| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AsStore keeps a priv->hash_id hash table with app ID's as keys and a
GPtrArray with the actual apps matching the app ID as values. To optimize
memory use, the keys are all AsRefStrings. As all AsRefStrings are reference
counted, they may get freed when the last app with the matching ID gets
removed.
To handle that case, make sure the remove the GPtrArray holding the apps as
well when removing last app matching an ID.
This fixes the following use after free when starting gnome-software:
==6065== Invalid read of size 1
==6065== at 0x8E26650: __strcmp_sse2_unaligned (in /usr/lib64/libc-2.24.so)
==6065== by 0x8585678: g_str_equal (ghash.c:1846)
==6065== by 0x8584BDF: g_hash_table_lookup_node (ghash.c:396)
==6065== by 0x8584BDF: g_hash_table_lookup (ghash.c:1147)
==6065== by 0x4E789F2: as_store_add_app (as-store.c:1229)
==6065== by 0x4E797CA: as_store_from_root (as-store.c:1537)
==6065== by 0x4E7A71F: as_store_from_file_internal (as-store.c:1880)
==6065== by 0x4E7B7A9: as_store_load_app_info_file (as-store.c:2556)
==6065== by 0x4E7B9B8: as_store_load_app_info (as-store.c:2611)
==6065== by 0x4E7C352: as_store_search_app_info (as-store.c:2847)
==6065== by 0x4E7C598: as_store_search_per_system (as-store.c:2883)
==6065== by 0x4E7CF7F: as_store_load (as-store.c:3068)
==6065== by 0x1E512B7B: gs_plugin_setup (gs-plugin-appstream.c:255)
==6065== by 0x46A2C5: gs_plugin_loader_setup (gs-plugin-loader.c:3912)
==6065== by 0x46ECCE: gs_application_initialize_plugins (gs-application.c:228)
==6065== by 0x46ED99: gs_application_dbus_register (gs-application.c:249)
==6065== by 0x8007167: g_application_impl_attempt_primary (gapplicationimpl-dbus.c:406)
==6065== by 0x8007167: g_application_impl_register (gapplicationimpl-dbus.c:555)
==6065== by 0x8003F22: g_application_register (gapplication.c:2033)
==6065== by 0x47064D: gs_application_handle_local_options (gs-application.c:864)
==6065== by 0xEFCFC57: ffi_call_unix64 (unix64.S:76)
==6065== by 0xEFCF6B9: ffi_call (ffi64.c:525)
==6065== Address 0x259c1994 is 4 bytes inside a block of size 31 free'd
==6065== at 0x4C2ED4A: free (vg_replace_malloc.c:530)
==6065== by 0x859B6BD: g_free (gmem.c:189)
==6065== by 0x4E70A37: as_ref_string_unref_from_str (as-ref-string.c:48)
==6065== by 0x8583D22: g_hash_table_remove_node (ghash.c:455)
==6065== by 0x8584647: g_hash_table_remove_internal (ghash.c:1358)
==6065== by 0x4E70E09: as_ref_string_unref (as-ref-string.c:225)
==6065== by 0x4E510B4: as_app_finalize (as-app.c:473)
==6065== by 0x830E116: g_object_unref (gobject.c:3185)
==6065== by 0x8569E2D: g_ptr_array_remove_index (garray.c:1188)
==6065== by 0x856A230: g_ptr_array_remove (garray.c:1321)
==6065== by 0x4E77D49: as_store_remove_app (as-store.c:931)
==6065== by 0x4E789DB: as_store_add_app (as-store.c:1225)
==6065== by 0x4E797CA: as_store_from_root (as-store.c:1537)
==6065== by 0x4E7A71F: as_store_from_file_internal (as-store.c:1880)
==6065== by 0x4E7B7A9: as_store_load_app_info_file (as-store.c:2556)
==6065== by 0x4E7B9B8: as_store_load_app_info (as-store.c:2611)
==6065== by 0x4E7C352: as_store_search_app_info (as-store.c:2847)
==6065== by 0x4E7C598: as_store_search_per_system (as-store.c:2883)
==6065== by 0x4E7CF7F: as_store_load (as-store.c:3068)
==6065== by 0x1E512B7B: gs_plugin_setup (gs-plugin-appstream.c:255)
==6065== Block was alloc'd at
==6065== at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)
==6065== by 0x859B5A8: g_malloc (gmem.c:94)
==6065== by 0x4E70ABF: as_ref_string_new_copy_with_length (as-ref-string.c:99)
==6065== by 0x4E6B908: as_node_reflow_text (as-node.c:516)
==6065== by 0x4E6BEF7: as_node_text_cb (as-node.c:707)
==6065== by 0x859A14D: g_markup_parse_context_parse (gmarkup.c:1514)
==6065== by 0x4E6C29C: as_node_from_xml (as-node.c:825)
==6065== by 0x4E5BAA8: as_app_parse_appdata_file (as-app.c:5665)
==6065== by 0x4E5BE6A: as_app_parse_file (as-app.c:5781)
==6065== by 0x4E7BEDB: as_store_load_installed (as-store.c:2743)
==6065== by 0x4E7C24B: as_store_search_installed (as-store.c:2825)
==6065== by 0x4E7C636: as_store_search_per_system (as-store.c:2890)
==6065== by 0x4E7CF7F: as_store_load (as-store.c:3068)
==6065== by 0x1E512B7B: gs_plugin_setup (gs-plugin-appstream.c:255)
==6065== by 0x46A2C5: gs_plugin_loader_setup (gs-plugin-loader.c:3912)
==6065== by 0x46ECCE: gs_application_initialize_plugins (gs-application.c:228)
==6065== by 0x46ED99: gs_application_dbus_register (gs-application.c:249)
==6065== by 0x8007167: g_application_impl_attempt_primary (gapplicationimpl-dbus.c:406)
==6065== by 0x8007167: g_application_impl_register (gapplicationimpl-dbus.c:555)
==6065== by 0x8003F22: g_application_register (gapplication.c:2033)
==6065== by 0x47064D: gs_application_handle_local_options (gs-application.c:864)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If we rely on the reference here being "borrowed" from priv->array,
then it's easy for that assumption to become unjustified. This
caused a crash for me in as_store_remove_app_by_id, which removes
the app from priv->array before it removes it from
priv->hash_unique_id; if no other code is holding a ref to the same
app, then as_app_get_unique_id() will be a use-after-free.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This preserves the 'installed' state of the AsRelease which gnome-software
is using for the update description logic.
