| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|\
| |
| |
| |
| | |
Backport !1009 “gapplication: remove inactivity_timeout source on finalize” to glib-2-60
See merge request GNOME/glib!1012
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The event source used to handle inactivity_timeout doesn't hold a
reference on the application. Therefore, it is possible for callback
function of the event source to run after the application has been
freed, leading to use-after-free problem. To avoid the problem, we
should remove the event source before the application is freed.
This should fix SIGBUS crash of gio/tests/gapplication on FreeBSD.
https://gitlab.gnome.org/GNOME/glib/issues/1846#note_566550
|
|\ \
| | |
| | |
| | |
| | | |
Backport !1017 “gdatetime: Avoid an assertion failure when parsing some ISO 8601 dates” to glib-2-60
See merge request GNOME/glib!1081
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some malformed ISO 8601 date/time strings were causing an assertion
failure when passed to `g_date_time_new_from_iso8601()`, due to a
mismatch between the bounds checking of timezone offsets in `GDateTime`
and `GTimeZone`. Fix that and add a unit test for it.
(Trivial backport of !1017.)
oss-fuzz#16101
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|\ \
| | |
| | |
| | |
| | | |
Backport !1040 “GSettingsBackend - Fix thread-safety during destruction of GSettings instances...” to glib-2-60
See merge request GNOME/glib!1065
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
instances while notifications are emitted
g_settings_backend_watch() uses a weak notify for keeping track of
the target. There's an explanation why this is supposed to be safe but
that explanation is wrong.
The following could happen before:
1. We have the target stored in the watch list
2. The last reference to the target is dropped in thread A and we end up
in g_settings_backend_watch_weak_notify() right before the mutex
3. g_settings_backend_dispatch_signal() is called from another thread B
and gets the mutex before 2.
4. g_weak_ref_init() is called on the target from thread B, which at
this point has a reference count of exactly one (see g_object_unref()
where it calls the weak notifies)
5. Thread A continues at 3. and drops the last reference and destroys
the object. Now the GWeakRef from 4. points to a destroyed object. Note
that GWeakRefs would be cleared before the weak notifies are called
6. At some later point another thread g_weak_ref_get() is called by
g_settings_backend_invoke_closure() and accesses an already destroyed
object with refcount 0 from the GWeakRef created in 4. by thread B (or
worse, already freed memory that was reused).
Solve this by actually storing a GWeakRef of the target in the watch
list and only access the target behind it via the GWeakRef API, and then
pass a strong reference to the notification dispatch code.
The weak notify is only used to remove the (potentially with empty
GWeakRef) target from the list of watches and the only place that
compares the target by pointer instead of going through the GWeakRef
API.
Fixes https://gitlab.gnome.org/GNOME/glib/issues/1870
|
|\ \
| | |
| | |
| | |
| | | |
Backport !966 “Resolve "Invalid characters in Open Location dialog crashes GIMP"” to glib-2-60
See merge request GNOME/glib!1061
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If we fail to create a GWinhttpFile for a URI (for example, because it’s
an invalid URI or is badly encoded), don’t just return NULL. Instead,
fall back to the wrapped VFS which might be able to handle it instead.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1819
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It can return NULL if the URI was badly encoded or couldn’t be handled
by Windows’ API.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #1819
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It cannot return a NULL value, as none of its callers have error
handlng. Add an assertion to check the values returned by the VFS
implementations.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #1819
|
|\ \
| |/
|/|
| |
| | |
Backport !1008 “gmessages: Only use structured logs if GLIB_VERSION_MAX_ALLOWED is ≥2.56” to glib-2-60
See merge request GNOME/glib!1013
|
|/
|
|
|
|
|
|
|
| |
Only redefine g_message() and friends to use structured logging if the
compiling code is OK with depending on GLib functionality from ≥2.56.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1847
|
|
|
|
| |
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|\
| |
| |
| |
| | |
Backport !984, !985 keyfile/portal fixes to glib-2-60
See merge request GNOME/glib!993
|
| |
| |
| |
| |
| |
| |
| | |
This happens when we are default-constructed
without explicit arguments.
Closes: https://gitlab.gnome.org/GNOME/glib/issues/1825
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We want to use the keyfile backend in sandboxes,
but we want to avoid people losing their existing
settings that are stored in dconf. Flatpak does
a migration from dconf to keyfile, but only if
the app explictly requests it.
From an app perspective, there are two steps to
the dconf->keyfile migration:
1. Request that flatpak do the migration, by adding
the migrate-path key to the metadata
2. Stop adding the 'dconf hole' to the sandbox
To keep us from switching to the keyfile backend
prematurely, look at whether the app has stopped
requesting a 'dconf hole' in the sandbox.
|
|/
|
|
|
|
| |
Add method to find whether the sandbox provides
access to dconf. This will be used to tweak
the priorities for the keyfile settings backend.
|
|
|
|
| |
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|\
| |
| |
| |
| | |
gthread: fix minor errno problem in GCond
See merge request GNOME/glib!965
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The return value from `g_cond_wait_until()` is calculated, based on the
value of `errno` after reacquiring the mutex. This is a problem because
`errno` can be overwritten in the case the mutex is contended (in which
case the slow-path code will re-enter the kernel).
