,7 @@ + #include "gioenumtypes.h" + #include "gioerror.h" + #include "glibintl.h" ++#include "gstrfuncsprivate.h" + + #include + +@@ -1082,7 +1083,7 @@ g_data_input_stream_read_async (GDataInputStream *stream, + data = g_slice_new0 (GDataInputStreamReadData); + if (stop_chars_len == -1) + stop_chars_len = strlen (stop_chars); +- data->stop_chars = g_memdup (stop_chars, stop_chars_len); ++ data->stop_chars = g_memdup2 (stop_chars, stop_chars_len); + data->stop_chars_len = stop_chars_len; + data->last_saw_cr = FALSE; + +-- +2.31.1 diff --git a/SOURCES/CVE-2021-28153.patch b/SOURCES/CVE-2021-28153.patch new file mode 100644 index 0000000..9397463 --- /dev/null +++ b/SOURCES/CVE-2021-28153.patch @@ -0,0 +1,388 @@ +From 8fef6abe1131da0c8a7211c740a12ebe11cbcc51 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 10 Mar 2021 16:05:55 +0000 +Subject: [PATCH 1/3] glocalfileoutputstream: Factor out a flag check + +This clarifies the code a little. It introduces no functional changes. + +Signed-off-by: Philip Withnall +--- + gio/glocalfileoutputstream.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c +index 57d2d5dfe..6a70b2a04 100644 +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -751,6 +751,7 @@ handle_overwrite_open (const char *filename, + int res; + int mode; + int errsv; ++ gboolean replace_destination_set = (flags & G_FILE_CREATE_REPLACE_DESTINATION); + + mode = mode_from_flags_or_info (flags, reference_info); + +@@ -857,8 +858,8 @@ handle_overwrite_open (const char *filename, + * The second strategy consist simply in copying the old file + * to a backup file and rewrite the contents of the file. + */ +- +- if ((flags & G_FILE_CREATE_REPLACE_DESTINATION) || ++ ++ if (replace_destination_set || + (!(original_stat.st_nlink > 1) && !is_symlink)) + { + char *dirname, *tmp_filename; +@@ -877,7 +878,7 @@ handle_overwrite_open (const char *filename, + + /* try to keep permissions (unless replacing) */ + +- if ( ! (flags & G_FILE_CREATE_REPLACE_DESTINATION) && ++ if (!replace_destination_set && + ( + #ifdef HAVE_FCHOWN + fchown (tmpfd, original_stat.st_uid, original_stat.st_gid) == -1 || +@@ -1016,7 +1017,7 @@ handle_overwrite_open (const char *filename, + } + } + +- if (flags & G_FILE_CREATE_REPLACE_DESTINATION) ++ if (replace_destination_set) + { + g_close (fd, NULL); + +-- +2.31.1 + +From 6c10e8ce6905e8fcc3466eb8af707b5d0d3bdb85 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:36:07 +0000 +Subject: [PATCH 2/3] glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION + with symlinks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking +the destination file and re-creating it from scratch. That did +previously work, but in the process the code would call `open(O_CREAT)` +on the file. If the file was a dangling symlink, this would create the +destination file (empty). That’s not an intended side-effect, and has +security implications if the symlink is controlled by a lower-privileged +process. + +Fix that by not opening the destination file if it’s a symlink, and +adjusting the rest of the code to cope with + - the fact that `fd == -1` is not an error iff `is_symlink` is true, + - and that `original_stat` will contain the `lstat()` results for the + symlink now, rather than the `stat()` results for its target (again, + iff `is_symlink` is true). + +This means that the target of the dangling symlink is no longer created, +which was the bug. The symlink itself continues to be replaced (as +before) with the new file — this is the intended behaviour of +`g_file_replace()`. + +The behaviour for non-symlink cases, or cases where the symlink was not +dangling, should be unchanged. + +Includes a unit test. + +Signed-off-by: Philip Withnall + +Fixes: #2325 +--- + gio/glocalfileoutputstream.c | 63 ++++++++++++++------- + gio/tests/file.c | 107 ++++++++++++++++++++++++++++++++++- + 2 files changed, 149 insertions(+), 21 deletions(-) + +diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c +index 6a70b2a04..4a7766f68 100644 +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -779,16 +779,22 @@ handle_overwrite_open (const char *filename, + /* Could be a symlink, or it could be a regular ELOOP error, + * but then the next open will fail too. */ + is_symlink = TRUE; +- fd = g_open (filename, open_flags, mode); ++ if (!replace_destination_set) ++ fd = g_open (filename, open_flags, mode); + } +-#else +- fd = g_open (filename, open_flags, mode); +- errsv = errno; ++#else /* if !O_NOFOLLOW */ + /* This is racy, but we do it as soon as possible to minimize the race */ + is_symlink = g_file_test (filename, G_FILE_TEST_IS_SYMLINK); ++ ++ if (!is_symlink || !replace_destination_set) ++ { ++ fd = g_open (filename, open_flags, mode); ++ errsv = errno; ++ } + #endif + +- if (fd == -1) ++ if (fd == -1 && ++ (!is_symlink || !replace_destination_set)) + { + char *display_name = g_filename_display_name (filename); + g_set_error (error, G_IO_ERROR, +@@ -800,10 +806,17 @@ handle_overwrite_open (const char *filename, + } + + #ifdef G_OS_WIN32 +- res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat); +-#else +- res = fstat (fd, &original_stat); ++#error This patch has not been ported to Windows, sorry + #endif ++ ++ if (!is_symlink) ++ { ++ res = fstat (fd, &original_stat); ++ } ++ else ++ { ++ res = lstat (filename, &original_stat); ++ } + errsv = errno; + + if (res != 0) +@@ -821,16 +834,27 @@ handle_overwrite_open (const char *filename, + if (!S_ISREG (original_stat.st_mode)) + { + if (S_ISDIR (original_stat.st_mode)) +- g_set_error_literal (error, +- G_IO_ERROR, +- G_IO_ERROR_IS_DIRECTORY, +- _("Target file is a directory")); +- else +- g_set_error_literal (error, +- G_IO_ERROR, +- G_IO_ERROR_NOT_REGULAR_FILE, +- _("Target file is not a regular file")); +- goto err_out; ++ { ++ g_set_error_literal (error, ++ G_IO_ERROR, ++ G_IO_ERROR_IS_DIRECTORY, ++ _("Target file is a directory")); ++ goto err_out; ++ } ++ else if (!is_symlink || ++#ifdef S_ISLNK ++ !S_ISLNK (original_stat.st_mode) ++#else ++ FALSE ++#endif ++ ) ++ { ++ g_set_error_literal (error, ++ G_IO_ERROR, ++ G_IO_ERROR_NOT_REGULAR_FILE, ++ _("Target file is not a regular file")); ++ goto err_out; ++ } + } + + if (etag != NULL) +@@ -911,7 +935,8 @@ handle_overwrite_open (const char *filename, + } + } + +- g_close (fd, NULL); ++ if (fd >= 0) ++ g_close (fd, NULL); + *temp_filename = tmp_filename; + return tmpfd; + } +diff --git a/gio/tests/file.c b/gio/tests/file.c +index 98eeb85d4..44db6e295 100644 +--- a/gio/tests/file.c ++++ b/gio/tests/file.c +@@ -671,8 +671,6 @@ test_replace_cancel (void) + guint count; + GError *error = NULL; + +- g_test_bug ("629301"); +- + path = g_dir_make_tmp ("g_file_replace_cancel_XXXXXX", &error); + g_assert_no_error (error); + tmpdir = g_file_new_for_path (path); +@@ -779,6 +777,110 @@ test_replace_cancel (void) + g_object_unref (tmpdir); + } + ++static void ++test_replace_symlink (void) ++{ ++#ifdef G_OS_UNIX ++ gchar *tmpdir_path = NULL; ++ GFile *tmpdir = NULL, *source_file = NULL, *target_file = NULL; ++ GFileOutputStream *stream = NULL; ++ const gchar *new_contents = "this is a test message which should be written to source and not target"; ++ gsize n_written; ++ GFileEnumerator *enumerator = NULL; ++ GFileInfo *info = NULL; ++ gchar *contents = NULL; ++ gsize length = 0; ++ GError *local_error = NULL; ++ ++ /* Create a fresh, empty working directory. */ ++ tmpdir_path = g_dir_make_tmp ("g_file_replace_symlink_XXXXXX", &local_error); ++ g_assert_no_error (local_error); ++ tmpdir = g_file_new_for_path (tmpdir_path); ++ ++ g_test_message ("Using temporary directory %s", tmpdir_path); ++ g_free (tmpdir_path); ++ ++ /* Create symlink `source` which points to `target`. */ ++ source_file = g_file_get_child (tmpdir, "source"); ++ target_file = g_file_get_child (tmpdir, "target"); ++ g_file_make_symbolic_link (source_file, "target", NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ /* Ensure that `target` doesn’t exist */ ++ g_assert_false (g_file_query_exists (target_file, NULL)); ++ ++ /* Replace the `source` symlink with a regular file using ++ * %G_FILE_CREATE_REPLACE_DESTINATION, which should replace it *without* ++ * following the symlink */ ++ stream = g_file_replace (source_file, NULL, FALSE /* no backup */, ++ G_FILE_CREATE_REPLACE_DESTINATION, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_output_stream_write_all (G_OUTPUT_STREAM (stream), new_contents, strlen (new_contents), ++ &n_written, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_cmpint (n_written, ==, strlen (new_contents)); ++ ++ g_output_stream_close (G_OUTPUT_STREAM (stream), NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_clear_object (&stream); ++ ++ /* At this point, there should still only be one file: `source`. It should ++ * now be a regular file. `target` should not exist. */ ++ enumerator = g_file_enumerate_children (tmpdir, ++ G_FILE_ATTRIBUTE_STANDARD_NAME "," ++ G_FILE_ATTRIBUTE_STANDARD_TYPE, ++ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_nonnull (info); ++ ++ g_assert_cmpstr (g_file_info_get_name (info), ==, "source"); ++ g_assert_cmpint (g_file_info_get_file_type (info), ==, G_FILE_TYPE_REGULAR); ++ ++ g_clear_object (&info); ++ ++ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_assert_null (info); ++ ++ g_file_enumerator_close (enumerator, NULL, &local_error); ++ g_assert_no_error (local_error); ++ g_clear_object (&enumerator); ++ ++ /* Double-check that `target` doesn’t exist */ ++ g_assert_false (g_file_query_exists (target_file, NULL)); ++ ++ /* Check the content of `source`. */ ++ g_file_load_contents (source_file, ++ NULL, ++ &contents, ++ &length, ++ NULL, ++ &local_error); ++ g_assert_no_error (local_error); ++ g_assert_cmpstr (contents, ==, new_contents); ++ g_assert_cmpuint (length, ==, strlen (new_contents)); ++ g_free (contents); ++ ++ /* Tidy up. */ ++ g_file_delete (source_file, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_file_delete (tmpdir, NULL, &local_error); ++ g_assert_no_error (local_error); ++ ++ g_clear_object (&target_file); ++ g_clear_object (&source_file); ++ g_clear_object (&tmpdir); ++#else /* if !G_OS_UNIX */ ++ g_test_skip ("Symlink replacement tests can only be run on Unix") ++#endif ++} ++ + static void + on_file_deleted (GObject *object, + GAsyncResult *result, +@@ -1170,6 +1272,7 @@ main (int argc, char *argv[]) + g_test_add_data_func ("/file/async-create-delete/4096", GINT_TO_POINTER (4096), test_create_delete); + g_test_add_func ("/file/replace-load", test_replace_load); + g_test_add_func ("/file/replace-cancel", test_replace_cancel); ++ g_test_add_func ("/file/replace-symlink", test_replace_symlink); + g_test_add_func ("/file/async-delete", test_async_delete); + #ifdef G_OS_UNIX + g_test_add_func ("/file/copy-preserve-mode", test_copy_preserve_mode); +-- +2.31.1 + +From 7f0b0d7fd744ad2f51236444005db49c80a0293d Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Wed, 24 Feb 2021 17:42:24 +0000 +Subject: [PATCH 3/3] glocalfileoutputstream: Add a missing O_CLOEXEC flag to + replace() + +Signed-off-by: Philip Withnall +--- + gio/glocalfileoutputstream.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c +index 4a7766f68..275770fa4 100644 +--- a/gio/glocalfileoutputstream.c ++++ b/gio/glocalfileoutputstream.c +@@ -56,6 +56,12 @@ + #define O_BINARY 0 + #endif + ++#ifndef O_CLOEXEC ++#define O_CLOEXEC 0 ++#else ++#define HAVE_O_CLOEXEC 1 ++#endif ++ + struct _GLocalFileOutputStreamPrivate { + char *tmp_filename; + char *original_filename; +@@ -1127,7 +1133,7 @@ _g_local_file_output_stream_replace (const char *filename, + sync_on_close = FALSE; + + /* If the file doesn't exist, create it */ +- open_flags = O_CREAT | O_EXCL | O_BINARY; ++ open_flags = O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC; + if (readable) + open_flags |= O_RDWR; + else +@@ -1157,8 +1163,11 @@ _g_local_file_output_stream_replace (const char *filename, + set_error_from_open_errno (filename, error); + return NULL; + } +- +- ++#if !defined(HAVE_O_CLOEXEC) && defined(F_SETFD) ++ else ++ fcntl (fd, F_SETFD, FD_CLOEXEC); ++#endif ++ + stream = g_object_new (G_TYPE_LOCAL_FILE_OUTPUT_STREAM, NULL); + stream->priv->fd = fd; + stream->priv->sync_on_close = sync_on_close; +-- +2.31.1 + diff --git a/SOURCES/backport-per-desktop-overrides.patch b/SOURCES/backport-per-desktop-overrides.patch deleted file mode 100644 index fa4572e..0000000 --- a/SOURCES/backport-per-desktop-overrides.patch +++ /dev/null @@ -1,658 +0,0 @@ -From 5634fd61f17d28dfc05cd47cfbd2bd2f21e6d2b1 Mon Sep 17 00:00:00 2001 -From: Allison Lortie -Date: Wed, 2 Aug 2017 11:06:03 +0100 -Subject: [PATCH 1/4] gsettings: cleanup default value lookup - -There are a couple of different ways (and soon one more) to access the -default value of a key. Clean up the various places that access this to -avoid duplication. - -https://bugzilla.gnome.org/show_bug.cgi?id=746592 ---- - gio/gsettings.c | 20 ++++---------------- - 1 file changed, 4 insertions(+), 16 deletions(-) - -diff --git a/gio/gsettings.c b/gio/gsettings.c -index 10d394d69..5e5816d57 100644 ---- a/gio/gsettings.c -+++ b/gio/gsettings.c -@@ -1204,10 +1204,7 @@ g_settings_get_value (GSettings *settings, - value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); - - if (value == NULL) -- value = g_settings_schema_key_get_translated_default (&skey); -- -- if (value == NULL) -- value = g_variant_ref (skey.default_value); -+ value = g_settings_schema_key_get_default_value (&skey); - - g_settings_schema_key_clear (&skey); - -@@ -1304,10 +1301,7 @@ g_settings_get_default_value (GSettings *settings, - value = g_settings_read_from_backend (settings, &skey, FALSE, TRUE); - - if (value == NULL) -- value = g_settings_schema_key_get_translated_default (&skey); -- -- if (value == NULL) -- value = g_variant_ref (skey.default_value); -+ value = g_settings_schema_key_get_default_value (&skey); - - g_settings_schema_key_clear (&skey); - -@@ -1360,10 +1354,7 @@ g_settings_get_enum (GSettings *settings, - value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); - - if (value == NULL) -- value = g_settings_schema_key_get_translated_default (&skey); -- -- if (value == NULL) -- value = g_variant_ref (skey.default_value); -+ value = g_settings_schema_key_get_default_value (&skey); - - result = g_settings_schema_key_to_enum (&skey, value); - g_settings_schema_key_clear (&skey); -@@ -1473,10 +1464,7 @@ g_settings_get_flags (GSettings *settings, - value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); - - if (value == NULL) -- value = g_settings_schema_key_get_translated_default (&skey); -- -- if (value == NULL) -- value = g_variant_ref (skey.default_value); -+ value = g_settings_schema_key_get_default_value (&skey); - - result = g_settings_schema_key_to_flags (&skey, value); - g_settings_schema_key_clear (&skey); --- -2.21.0 - - -From 89c6e8f4a0bcda4b58dbaea713e62be01cfc2087 Mon Sep 17 00:00:00 2001 -From: Allison Lortie -Date: Wed, 2 Aug 2017 11:08:17 +0100 -Subject: [PATCH 2/4] gsettingsschema: Allow per-desktop overrides -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Recognise a new 'd' option in schema keys which gives a dictionary of -per-desktop default values. This dictionary is searched for the items -found in XDG_CURRENT_DESKTOP, in the order. If nothing matches (or if -the option is missing) then the default value is used as before. - -This feature was requested by Alberts Muktupāvels and this patch is -based on an approach devised by them. - -https://bugzilla.gnome.org/show_bug.cgi?id=746592 ---- - gio/gsettings.c | 21 +++++++++++++++++ - gio/gsettingsschema-internal.h | 2 ++ - gio/gsettingsschema.c | 41 ++++++++++++++++++++++++++++++++++ - 3 files changed, 64 insertions(+) - -diff --git a/gio/gsettings.c b/gio/gsettings.c -index 5e5816d57..f1130c095 100644 ---- a/gio/gsettings.c -+++ b/gio/gsettings.c -@@ -1739,6 +1739,13 @@ g_settings_get_mapped (GSettings *settings, - if (okay) goto okay; - } - -+ if ((value = g_settings_schema_key_get_per_desktop_default (&skey))) -+ { -+ okay = mapping (value, &result, user_data); -+ g_variant_unref (value); -+ if (okay) goto okay; -+ } -+ - if (mapping (skey.default_value, &result, user_data)) - goto okay; - -@@ -2647,6 +2654,20 @@ g_settings_binding_key_changed (GSettings *settings, - } - } - -+ if (variant == NULL) -+ { -+ variant = g_settings_schema_key_get_per_desktop_default (&binding->key); -+ if (variant && -+ !binding->get_mapping (&value, variant, binding->user_data)) -+ { -+ g_error ("Per-desktop default value for key '%s' in schema '%s' " -+ "was rejected by the binding mapping function.", -+ binding->key.name, g_settings_schema_get_id (binding->key.schema)); -+ g_variant_unref (variant); -+ variant = NULL; -+ } -+ } -+ - if (variant == NULL) - { - variant = g_variant_ref (binding->key.default_value); -diff --git a/gio/gsettingsschema-internal.h b/gio/gsettingsschema-internal.h -index f54de3b34..5f996b4bc 100644 ---- a/gio/gsettingsschema-internal.h -+++ b/gio/gsettingsschema-internal.h -@@ -37,6 +37,7 @@ struct _GSettingsSchemaKey - const GVariantType *type; - GVariant *minimum, *maximum; - GVariant *default_value; -+ GVariant *desktop_overrides; - - gint ref_count; - }; -@@ -58,6 +59,7 @@ gboolean g_settings_schema_key_type_check (GSettin - GVariant * g_settings_schema_key_range_fixup (GSettingsSchemaKey *key, - GVariant *value); - GVariant * g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key); -+GVariant * g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key); - - gint g_settings_schema_key_to_enum (GSettingsSchemaKey *key, - GVariant *value); -diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c -index f1274a369..17b7e3b01 100644 ---- a/gio/gsettingsschema.c -+++ b/gio/gsettingsschema.c -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include - - /** - * SECTION:gsettingsschema -@@ -1283,6 +1284,11 @@ g_settings_schema_key_init (GSettingsSchemaKey *key, - endian_fixup (&key->maximum); - break; - -+ case 'd': -+ g_variant_get (data, "@a{sv}", &key->desktop_overrides); -+ endian_fixup (&key->desktop_overrides); -+ break; -+ - default: - g_warning ("unknown schema extension '%c'", code); - break; -@@ -1303,6 +1309,9 @@ g_settings_schema_key_clear (GSettingsSchemaKey *key) - if (key->maximum) - g_variant_unref (key->maximum); - -+ if (key->desktop_overrides) -+ g_variant_unref (key->desktop_overrides); -+ - g_variant_unref (key->default_value); - - g_settings_schema_unref (key->schema); -@@ -1410,6 +1419,35 @@ g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key) - return value; - } - -+GVariant * -+g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key) -+{ -+ static const gchar * const *current_desktops; -+ GVariant *value = NULL; -+ gint i; -+ -+ if (!key->desktop_overrides) -+ return NULL; -+ -+ if (g_once_init_enter (¤t_desktops)) -+ { -+ const gchar *xdg_current_desktop = g_getenv ("XDG_CURRENT_DESKTOP"); -+ gchar **tmp; -+ -+ if (xdg_current_desktop != NULL && xdg_current_desktop[0] != '\0') -+ tmp = g_strsplit (xdg_current_desktop, G_SEARCHPATH_SEPARATOR_S, -1); -+ else -+ tmp = g_new0 (gchar *, 0 + 1); -+ -+ g_once_init_leave (¤t_desktops, (const gchar **) tmp); -+ } -+ -+ for (i = 0; value == NULL && current_desktops[i] != NULL; i++) -+ value = g_variant_lookup_value (key->desktop_overrides, current_desktops[i], NULL); -+ -+ return value; -+} -+ - gint - g_settings_schema_key_to_enum (GSettingsSchemaKey *key, - GVariant *value) -@@ -1698,6 +1736,9 @@ g_settings_schema_key_get_default_value (GSettingsSchemaKey *key) - - value = g_settings_schema_key_get_translated_default (key); - -+ if (!value) -+ value = g_settings_schema_key_get_per_desktop_default (key); -+ - if (!value) - value = g_variant_ref (key->default_value); - --- -2.21.0 - - -From 3710e830de015829c086c69181a8703645d577ec Mon Sep 17 00:00:00 2001 -From: Allison Lortie -Date: Wed, 2 Aug 2017 11:10:18 +0100 -Subject: [PATCH 3/4] glib-compile-schemas: Handle per-desktop overrides - -Add a new syntax to override files: if the group name has a ':' in it, -it indicates that we want to override the default values of keys for -only one desktop. For example: - -[org.gnome.desktop.interface:Unity] -font-name='Ubuntu 12' - -Will override the settings, only if "Unity" is found in -XDG_CURRENT_DESKTOP. Multiple per-desktop