From 8a29325374fcc2dc847d65374d63b4401fc270a0 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 24 Oct 2022 11:58:23 +0100 Subject: backports: Add a backport of g_memdup2() g_memdup2() replaces g_memdup(), which is prone to integer overflow on 64-bit systems if copying a very large object with an attacker-controlled size. The original version in GLib is extern, but it seems simple enough to inline a backport. Related: https://gitlab.gnome.org/GNOME/glib/-/issues/2319 Signed-off-by: Simon McVittie --- glnx-backports.h | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/glnx-backports.h b/glnx-backports.h index afab392..f99f08f 100644 --- a/glnx-backports.h +++ b/glnx-backports.h @@ -1,8 +1,10 @@ /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- * + * Copyright 1998 Manish Singh + * Copyright 1998 Tim Janik * Copyright (C) 2015 Colin Walters * Copyright 2017 Emmanuele Bassi - * SPDX-License-Identifier: LGPL-2.0-or-later + * SPDX-License-Identifier: LGPL-2.1-or-later * * GLIB - Library of useful routines for C programming * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald @@ -10,7 +12,7 @@ * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. + * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -18,13 +20,13 @@ * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the - * Free Software Foundation, Inc., 59 Temple Place - Suite 330, - * Boston, MA 02111-1307, USA. + * License along with this library; if not, see . */ #pragma once +#include + #include G_BEGIN_DECLS @@ -85,6 +87,28 @@ gboolean glnx_set_object (GObject **object_ptr, #define G_DBUS_METHOD_INVOCATION_UNHANDLED FALSE #endif +#if !GLIB_CHECK_VERSION(2, 68, 0) +static inline gpointer _glnx_memdup2 (gconstpointer mem, + gsize byte_size) G_GNUC_ALLOC_SIZE(2); +static inline gpointer +_glnx_memdup2 (gconstpointer mem, + gsize byte_size) +{ + gpointer new_mem; + + if (mem && byte_size != 0) + { + new_mem = g_malloc (byte_size); + memcpy (new_mem, mem, byte_size); + } + else + new_mem = NULL; + + return new_mem; +} +#define g_memdup2 _glnx_memdup2 +#endif + #ifndef G_OPTION_ENTRY_NULL /* added in 2.70 */ #define G_OPTION_ENTRY_NULL { NULL, 0, 0, 0, NULL, NULL, NULL } #endif -- cgit v1.2.1 From 5275410e6c61d520b8c4b8617faba46a37c65ca1 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 24 Oct 2022 12:10:25 +0100 Subject: tests: Add a simple test for g_memdup2, from GLib Signed-off-by: Simon McVittie --- LICENSES/LicenseRef-old-glib-tests.txt | 16 +++++++++++++++ tests/meson.build | 1 + tests/test-libglnx-backports.c | 36 ++++++++++++++++++++++++++++++++++ 3 files changed, 53 insertions(+) create mode 100644 LICENSES/LicenseRef-old-glib-tests.txt create mode 100644 tests/test-libglnx-backports.c diff --git a/LICENSES/LicenseRef-old-glib-tests.txt b/LICENSES/LicenseRef-old-glib-tests.txt new file mode 100644 index 0000000..d78b443 --- /dev/null +++ b/LICENSES/LicenseRef-old-glib-tests.txt @@ -0,0 +1,16 @@ +This work is provided "as is"; redistribution and modification +in whole or in part, in any medium, physical or electronic is +permitted without restriction. + +This work is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +In no event shall the authors or contributors be liable for any +direct, indirect, incidental, special, exemplary, or consequential +damages (including, but not limited to, procurement of substitute +goods or services; loss of use, data, or profits; or business +interruption) however caused and on any theory of liability, whether +in contract, strict liability, or tort (including negligence or +otherwise) arising in any way out of the use of this software, even +if advised of the possibility of such damage. diff --git a/tests/meson.build b/tests/meson.build index 2d0a976..2d32a23 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -33,6 +33,7 @@ if get_option('tests') ) test_names = [ + 'backports', 'errors', 'fdio', 'macros', diff --git a/tests/test-libglnx-backports.c b/tests/test-libglnx-backports.c new file mode 100644 index 0000000..c475cd4 --- /dev/null +++ b/tests/test-libglnx-backports.c @@ -0,0 +1,36 @@ +/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- + * + * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald + * Copyright 2019 Emmanuel Fleury + * SPDX-License-Identifier: LGPL-2.1-or-later AND LicenseRef-old-glib-tests + */ + +#include "libglnx-config.h" +#include "libglnx.h" + +/* Testing g_memdup2() function with various positive and negative cases */ +static void +test_memdup2 (void) +{ + gchar *str_dup = NULL; + const gchar *str = "The quick brown fox jumps over the lazy dog"; + + /* Testing negative cases */ + g_assert_null (g_memdup2 (NULL, 1024)); + g_assert_null (g_memdup2 (str, 0)); + g_assert_null (g_memdup2 (NULL, 0)); + + /* Testing normal usage cases */ + str_dup = g_memdup2 (str, strlen (str) + 1); + g_assert_nonnull (str_dup); + g_assert_cmpstr (str, ==, str_dup); + + g_free (str_dup); +} + +int main (int argc, char **argv) +{ + g_test_init (&argc, &argv, NULL); + g_test_add_func ("/strfuncs/memdup2", test_memdup2); + return g_test_run(); +} -- cgit v1.2.1