Perform the calculation before reacquiring the mutex.
See merge request GNOME/glib!958
|
|\ \
| | |
| | |
| | |
| | | |
Backport !945 “Avoid overrunning stack at the end of the varargs.” to glib-2-60
See merge request GNOME/glib!949
|
| |/ |
|
|\ \
| | |
| | |
| | |
| | | |
Backport !954 “Fix the ISO 15924 code for Manichaean” to glib-2-60
See merge request GNOME/glib!956
|
| |/ |
|
|\ \
| | |
| | |
| | |
| | | |
Backport !974 “Ensure that the keyfile settings backend exists” to glib-2-60
See merge request GNOME/glib!977
|
|/ /
| |
| |
| |
| |
| | |
We need to bring the type into existence.
Closes: https://gitlab.gnome.org/GNOME/glib/issues/1822
|
|\ \
| |/
|/|
| |
| | |
Backport !968 ”Fix typo in request handle” to glib-2-60
See merge request GNOME/glib!969
|
|/ |
|
|\
| |
| |
| |
| | |
Backport !909 “D-Bus auth mechanism improvements” to glib-2-60
See merge request GNOME/glib!910
|
| |
| |
| |
| |
| |
| | |
On Unix, we expect EXTERNAL authentication to work.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It's somewhat unrealistic to use a GDBusServer without a
GDBusAuthObserver, because most D-Bus servers want to be like the
standard session bus (the owning user can connect) rather than being
like the standard system bus (all users can connect, the server is a
security boundary, and many bugs are security vulnerabilities).
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
| |
| |
| |
| |
| |
| | |
This is simpler and more robust than DBUS_COOKIE_SHA1, which relies
on assumptions about random numbers and a secure home directory.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Authentication is about proving who I am; authorization is about
whether, given the knowledge of who I am, I am allowed to do something.
GDBusServer and GDBusConnection carry out authentication automatically,
but rely on the library user to carry out authorization.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
| |
| |
| |
| | |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|/
|
|
|
|
|
| |
This is useful information for implementors of portable software to know
whether they can rely on credentials-passing.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
| |
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
|\
| |
| |
| |
| | |
Backport !904 “Fix some valist genmarshal bugs” to glib-2-60
See merge request GNOME/glib!905
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When building a valist marshaller, we can avoid a string copy if the
argument is known to always be static. The marshaller we ship in
`gmarshal.c` got this right, but marshallers generated by
glib-genmarshal were missing the optimisation. Fix that.
Backported version of !904 does not include the unit test. The version
of this on `master` includes a unit test.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1792
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The old (Perl) implementation of glib-genmarshal used
g_variant_ref_sink() to correctly handle floating inputs; the Python
version should do the same.
Backported version of !904 does not include the unit test. The version
of this on `master` includes a unit test.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1793
|
|\ \
| |/
|/|
| |
| | |
Backport !799 “Revert "macros: Try to use the standard __func__ first in G_STRFUNC"” to glib-2-60
See merge request GNOME/glib!899
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 9f75cc9edf1d311ef4bacc3d686c7afa0c4dcbb2.
It breaks usage of G_STRFUNC when compiling applications with
`-Wpedantic` — `__func__` is not `#define`d, so G_STRFUNC was falling
through to using `__FUNCTION__`, which raises a warning with
`-Wpedantic`.
Fun times.
Fixes: #1755
|
|\
| |
| |
| |
| | |
Backport !865 'gnetworkaddress: fix "happy eyeballs" logic' to glib-2-60
See merge request GNOME/glib!894
|
| |
| |
| |
| |
| |
| | |
Add a case for when the IPv6 result comes back negative and the IPv4
result is significantly delayed. This is exactly the case that causes
the bug addressed by GNOME/glib!865
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "happy eyeballs" RFC states that on receiving a negative response
for an IPv6 address lookup, we should wait for the IPv4 lookup to
complete and use any results we get from there.
The current code was not doing that: it was rather setting a timeout for
failing the resolution entirely. In scenarios where the IPv4 response
comes more than 50ms after the IPv6 response (which is easily attainable
under valgrind in certain configurations) this means that the IPv4
response will never come.
Remove the timeout and just wait.
See merge request GNOME/glib!865
|
|\
| |
| |
| |
| | |
Backport !876 “gfile: Limit access to files when copying” to glib-2-60
See merge request GNOME/glib!878
|
|/
|
|
|
|
|
|
| |
file_copy_fallback creates new files with default permissions and
set the correct permissions after the operation is finished. This
might cause that the files can be accessible by more users during
the operation than expected. Use G_FILE_CREATE_PRIVATE for the new
files to limit access to those files.
|
|\
| |
| |
| |
| | |
Backport !875 “CI/msys2: disable coverage reporting, lcov doesn't support gcc9 yet” to glib-2-60
See merge request GNOME/glib!886
|