overrides can be specified -for a given key: the one which comes first in XDG_CURRENT_DESKTOP will -be used. - -https://bugzilla.gnome.org/show_bug.cgi?id=746592 ---- - gio/glib-compile-schemas.c | 83 ++++++++++++++++++++++++++++++++++---- - 1 file changed, 75 insertions(+), 8 deletions(-) - -diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c -index 2dc8c7171..59fb68ee7 100644 ---- a/gio/glib-compile-schemas.c -+++ b/gio/glib-compile-schemas.c -@@ -179,6 +179,8 @@ typedef struct - GString *unparsed_default_value; - GVariant *default_value; - -+ GVariantDict *desktop_overrides; -+ - GString *strinfo; - gboolean is_enum; - gboolean is_flags; -@@ -731,6 +733,11 @@ key_state_serialise (KeyState *state) - g_variant_builder_add (&builder, "(y(**))", 'r', - state->minimum, state->maximum); - -+ /* per-desktop overrides */ -+ if (state->desktop_overrides) -+ g_variant_builder_add (&builder, "(y@a{sv})", 'd', -+ g_variant_dict_end (state->desktop_overrides)); -+ - state->serialised = g_variant_builder_end (&builder); - } - -@@ -768,6 +775,9 @@ key_state_free (gpointer data) - if (state->serialised) - g_variant_unref (state->serialised); - -+ if (state->desktop_overrides) -+ g_variant_dict_unref (state->desktop_overrides); -+ - g_slice_free (KeyState, state); - } - -@@ -1878,6 +1888,8 @@ set_overrides (GHashTable *schema_table, - gchar **groups; - gint i; - -+ g_debug ("Processing override file '%s'", filename); -+ - key_file = g_key_file_new (); - if (!g_key_file_load_from_file (key_file, filename, 0, &error)) - { -@@ -1900,18 +1912,31 @@ set_overrides (GHashTable *schema_table, - for (i = 0; groups[i]; i++) - { - const gchar *group = groups[i]; -+ const gchar *schema_name; -+ const gchar *desktop_id; - SchemaState *schema; -+ gchar **pieces; - gchar **keys; - gint j; - -- schema = g_hash_table_lookup (schema_table, group); -+ pieces = g_strsplit (group, ":", 2); -+ schema_name = pieces[0]; -+ desktop_id = pieces[1]; -+ -+ g_debug ("Processing group '%s' (schema '%s', %s)", -+ group, schema_name, desktop_id ? desktop_id : "all desktops"); -+ -+ schema = g_hash_table_lookup (schema_table, schema_name); - - if (schema == NULL) -- /* Having the schema not be installed is expected to be a -- * common case. Don't even emit an error message about -- * that. -- */ -- continue; -+ { -+ /* Having the schema not be installed is expected to be a -+ * common case. Don't even emit an error message about -+ * that. -+ */ -+ g_strfreev (pieces); -+ continue; -+ } - - keys = g_key_file_get_keys (key_file, group, NULL, NULL); - g_assert (keys != NULL); -@@ -1939,6 +1964,32 @@ set_overrides (GHashTable *schema_table, - - fprintf (stderr, _(" and --strict was specified; exiting.\n")); - g_key_file_free (key_file); -+ g_strfreev (pieces); -+ g_strfreev (groups); -+ g_strfreev (keys); -+ -+ return FALSE; -+ } -+ -+ if (desktop_id != NULL && state->l10n) -+ { -+ /* Let's avoid the n*m case of per-desktop localised -+ * default values, and just forbid it. -+ */ -+ fprintf (stderr, -+ _("cannot provide per-desktop overrides for localised " -+ "key '%s' in schema '%s' (override file '%s')"), -+ key, group, filename); -+ -+ if (!strict) -+ { -+ fprintf (stderr, _("; ignoring override for this key.\n")); -+ continue; -+ } -+ -+ fprintf (stderr, _(" and --strict was specified; exiting.\n")); -+ g_key_file_free (key_file); -+ g_strfreev (pieces); - g_strfreev (groups); - g_strfreev (keys); - -@@ -1969,6 +2020,7 @@ set_overrides (GHashTable *schema_table, - - fprintf (stderr, _("--strict was specified; exiting.\n")); - g_key_file_free (key_file); -+ g_strfreev (pieces); - g_strfreev (groups); - g_strfreev (keys); - -@@ -1997,6 +2049,7 @@ set_overrides (GHashTable *schema_table, - - fprintf (stderr, _(" and --strict was specified; exiting.\n")); - g_key_file_free (key_file); -+ g_strfreev (pieces); - g_strfreev (groups); - g_strfreev (keys); - -@@ -2025,6 +2078,7 @@ set_overrides (GHashTable *schema_table, - - fprintf (stderr, _(" and --strict was specified; exiting.\n")); - g_key_file_free (key_file); -+ g_strfreev (pieces); - g_strfreev (groups); - g_strfreev (keys); - -@@ -2032,11 +2086,24 @@ set_overrides (GHashTable *schema_table, - } - } - -- g_variant_unref (state->default_value); -- state->default_value = value; -+ if (desktop_id != NULL) -+ { -+ if (state->desktop_overrides == NULL) -+ state->desktop_overrides = g_variant_dict_new (NULL); -+ -+ g_variant_dict_insert_value (state->desktop_overrides, desktop_id, value); -+ g_variant_unref (value); -+ } -+ else -+ { -+ g_variant_unref (state->default_value); -+ state->default_value = value; -+ } -+ - g_free (string); - } - -+ g_strfreev (pieces); - g_strfreev (keys); - } - --- -2.21.0 - - -From 2ca9218fb46f32fa02bed43c6e60243c8c5d656f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Alberts=20Muktup=C4=81vels?= -Date: Tue, 19 Jun 2018 23:39:24 +0300 -Subject: [PATCH 4/4] Add a test for per-desktop overrides - ---- - gio/glib-compile-schemas.c | 1 + - gio/tests/Makefile.am | 2 + - gio/tests/gsettings.c | 106 ++++++++++++++++++- - gio/tests/org.gtk.test.gschema.override.orig | 2 + - gio/tests/org.gtk.test.gschema.xml.orig | 6 ++ - 5 files changed, 116 insertions(+), 1 deletion(-) - create mode 100644 gio/tests/org.gtk.test.gschema.override.orig - -diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c -index 59fb68ee7..00dd64146 100644 ---- a/gio/glib-compile-schemas.c -+++ b/gio/glib-compile-schemas.c -@@ -2139,6 +2139,7 @@ main (int argc, char **argv) - - /* These options are only for use in the gschema-compile tests */ - { "schema-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &schema_files, NULL, NULL }, -+ { "override-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &override_files, NULL, NULL }, - { NULL } - }; - -diff --git a/gio/tests/Makefile.am b/gio/tests/Makefile.am -index 49a19bf4a..b41317ad9 100644 ---- a/gio/tests/Makefile.am -+++ b/gio/tests/Makefile.am -@@ -367,12 +367,14 @@ test.mo: de.po - EXTRA_DIST += de.po - dist_uninstalled_test_data += \ - org.gtk.test.gschema.xml.orig \ -+ org.gtk.test.gschema.override.orig \ - org.gtk.schemasourcecheck.gschema.xml \ - testenum.h \ - enums.xml.template - # Generated while running the testcase itself... - CLEANFILES += \ - org.gtk.test.gschema.xml \ -+ org.gtk.test.gschema.override \ - org.gtk.test.enums.xml \ - gsettings.store \ - gschemas.compiled \ -diff --git a/gio/tests/gsettings.c b/gio/tests/gsettings.c -index 2be4122fe..acdeead4c 100644 ---- a/gio/tests/gsettings.c -+++ b/gio/tests/gsettings.c -@@ -2192,6 +2192,7 @@ G_GNUC_END_IGNORE_DEPRECATIONS - "org.gtk.test.range.direct", - "org.gtk.test.mapped", - "org.gtk.test.descriptions", -+ "org.gtk.test.per-desktop", - NULL)); - } - -@@ -2583,6 +2584,100 @@ test_default_value (void) - g_object_unref (settings); - } - -+static gboolean -+string_map_func (GVariant *value, -+ gpointer *result, -+ gpointer user_data) -+{ -+ const gchar *str; -+ -+ str = g_variant_get_string (value, NULL); -+ *result = g_variant_new_string (str); -+ -+ return TRUE; -+} -+ -+/* Test that per-desktop values from org.gtk.test.gschema.override -+ * does not change default value if current desktop is not listed in -+ * $XDG_CURRENT_DESKTOP. -+ */ -+static void -+test_per_desktop (void) -+{ -+ GSettings *settings; -+ TestObject *obj; -+ gpointer p; -+ gchar *str; -+ -+ settings = g_settings_new ("org.gtk.test.per-desktop"); -+ obj = test_object_new (); -+ -+ if (!g_test_subprocess ()) -+ { -+ g_test_trap_subprocess ("/gsettings/per-desktop/subprocess", 0, 0); -+ g_test_trap_assert_passed (); -+ } -+ -+ str = g_settings_get_string (settings, "desktop"); -+ g_assert_cmpstr (str, ==, "GNOME"); -+ g_free (str); -+ -+ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); -+ -+ str = g_variant_dup_string (p, NULL); -+ g_assert_cmpstr (str, ==, "GNOME"); -+ g_free (str); -+ -+ g_variant_unref (p); -+ -+ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); -+ -+ g_object_get (obj, "string", &str, NULL); -+ g_assert_cmpstr (str, ==, "GNOME"); -+ g_free (str); -+ -+ g_object_unref (settings); -+ g_object_unref (obj); -+} -+ -+/* Test that per-desktop values from org.gtk.test.gschema.override -+ * are successfully loaded based on the value of $XDG_CURRENT_DESKTOP. -+ */ -+static void -+test_per_desktop_subprocess (void) -+{ -+ GSettings *settings; -+ TestObject *obj; -+ gpointer p; -+ gchar *str; -+ -+ g_setenv ("XDG_CURRENT_DESKTOP", "GNOME-Classic:GNOME", TRUE); -+ -+ settings = g_settings_new ("org.gtk.test.per-desktop"); -+ obj = test_object_new (); -+ -+ str = g_settings_get_string (settings, "desktop"); -+ g_assert_cmpstr (str, ==, "GNOME Classic"); -+ g_free (str); -+ -+ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); -+ -+ str = g_variant_dup_string (p, NULL); -+ g_assert_cmpstr (str, ==, "GNOME Classic"); -+ g_free (str); -+ -+ g_variant_unref (p); -+ -+ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); -+ -+ g_object_get (obj, "string", &str, NULL); -+ g_assert_cmpstr (str, ==, "GNOME Classic"); -+ g_free (str); -+ -+ g_object_unref (settings); -+ g_object_unref (obj); -+} -+ - static void - test_extended_schema (void) - { -@@ -2603,6 +2698,7 @@ int - main (int argc, char *argv[]) - { - gchar *schema_text; -+ gchar *override_text; - gchar *enums; - gint result; - -@@ -2625,6 +2721,7 @@ main (int argc, char *argv[]) - g_setenv ("XDG_DATA_DIRS", ".", TRUE); - g_setenv ("XDG_DATA_HOME", ".", TRUE); - g_setenv ("GSETTINGS_SCHEMA_DIR", ".", TRUE); -+ g_setenv ("XDG_CURRENT_DESKTOP", "", TRUE); - - if (!backend_set) - g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); -@@ -2647,6 +2744,10 @@ main (int argc, char *argv[]) - g_assert (g_file_set_contents ("org.gtk.test.gschema.xml", schema_text, -1, NULL)); - g_free (schema_text); - -+ g_assert (g_file_get_contents (SRCDIR "/org.gtk.test.gschema.override.orig", &override_text, NULL, NULL)); -+ g_assert (g_file_set_contents ("org.gtk.test.gschema.override", override_text, -1, NULL)); -+ g_free (override_text); -+ - /* Meson build defines this, autotools build does not */ - #ifndef GLIB_COMPILE_SCHEMAS - #define GLIB_COMPILE_SCHEMAS "../glib-compile-schemas" -@@ -2655,7 +2756,8 @@ main (int argc, char *argv[]) - g_remove ("gschemas.compiled"); - g_assert (g_spawn_command_line_sync (GLIB_COMPILE_SCHEMAS " --targetdir=. " - "--schema-file=org.gtk.test.enums.xml " -- "--schema-file=org.gtk.test.gschema.xml", -+ "--schema-file=org.gtk.test.gschema.xml " -+ "--override-file=org.gtk.test.gschema.override", - NULL, NULL, &result, NULL)); - g_assert (result == 0); - -@@ -2736,6 +2838,8 @@ main (int argc, char *argv[]) - g_test_add_func ("/gsettings/read-descriptions", test_read_descriptions); - g_test_add_func ("/gsettings/test-extended-schema", test_extended_schema); - g_test_add_func ("/gsettings/default-value", test_default_value); -+ g_test_add_func ("/gsettings/per-desktop", test_per_desktop); -+ g_test_add_func ("/gsettings/per-desktop/subprocess", test_per_desktop_subprocess); - - result = g_test_run (); - -diff --git a/gio/tests/org.gtk.test.gschema.override.orig b/gio/tests/org.gtk.test.gschema.override.orig -new file mode 100644 -index 000000000..6694baace ---- /dev/null -+++ b/gio/tests/org.gtk.test.gschema.override.orig -@@ -0,0 +1,2 @@ -+[org.gtk.test.per-desktop:GNOME-Classic] -+desktop = "GNOME Classic" -diff --git a/gio/tests/org.gtk.test.gschema.xml.orig b/gio/tests/org.gtk.test.gschema.xml.orig -index c07558335..fbcdce683 100644 ---- a/gio/tests/org.gtk.test.gschema.xml.orig -+++ b/gio/tests/org.gtk.test.gschema.xml.orig -@@ -209,4 +209,10 @@ - - - -+ -+ -+ "GNOME" -+ -+ -+ - --- -2.21.0 - diff --git a/SOURCES/gmain-corruption.patch b/SOURCES/gmain-corruption.patch new file mode 100644 index 0000000..0aa509d --- /dev/null +++ b/SOURCES/gmain-corruption.patch @@ -0,0 +1,386 @@ +From 2bad3cb3bf8f0cc3f45057061f9a538ecf7742b6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Thu, 14 Feb 2019 17:46:33 +0200 +Subject: [PATCH 1/5] Use atomic reference counting for GSource + +If attached to a context already it would use a mutex instead but at +least before that the reference counting is not thread-safe currently. +--- + glib/gmain.c | 50 +++++++++++++++----------------------------------- + 1 file changed, 15 insertions(+), 35 deletions(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index 26e68823d..5b91c3117 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -374,15 +374,6 @@ typedef struct _GSourceIter + #define SOURCE_DESTROYED(source) (((source)->flags & G_HOOK_FLAG_ACTIVE) == 0) + #define SOURCE_BLOCKED(source) (((source)->flags & G_SOURCE_BLOCKED) != 0) + +-#define SOURCE_UNREF(source, context) \ +- G_STMT_START { \ +- if ((source)->ref_count > 1) \ +- (source)->ref_count--; \ +- else \ +- g_source_unref_internal ((source), (context), TRUE); \ +- } G_STMT_END +- +- + /* Forward declarations */ + + static void g_source_unref_internal (GSource *source, +@@ -977,10 +968,10 @@ g_source_iter_next (GSourceIter *iter, GSource **source) + */ + + if (iter->source && iter->may_modify) +- SOURCE_UNREF (iter->source, iter->context); ++ g_source_unref_internal (iter->source, iter->context, TRUE); + iter->source = next_source; + if (iter->source && iter->may_modify) +- iter->source->ref_count++; ++ g_source_ref (iter->source); + + *source = iter->source; + return *source != NULL; +@@ -994,7 +985,7 @@ g_source_iter_clear (GSourceIter *iter) + { + if (iter->source && iter->may_modify) + { +- SOURCE_UNREF (iter->source, iter->context); ++ g_source_unref_internal (iter->source, iter->context, TRUE); + iter->source = NULL; + } + } +@@ -1135,7 +1126,7 @@ g_source_attach_unlocked (GSource *source, + + source->context = context; + source->source_id = id; +- source->ref_count++; ++ g_source_ref (source); + + g_hash_table_insert (context->sources, GUINT_TO_POINTER (id), source); + +@@ -1675,7 +1666,7 @@ g_source_set_funcs (GSource *source, + { + g_return_if_fail (source != NULL); + g_return_if_fail (source->context == NULL); +- g_return_if_fail (source->ref_count > 0); ++ g_return_if_fail (g_atomic_int_get (&source->ref_count) > 0); + g_return_if_fail (funcs != NULL); + + source->source_funcs = funcs; +@@ -2050,19 +2041,9 @@ g_source_set_name_by_id (guint tag, + GSource * + g_source_ref (GSource *source) + { +- GMainContext *context; +- + g_return_val_if_fail (source != NULL, NULL); + +- context = source->context; +- +- if (context) +- LOCK_CONTEXT (context); +- +- source->ref_count++; +- +- if (context) +- UNLOCK_CONTEXT (context); ++ g_atomic_int_inc (&source->ref_count); + + return source; + } +@@ -2078,12 +2059,11 @@ g_source_unref_internal (GSource *source, + GSourceCallbackFuncs *old_cb_funcs = NULL; + + g_return_if_fail (source != NULL); +- ++ + if (!have_lock && context) + LOCK_CONTEXT (context); + +- source->ref_count--; +- if (source->ref_count == 0) ++ if (g_atomic_int_dec_and_test (&source->ref_count)) + { + TRACE (GLIB_SOURCE_BEFORE_FREE (source, context, + source->source_funcs->finalize)); +@@ -2107,20 +2087,20 @@ g_source_unref_internal (GSource *source, + { + /* Temporarily increase the ref count again so that GSource methods + * can be called from finalize(). */ +- source->ref_count++; ++ g_atomic_int_inc (&source->ref_count); + if (context) + UNLOCK_CONTEXT (context); + source->source_funcs->finalize (source); + if (context) + LOCK_CONTEXT (context); +- source->ref_count--; ++ g_atomic_int_add (&source->ref_count, -1); + } + + if (old_cb_funcs) + { + /* Temporarily increase the ref count again so that GSource methods + * can be called from callback_funcs.unref(). */ +- source->ref_count++; ++ g_atomic_int_inc (&source->ref_count); + if (context) + UNLOCK_CONTEXT (context); + +@@ -2128,7 +2108,7 @@ g_source_unref_internal (GSource *source, + + if (context) + LOCK_CONTEXT (context); +- source->ref_count--; ++ g_atomic_int_add (&source->ref_count, -1); + } + + g_free (source->name); +@@ -3201,7 +3181,7 @@ g_main_dispatch (GMainContext *context) + } + } + +- SOURCE_UNREF (source, context); ++ g_source_unref_internal (source, context, TRUE); + } + + g_ptr_array_set_size (context->pending_dispatches, 0); +@@ -3440,7 +3420,7 @@ g_main_context_prepare (GMainContext *context, + for (i = 0; i < context->pending_dispatches->len; i++) + { + if (context->pending_dispatches->pdata[i]) +- SOURCE_UNREF ((GSource *)context->pending_dispatches->pdata[i], context); ++ g_source_unref_internal ((GSource *)context->pending_dispatches->pdata[i], context, TRUE); + } + g_ptr_array_set_size (context->pending_dispatches, 0); + +@@ -3788,7 +3768,7 @@ g_main_context_check (GMainContext *context, + + if (source->flags & G_SOURCE_READY) + { +- source->ref_count++; ++ g_source_ref (source); + g_ptr_array_add (context->pending_dispatches, source); + + n_ready++; +-- +2.31.1 + +From 323d0c7658a9a44efc327840c0667044a4b98f89 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Mon, 3 Feb 2020 15:38:28 +0200 +Subject: [PATCH 2/5] GMainContext - Fix GSource iterator if iteration can + modify the list + +We first have to ref the next source and then unref the previous one. +This might be the last reference to the previous source, and freeing the +previous source might unref and free the next one which would then leave +use with a dangling pointer here. + +Fixes https://gitlab.gnome.org/GNOME/glib/issues/2031 +--- + glib/gmain.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index 5b91c3117..a3ea1d36c 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -965,13 +965,17 @@ g_source_iter_next (GSourceIter *iter, GSource **source) + * GSourceList to be removed from source_lists (if iter->source is + * the only source in its list, and it is destroyed), so we have to + * keep it reffed until after we advance iter->current_list, above. ++ * ++ * Also we first have to ref the next source before unreffing the ++ * previous one as unreffing the previous source can potentially ++ * free the next one. + */ ++ if (next_source && iter->may_modify) ++ g_source_ref (next_source); + + if (iter->source && iter->may_modify) + g_source_unref_internal (iter->source, iter->context, TRUE); + iter->source = next_source; +- if (iter->source && iter->may_modify) +- g_source_ref (iter->source); + + *source = iter->source; + return *source != NULL; +-- +2.31.1 + +From fc051ec83d8894dd754bf364562ba9be9ff999fc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Mon, 3 Feb 2020 15:35:51 +0200 +Subject: [PATCH 3/5] GMainContext - Fix memory leaks and memory corruption + when freeing sources while freeing a context + +Instead of destroying sources directly while freeing the context, and +potentially freeing them if this was the last reference to them, collect +new references of all sources in a separate list before and at the same +time invalidate their context so that they can't access it anymore. Only +once all sources have their context invalidated, destroy them while +still keeping a reference to them. Once all sources are destroyed we get +rid of the additional references and free them if nothing else keeps a +reference to them anymore. + +This fixes a regression introduced by 26056558be in 2012. + +The previous code that invalidated the context of each source and then +destroyed it before going to the next source without keeping an +additional reference caused memory leaks or memory corruption depending +on the order of the sources in the sources lists. + +If a source was destroyed it might happen that this was the last +reference to this source, and it would then be freed. This would cause +the finalize function to be called, which might destroy and unref +another source and potentially free it. This other source would then +either +- go through the normal free logic and change the intern linked list + between the sources, while other sources that are unreffed as part of + the main context freeing would not. As such the list would be in an + inconsistent state and we might dereference freed memory. +- go through the normal destroy and free logic but because the context + pointer was already invalidated it would simply mark the source as + destroyed without actually removing it from the context. This would + then cause a memory leak because the reference owned by the context is + not freed. + +Fixes https://github.com/gtk-rs/glib/issues/583 while still