diff options
author | Richard Hughes <richard@hughsie.com> | 2018-01-24 19:33:41 +0000 |
---|---|---|
committer | Richard Hughes <richard@hughsie.com> | 2018-01-24 20:05:08 +0000 |
commit | 2dd6f02296f82cba60c1523d361d8250d9f43539 (patch) | |
tree | c95854342adc5011d7bc86123bf574e8cd6b1f70 /libappstream-glib/as-self-test.c | |
parent | 628474b5b3a82e779447e296c3e019fe913800ff (diff) | |
download | appstream-glib-2dd6f02296f82cba60c1523d361d8250d9f43539.tar.gz |
Fix an invalid read when using as_app_parse_data() from Python
Using GObject Introspection we were creating an object using GLib.Bytes.new(buf)
where buf was a python str object. This created a GBytes object with no
trailing NUL char but we were expecting a NUL-terminated string when both doing
fnmatch() and also processing the XML. Support this by guarding fnmatch and
also by using the string length when using the GMarkupParseContext.
Diffstat (limited to 'libappstream-glib/as-self-test.c')
-rw-r--r-- | libappstream-glib/as-self-test.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/libappstream-glib/as-self-test.c b/libappstream-glib/as-self-test.c index 7b3b6df..cde6fda 100644 --- a/libappstream-glib/as-self-test.c +++ b/libappstream-glib/as-self-test.c @@ -24,6 +24,7 @@ #include <glib.h> #include <glib/gstdio.h> #include <stdlib.h> +#include <string.h> #include <fnmatch.h> #include "as-app-private.h" @@ -5473,6 +5474,22 @@ as_test_utils_unique_id_hash_safe_func (void) } static void +as_test_app_parse_data_func (void) +{ + const gchar *data = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<component>\n</component>\n "; + gboolean ret; + g_autoptr(GBytes) blob = NULL; + g_autoptr(AsApp) app = as_app_new (); + g_autoptr(GError) error = NULL; + + blob = g_bytes_new (data, strlen (data)); + ret = as_app_parse_data (app, blob, AS_APP_PARSE_FLAG_NONE, &error); + g_assert_no_error (error); + g_assert (ret); +} + +static void as_test_ref_string_func (void) { const gchar *tmp; @@ -5546,6 +5563,7 @@ main (int argc, char **argv) g_test_add_func ("/AppStream/app{validate-file-bad}", as_test_app_validate_file_bad_func); g_test_add_func ("/AppStream/app{validate-meta-bad}", as_test_app_validate_meta_bad_func); g_test_add_func ("/AppStream/app{validate-intltool}", as_test_app_validate_intltool_func); + g_test_add_func ("/AppStream/app{parse-data}", as_test_app_parse_data_func); g_test_add_func ("/AppStream/app{parse-file:desktop}", as_test_app_parse_file_desktop_func); g_test_add_func ("/AppStream/app{no-markup}", as_test_app_no_markup_func); g_test_add_func ("/AppStream/app{subsume}", as_test_app_subsume_func); |