|
|
|
|
|
| |
Geary recently renamed its app id to follow flatpak conventions. Adding a fallback to appstream.
More info, see [bug 766196](https://bugzilla.gnome.org/show_bug.cgi?id=766196) on GNOME bugzilla.
|
|
|
|
| |
This saves ~20Mb of RSS on a typical desktop Debian install.
|
|
|
|
| |
This reduces the time it takes to populate the token cache by 60%.
|
|
|
|
|
| |
This drops the RSS by ~1Mb and has the potential to do much more drastic
things if this is used in GNOME Software.
|
| |
|
| |
|
|
|
|
|
|
|
| |
This can be used to improve load speed in GNOME Software. By default everything
is indexed, which includes the multi-paragraph long description. Omitting this
information makes a huge difference to the creation time of the search token
cache.
|
|
|
|
| |
This saves 40ms from the AsStore startup time.
|
|
|
|
|
|
|
| |
This adds an optional flag that allows the node parser to ignore any nodes that
do not match the native languages of the user. This increases startup speed of
gnome-software by ~40ms but also drops the RSS by a massive 12Mb for the Fedora
AppStream file.
|
| |
|
|
|
|
| |
This speeds up loading the token cache by 30ms on x64.
|
|
|
|
| |
This speeds up loading the token cache by 55ms on x64 and a lot more on ARM.
|
|
|
|
| |
This allows us to test the stemming functionality with different locales.
|
|
|
|
| |
This is really only useful for profiling startup speed.
|
|
|
|
| |
This allows us to invalidate things built from the AsApp objects.
|
|
|
|
| |
This only appears to happen on Debian for some reason.
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit 9b36119e1ed8ae7c2bec341143c343a9d73dcdd8 as it causes a
crash in gnome-software 3-22 when a component is available locally as an
addon but not in the appstream yaml or xml files.
The commit is clearly wrong, I guess the original author was crazy.
|
|
|
|
|
|
|
| |
Monitor some locations so that if they are created after the AsStore is loaded
we correctly detect and load the new AppStream XML files
Inspired by a patch by Joaquim Rocha <jrocha@endlessm.com>, many thanks.
|
|
|
|
|
| |
This allows us to load only merge-type components, which we might want when
sharing per-system or per-user overrides.
|
|
|
|
| |
Sometimes we just want the 'extra' files rather than the distro-supplied ones.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The origin was being stripped the first 8 characters so it would discard
the "flatpak:" prefix. However, when on a user installation the prefix
is "user-flatpak:" so the origin would erroneously be set to
"tpak:gnome-apps".
These changes discard the completely profile after checking for the
prefix's delimiter.
|
| |
|
|
|
|
| |
This allows us to add lots of apps without issuing a 'changed' signal for each.
|
|
|
|
|
|
| |
For building we want ->CACHED, for parsing local files we want ->STOCK.
Fixes the other half of https://github.com/hughsie/appstream-glib/pull/128
|
|
|
|
| |
This allows components to replace parts of the app without just appending.
|
|
|
|
| |
When running in jhbuild this is somehow set incorrectly.
|
|
|
|
| |
Only deduplicate AppStream::AppData when the appdata file has system scope.
|
|
|
|
| |
This means we don't wildcard match against user non-package apps.
|
|
|
|
| |
This means we don't wildcard match against user non-package apps.
|
| |
|
|
|
|
| |
These are components that should be merged into matching entries.
|
| |
|
|
|
|
| |
This allows us to define a safe sane subset for merging and dedupe.
|
|
|
|
| |
These are the same 'app' to the end user.
|
|
|
|
| |
We have releases; different versions should be merged.
|
|
|
|
|
| |
We certainly don't want to copy over the source file, origin, branch or
version from the merged application.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This allows us to match soon-to-be-specified merge components to every
component in the store.
|
|
|
|
|
|
|
| |
It's never right to do an explicit check; if we add a system-wide AppStream
web-app and then a per-user .desktop version we actually want them to match.
The same is true for a per-system app with a per-user override.
|