keeping +https://bugzilla.gnome.org/show_bug.cgi?id=661767 fixes. +--- + glib/gmain.c | 35 ++++++++++++++++++++++++++++++++++- + 1 file changed, 34 insertions(+), 1 deletion(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index a3ea1d36c..1c249ad02 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -534,6 +534,7 @@ g_main_context_unref (GMainContext *context) + GSourceIter iter; + GSource *source; + GList *sl_iter; ++ GSList *s_iter, *remaining_sources = NULL; + GSourceList *list; + guint i; + +@@ -553,10 +554,30 @@ g_main_context_unref (GMainContext *context) + + /* g_source_iter_next() assumes the context is locked. */ + LOCK_CONTEXT (context); +- g_source_iter_init (&iter, context, TRUE); ++ ++ /* First collect all remaining sources from the sources lists and store a ++ * new reference in a separate list. Also set the context of the sources ++ * to NULL so that they can't access a partially destroyed context anymore. ++ * ++ * We have to do this first so that we have a strong reference to all ++ * sources and destroying them below does not also free them, and so that ++ * none of the sources can access the context from their finalize/dispose ++ * functions. */ ++ g_source_iter_init (&iter, context, FALSE); + while (g_source_iter_next (&iter, &source)) + { + source->context = NULL; ++ remaining_sources = g_slist_prepend (remaining_sources, g_source_ref (source)); ++ } ++ g_source_iter_clear (&iter); ++ ++ /* Next destroy all sources. As we still hold a reference to all of them, ++ * this won't cause any of them to be freed yet and especially prevents any ++ * source that unrefs another source from its finalize function to be freed. ++ */ ++ for (s_iter = remaining_sources; s_iter; s_iter = s_iter->next) ++ { ++ source = s_iter->data; + g_source_destroy_internal (source, context, TRUE); + } + UNLOCK_CONTEXT (context); +@@ -581,6 +602,18 @@ g_main_context_unref (GMainContext *context) + g_cond_clear (&context->cond); + + g_free (context); ++ ++ /* And now finally get rid of our references to the sources. This will cause ++ * them to be freed unless something else still has a reference to them. Due ++ * to setting the context pointers in the sources to NULL above, this won't ++ * ever access the context or the internal linked list inside the GSource. ++ * We already removed the sources completely from the context above. */ ++ for (s_iter = remaining_sources; s_iter; s_iter = s_iter->next) ++ { ++ source = s_iter->data; ++ g_source_unref_internal (source, NULL, FALSE); ++ } ++ g_slist_free (remaining_sources); + } + + /* Helper function used by mainloop/overflow test. +-- +2.31.1 + +From 1d16e92028f235ed9cd786070832d5bd71017661 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Tue, 11 Feb 2020 09:34:38 +0200 +Subject: [PATCH 4/5] GMainContext - Move mutex unlocking in destructor right + before freeing the mutex + +This does not have any behaviour changes but is cleaner. The mutex is +only unlocked now after all operations on the context are done and right +before freeing the mutex and the context itself. +--- + glib/gmain.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index 1c249ad02..44e6ed0c3 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -580,7 +580,6 @@ g_main_context_unref (GMainContext *context) + source = s_iter->data; + g_source_destroy_internal (source, context, TRUE); + } +- UNLOCK_CONTEXT (context); + + for (sl_iter = context->source_lists; sl_iter; sl_iter = sl_iter->next) + { +@@ -591,6 +590,7 @@ g_main_context_unref (GMainContext *context) + + g_hash_table_destroy (context->sources); + ++ UNLOCK_CONTEXT (context); + g_mutex_clear (&context->mutex); + + g_ptr_array_free (context->pending_dispatches, TRUE); +-- +2.31.1 + +From 02ad7294ad5895178df73a6cd8546c6e67097493 Mon Sep 17 00:00:00 2001 +From: Benjamin Berg +Date: Tue, 13 Oct 2020 15:09:43 +0200 +Subject: [PATCH 5/5] gmain: Fix possible locking issue in source unref + +When unref'ing child sources, the lock is already held. But instead of +passing TRUE to g_source_unref_internal it currently passes whether the +lock was already held outside of the current invocation. Just pass TRUE +to fix this possible issue. +--- + glib/gmain.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/glib/gmain.c b/glib/gmain.c +index 44e6ed0c3..95992253d 100644 +--- a/glib/gmain.c ++++ b/glib/gmain.c +@@ -2164,7 +2164,7 @@ g_source_unref_internal (GSource *source, + g_slist_remove (source->priv->child_sources, child_source); + child_source->priv->parent_source = NULL; + +- g_source_unref_internal (child_source, context, have_lock); ++ g_source_unref_internal (child_source, context, TRUE); + } + + g_slice_free (GSourcePrivate, source->priv); +-- +2.31.1 diff --git a/SOURCES/gvariant-tests.patch b/SOURCES/gvariant-tests.patch new file mode 100644 index 0000000..5381817 --- /dev/null +++ b/SOURCES/gvariant-tests.patch @@ -0,0 +1,142 @@ +From 85c4031696add9797e2334ced20678edcd96c869 Mon Sep 17 00:00:00 2001 +From: Mart Raudsepp +Date: Wed, 19 Dec 2018 16:22:21 +0200 +Subject: [PATCH 1/2] tests: Allocate gvariant data from the heap to guarantee + alignment + +On glib-2-58 branch we don't have !455, thus we need aligned data +for the gvariant tests to not fail on i686. + +Fixes #1626 +--- + glib/tests/gvariant.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c +index 6e417f6c1..a7b19826d 100644 +--- a/glib/tests/gvariant.c ++++ b/glib/tests/gvariant.c +@@ -4664,6 +4664,7 @@ test_stack_dict_init (void) + static void + test_normal_checking_tuples (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, + 'a', '(', 'a', 'o', 'a', 'o', 'a', 'a', 'o', 'a', 'a', 'o', ')' +@@ -4672,13 +4673,15 @@ test_normal_checking_tuples (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +@@ -4790,6 +4793,7 @@ test_recursion_limits_array_in_variant (void) + static void + test_normal_checking_array_offsets (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, 0x00, 0x00, + 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'g', +@@ -4798,13 +4802,15 @@ test_normal_checking_array_offsets (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +@@ -4838,6 +4844,7 @@ test_normal_checking_tuple_offsets (void) + static void + test_normal_checking_empty_object_path (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x20, 0x20, 0x00, 0x00, 0x00, 0x00, + '(', 'h', '(', 'a', 'i', 'a', 'b', 'i', 'o', ')', ')', +@@ -4846,13 +4853,15 @@ test_normal_checking_empty_object_path (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +-- +2.19.1 + +From 4ef58e5661849317a1110c9b93957f2c608677dd Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Thu, 3 Jan 2019 08:21:40 +0000 +Subject: [PATCH 2/2] gvariant test: Also force alignment for tuple test data + +glib!552 (commit 9eed22b3) fixed this for the tests that failed on i686, +but this additional test failed on Debian's s390x port +(IBM z/Architecture, 64-bit big-endian). + +Signed-off-by: Simon McVittie +--- + glib/tests/gvariant.