diff options
| author | Richard Hughes <richard@hughsie.com> | 2018-01-24 19:33:41 +0000 |
|---|---|---|
| committer | Richard Hughes <richard@hughsie.com> | 2018-01-24 20:05:08 +0000 |
| commit | 2dd6f02296f82cba60c1523d361d8250d9f43539 (patch) | |
| tree | c95854342adc5011d7bc86123bf574e8cd6b1f70 /libappstream-glib/as-node.c | |
| parent | 628474b5b3a82e779447e296c3e019fe913800ff (diff) | |
| download | appstream-glib-2dd6f02296f82cba60c1523d361d8250d9f43539.tar.gz | |
Fix an invalid read when using as_app_parse_data() from Python
Using GObject Introspection we were creating an object using GLib.Bytes.new(buf)
where buf was a python str object. This created a GBytes object with no
trailing NUL char but we were expecting a NUL-terminated string when both doing
fnmatch() and also processing the XML. Support this by guarding fnmatch and
also by using the string length when using the GMarkupParseContext.
Diffstat (limited to 'libappstream-glib/as-node.c')
| -rw-r--r-- | libappstream-glib/as-node.c | 65 |
1 files changed, 45 insertions, 20 deletions
diff --git a/libappstream-glib/as-node.c b/libappstream-glib/as-node.c index 36b4ae1..f8199a9 100644 --- a/libappstream-glib/as-node.c +++ b/libappstream-glib/as-node.c @@ -783,22 +783,10 @@ as_node_passthrough_cb (GMarkupParseContext *context, } } -/** - * as_node_from_xml: (skip) - * @data: XML data - * @flags: #AsNodeFromXmlFlags, e.g. %AS_NODE_FROM_XML_FLAG_NONE - * @error: A #GError or %NULL - * - * Parses XML data into a DOM tree. - * - * Returns: (transfer none): A populated #AsNode tree - * - * Since: 0.1.0 - **/ -AsNode * -as_node_from_xml (const gchar *data, - AsNodeFromXmlFlags flags, - GError **error) +static AsNode * +as_node_from_xml_internal (const gchar *data, gssize data_sz, + AsNodeFromXmlFlags flags, + GError **error) { AsNodeToXmlHelper helper; AsNode *root = NULL; @@ -822,10 +810,7 @@ as_node_from_xml (const gchar *data, G_MARKUP_PREFIX_ERROR_POSITION, &helper, NULL); - ret = g_markup_parse_context_parse (ctx, - data, - -1, - &error_local); + ret = g_markup_parse_context_parse (ctx, data, data_sz, &error_local); if (!ret) { g_set_error_literal (error, AS_NODE_ERROR, @@ -848,6 +833,46 @@ as_node_from_xml (const gchar *data, } /** + * as_node_from_bytes: (skip) + * @bytes: a #GBytes + * @flags: #AsNodeFromXmlFlags, e.g. %AS_NODE_FROM_XML_FLAG_NONE + * @error: A #GError or %NULL + * + * Parses XML data into a DOM tree. + * + * Returns: (transfer none): A populated #AsNode tree + * + * Since: 0.7.6 + **/ +AsNode * +as_node_from_bytes (GBytes *bytes, AsNodeFromXmlFlags flags, GError **error) +{ + gsize sz = 0; + const gchar *buf; + g_return_val_if_fail (bytes != NULL, NULL); + buf = g_bytes_get_data (bytes, &sz); + return as_node_from_xml_internal (buf, (gssize) sz, flags, error); +} + +/** + * as_node_from_xml: (skip) + * @data: XML data + * @flags: #AsNodeFromXmlFlags, e.g. %AS_NODE_FROM_XML_FLAG_NONE + * @error: A #GError or %NULL + * + * Parses XML data into a DOM tree. + * + * Returns: (transfer none): A populated #AsNode tree + * + * Since: 0.1.0 + **/ +AsNode * +as_node_from_xml (const gchar *data, AsNodeFromXmlFlags flags, GError **error) +{ + return as_node_from_xml_internal (data, -1, flags, error); +} + +/** * as_node_to_file: (skip) * @root: A populated #AsNode tree * @file: a #GFile |