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c +index a7b19826d..c4a996c1f 100644 +--- a/glib/tests/gvariant.c ++++ b/glib/tests/gvariant.c +@@ -4820,6 +4820,7 @@ test_normal_checking_array_offsets (void) + static void + test_normal_checking_tuple_offsets (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, + '(', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', ')', +@@ -4828,13 +4829,15 @@ test_normal_checking_tuple_offsets (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, +- FALSE, NULL, NULL); ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, ++ size, FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +-- +2.19.1 diff --git a/SPECS/glib2.spec b/SPECS/glib2.spec index 299a1d3..081ea1b 100644 --- a/SPECS/glib2.spec +++ b/SPECS/glib2.spec @@ -5,7 +5,7 @@ Name: glib2 Version: 2.56.4 -Release: 12%{?dist} +Release: 13%{?dist} Summary: A library of handy utility functions License: LGPLv2+ @@ -37,73 +37,71 @@ BuildRequires: python3-devel # for GIO content-type support Recommends: shared-mime-info -# Downstream patches -Patch01: 0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch +# Implement RHEL 8 core crypto components policy +# https://bugzilla.redhat.com/show_bug.cgi?id=1630260 +# https://gitlab.gnome.org/GNOME/glib/merge_requests/903 +Patch0: ghmac-gnutls.patch -# Backported from git master -Patch10: 0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch -Patch11: 0001-spawn-add-shebang-line-to-script.patch -Patch12: 0001-build-sys-Pass-CFLAGS-to-DTRACE.patch -Patch13: 0001-gfile-Limit-access-to-files-when-copying.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/50 +Patch1: 50.patch -# Backported from git glib-2-56 branch -Patch20: 0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch -Patch21: 0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/309 +Patch2: 309.patch -# Backported from 2.58 (for 3.32 GNOME rebase) -Patch30: backport-per-desktop-overrides.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/403 +Patch3: 409.patch -# https://gitlab.gnome.org/GNOME/glib/merge_requests/903 -# https://bugzilla.redhat.com/show_bug.cgi?id=1630260 -Patch37: ghmac-gnutls.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/546 +Patch4: 546.patch -# Backported from git -Patch40: 0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/876 +Patch5: CVE-2019-12450.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1777213 -Patch50: 0001-gcredentialsprivate-Document-the-various-private-mac.patch -Patch51: 0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch -Patch52: 0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/552 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/569 +Patch6: gvariant-tests.patch -# Mostly from https://gitlab.gnome.org/GNOME/glib/-/commits/master/gio/gkeyfilesettingsbackend.c -Patch60: keyfile-backend.patch -# https://gitlab.gnome.org/GNOME/glib/-/issues/1658 -Patch61: CVE-2019-13012.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/105 +Patch7: 105.patch -# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1927 -Patch70: 0001-gstrfuncs-Add-internal-g_memdup2-function.patch -Patch71: 0002-gio-Use-g_memdup2-instead-of-g_memdup-in-obvious-pla.patch -Patch72: 0003-gobject-Use-g_memdup2-instead-of-g_memdup-in-obvious.patch -Patch73: 0004-glib-Use-g_memdup2-instead-of-g_memdup-in-obvious-pl.patch -Patch74: 0005-gwinhttpfile-Avoid-arithmetic-overflow-when-calculat.patch -Patch75: 0006-gdatainputstream-Handle-stop_chars_len-internally-as.patch -Patch76: 0007-gwin32-Use-gsize-internally-in-g_wcsdup.patch -Patch77: 0008-gkeyfilesettingsbackend-Handle-long-keys-when-conver.patch -Patch78: 0009-gsocket-Use-gsize-to-track-native-sockaddr-s-size.patch -Patch79: 0010-gtlspassword-Forbid-very-long-TLS-passwords.patch -Patch80: 0011-giochannel-Forbid-very-long-line-terminator-strings.patch -Patch81: 0012-Use-more-g_memdup2.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/532 +Patch8: 532.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1777213 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1176 +Patch9: 1176.patch + +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/450 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/603 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/974 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/984 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/985 +Patch10: keyfile-backend.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/604 +Patch11: CVE-2019-13012.patch # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942 -Patch90: 0001-gbytearray-Do-not-accept-too-large-byte-arrays.patch +Patch12: CVE-2021-27218.patch + +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1927 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2000 +Patch13: CVE-2021-27219.patch # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1981 -Patch100: 0001-glocalfileoutputstream-Factor-out-a-flag-check.patch -Patch101: 0002-glocalfileoutputstream-Fix-CREATE_REPLACE_DESTINATIO.patch -Patch102: 0003-glocalfileoutputstream-Add-a-missing-O_CLOEXEC-flag-.patch +Patch14: CVE-2021-28153.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1938284 -Patch110: 0001-libcharset-Drop-a-redundant-environment-variable.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1369 +Patch15: 1369.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1948988 -Patch120: 0001-Use-atomic-reference-counting-for-GSource.patch -Patch121: 0002-GMainContext-Fix-GSource-iterator-if-iteration-can-m.patch -Patch122: 0003-GMainContext-Fix-memory-leaks-and-memory-corruption-.patch -Patch123: 0004-GMainContext-Move-mutex-unlocking-in-destructor-righ.patch -Patch124: 0005-gmain-Fix-possible-locking-issue-in-source-unref.patch +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/873 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1353 +# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1691 +Patch16: gmain-corruption.patch # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1713 -Patch130: 0001-gmain-g_main_context_check-can-skip-updating-polled-.patch +Patch17: 1713.patch %description GLib is the low-level core library that forms the basis for projects @@ -302,6 +300,11 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %{_datadir}/installed-tests %changelog +* Thu May 20 2021 Michael Catanzaro - 2.56.4-13 +- Rename and consolidate existing patches for better maintainability +- Refresh CVE-2021-27219 patcheset, using better-targeted fixes + Resolves: #1939108 + * Wed May 05 2021 Michael Catanzaro - 2.56.4-12 - Fix various problems in GMainContext Resolves: #1948988