From 1836f5da384b27324c9c1c40a7d43920777e69f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 07:34:56 +0000 Subject: [PATCH 01/17] update README. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- README | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README b/README index 96dc92f..cddc6ae 100644 --- a/README +++ b/README @@ -1 +1,6 @@ See README.md +https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e +https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 +https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 +https://gitlab.gnome.org/GNOME/glib/-/commit/9f70c964a08d09ef82933126eeadb9a82fba92ef +https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 \ No newline at end of file -- Gitee From 5ea5adfd6677c795fa91c482e2dd54f0b86a9f77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 08:32:26 +0000 Subject: [PATCH 02/17] update glib2.spec. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- glib2.spec | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/glib2.spec b/glib2.spec index 07d0715..831a587 100644 --- a/glib2.spec +++ b/glib2.spec @@ -79,6 +79,18 @@ Patch6068: backport-gutils-Fix-an-unlikely-minor-leak-in-g_build_user_data_ Patch6069: backport-openharmony-adapt.patch Patch6070: backport-openharmony-dummy.patch +patch6081: backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch +patch6082: backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch +patch6083: backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch +patch6084: backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch +patch6085: backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch + + +https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e +https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 +https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 +https://gitlab.gnome.org/GNOME/glib/-/commit/9f70c964a08d09ef82933126eeadb9a82fba92ef +https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson @@ -265,6 +277,12 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %endif %changelog +* Wed Dec 15 2024 wangdingbang - 2.72.2-15 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:fix memory leak, buffer overflow and some error + * Mon Feb 19 2024 hanhuihui - 2.72.2-14 - disable sysprof -- Gitee From 88266ee56f6a5d075507540b641b53d404400b51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 08:37:42 +0000 Subject: [PATCH 03/17] update glib2.spec. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- glib2.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/glib2.spec b/glib2.spec index 831a587..4481d62 100644 --- a/glib2.spec +++ b/glib2.spec @@ -86,11 +86,11 @@ patch6084: backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-conn patch6085: backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch +https://gitlab.gnome.org/GNOME/glib/-/commit/066fefafa02c01256338c22d1138f8e74acb86b4 +https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e -https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 -https://gitlab.gnome.org/GNOME/glib/-/commit/9f70c964a08d09ef82933126eeadb9a82fba92ef -https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 +https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson -- Gitee From e00773cc13764043a9fb2448511b26cfe2c2b916 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 08:51:26 +0000 Subject: [PATCH 04/17] fix overflow and leak MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...rn-value-on-UTF-8-validation-failure.patch | 53 +++++++++ ...x-GFileEnumerator-leaks-in-gio-tools.patch | 107 ++++++++++++++++++ ...tor-remains-nul-terminated-if-needed.patch | 53 +++++++++ ...-buffer-overflow-in-connect-messages.patch | 45 ++++++++ ...nor-leaks-in-xdg-directory-functions.patch | 43 +++++++ 5 files changed, 301 insertions(+) create mode 100644 patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch create mode 100644 patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch create mode 100644 patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch create mode 100644 patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch create mode 100644 patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch diff --git a/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch new file mode 100644 index 0000000..4ca8327 --- /dev/null +++ b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch @@ -0,0 +1,53 @@ +From 066fefafa02c01256338c22d1138f8e74acb86b4 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Sat, 12 Oct 2024 12:56:00 +0100 +Subject: [PATCH] tests: Use g_assert_*() rather than g_assert() in + GDataInputStream tests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +It won’t get compiled out with `G_DISABLE_ASSERT`. + +Signed-off-by: Philip Withnall +--- + gio/tests/data-input-stream.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/gio/tests/data-input-stream.c b/gio/tests/data-input-stream.c +index 8a1e8fb288..6934817773 100644 +--- a/gio/tests/data-input-stream.c ++++ b/gio/tests/data-input-stream.c +@@ -80,9 +80,9 @@ test_read_lines (GDataStreamNewlineType newline_type) + lines[i] = "some_text"; + + base_stream = g_memory_input_stream_new (); +- g_assert (base_stream != NULL); ++ g_assert_nonnull (base_stream); + stream = G_INPUT_STREAM (g_data_input_stream_new (base_stream)); +- g_assert(stream != NULL); ++ g_assert_nonnull (stream); + + /* Byte order testing */ + g_data_input_stream_set_byte_order (G_DATA_INPUT_STREAM (stream), G_DATA_STREAM_BYTE_ORDER_BIG_ENDIAN); +@@ -210,7 +210,7 @@ test_read_lines_LF_invalid_utf8 (void) + g_assert_no_error (error); + else + { +- g_assert (error != NULL); ++ g_assert_error (error, G_CONVERT_ERROR, G_CONVERT_ERROR_ILLEGAL_SEQUENCE); + g_clear_error (&error); + g_free (line); + break; +@@ -354,7 +354,7 @@ test_read_upto (void) + line++; + + stop_char = g_data_input_stream_read_byte (G_DATA_INPUT_STREAM (stream), NULL, &error); +- g_assert (memchr (DATA_SEP, stop_char, DATA_SEP_LEN) != NULL); ++ g_assert_nonnull (memchr (DATA_SEP, stop_char, DATA_SEP_LEN)); + g_assert_no_error (error); + } + g_free (data); +-- +GitLab + diff --git a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch new file mode 100644 index 0000000..9a84f96 --- /dev/null +++ b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch @@ -0,0 +1,107 @@ +From 7c6b11df2d622f4ef83a16ea875e18334c38302e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Tue, 10 Sep 2024 16:50:38 -0500 +Subject: [PATCH] giochannel: ensure line terminator remains nul-terminated if + needed + +If the user passes -1 length to g_io_channel_set_line_term() along with +a nul-terminated string, then calls g_io_channel_get_line_term() and +decides to treat the result as nul-terminated rather than checking the +length parameter, then the application will have a problem, because it's +not nul-terminated. That's weird, since the input string was. Let's +ensure the result is consistent: if you pass a nul-terminated string, +the result is nul-terminated. If not, it's not. + +Also add a warning to g_io_channel_get_line_term(), since it's very +strange for a gchar * return value to be anything other than a +nul-terminated UTF-8 string. This is an API design bug, but we cannot +fix it. +--- + glib/giochannel.c | 28 +++++++++++++++++----------- + glib/tests/io-channel.c | 7 +++++++ + 2 files changed, 24 insertions(+), 11 deletions(-) + +diff --git a/glib/giochannel.c b/glib/giochannel.c +index b44fff35b1..e54aea2568 100644 +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -877,26 +877,31 @@ g_io_channel_set_line_term (GIOChannel *channel, + const gchar *line_term, + gint length) + { +- guint length_unsigned; +- + g_return_if_fail (channel != NULL); + g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ + ++ g_free (channel->line_term); ++ + if (line_term == NULL) +- length_unsigned = 0; ++ { ++ channel->line_term = NULL; ++ channel->line_term_len = 0; ++ } + else if (length >= 0) +- length_unsigned = (guint) length; ++ { ++ /* We store the value nul-terminated even if the input is not */ ++ channel->line_term = g_malloc0 (length + 1); ++ memcpy (channel->line_term, line_term, length); ++ channel->line_term_len = (guint) length; ++ } + else + { +- /* FIXME: We’re constrained by line_term_len being a guint here */ ++ /* We’re constrained by line_term_len being a guint here */ + gsize length_size = strlen (line_term); + g_return_if_fail (length_size <= G_MAXUINT); +- length_unsigned = (guint) length_size; ++ channel->line_term = g_strdup (line_term); ++ channel->line_term_len = (guint) length_size; + } +- +- g_free (channel->line_term); +- channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; +- channel->line_term_len = length_unsigned; + } + + /** +@@ -906,7 +911,8 @@ g_io_channel_set_line_term (GIOChannel *channel, + * + * This returns the string that #GIOChannel uses to determine + * where in the file a line break occurs. A value of %NULL +- * indicates autodetection. ++ * indicates autodetection. Since 2.84, the return value is always ++ * nul-terminated. + * + * Returns: The line termination string. This value + * is owned by GLib and must not be freed. +diff --git a/glib/tests/io-channel.c b/glib/tests/io-channel.c +index c5dd01d04e..99879be1b1 100644 +--- a/glib/tests/io-channel.c ++++ b/glib/tests/io-channel.c +@@ -178,6 +178,8 @@ test_read_line_embedded_nuls (void) + GError *local_error = NULL; + gchar *line = NULL; + gsize line_length, terminator_pos; ++ const gchar *line_term; ++ gint line_term_length; + GIOStatus status; + + g_test_summary ("Test that reading a line containing embedded nuls works " +@@ -200,6 +202,11 @@ test_read_line_embedded_nuls (void) + * Use length -1 here to exercise glib#2323; the case where length > 0 + * is covered in glib/tests/protocol.c. */ + g_io_channel_set_line_term (channel, "\n", -1); ++ ++ line_term = g_io_channel_get_line_term (channel, &line_term_length); ++ g_assert_cmpstr (line_term, ==, "\n"); ++ g_assert_cmpint (line_term_length, ==, 1); ++ + g_io_channel_set_encoding (channel, NULL, &local_error); + g_assert_no_error (local_error); + +-- +GitLab + diff --git a/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch new file mode 100644 index 0000000..7adf7c7 --- /dev/null +++ b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch @@ -0,0 +1,53 @@ +From 5b2da7ecb3b509f1a4d72284fdba025db1261d70 Mon Sep 17 00:00:00 2001 +From: correctmost <136447-correctmost@users.noreply.gitlab.gnome.org> +Date: Sat, 2 Nov 2024 17:06:37 -0400 +Subject: [PATCH] gio: Fix GFileEnumerator leaks in gio tools + +--- + gio/gio-tool-list.c | 2 ++ + gio/gio-tool-trash.c | 2 ++ + gio/gio-tool-tree.c | 2 +- + 3 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/gio/gio-tool-list.c b/gio/gio-tool-list.c +index 0da86269d1..aafdb85af7 100644 +--- a/gio/gio-tool-list.c ++++ b/gio/gio-tool-list.c +@@ -157,6 +157,8 @@ list (GFile *file) + res = FALSE; + } + ++ g_object_unref (enumerator); ++ + return res; + } + +diff --git a/gio/gio-tool-trash.c b/gio/gio-tool-trash.c +index 6e6137f2ad..65a29f8490 100644 +--- a/gio/gio-tool-trash.c ++++ b/gio/gio-tool-trash.c +@@ -204,6 +204,8 @@ trash_list (GFile *file, + res = FALSE; + } + ++ g_object_unref (enumerator); ++ + return res; + } + +diff --git a/gio/gio-tool-tree.c b/gio/gio-tool-tree.c +index 28fad051f0..e26fb6a7a8 100644 +--- a/gio/gio-tool-tree.c ++++ b/gio/gio-tool-tree.c +@@ -106,7 +106,7 @@ do_tree (GFile *f, unsigned int level, guint64 pattern) + info_list = g_list_prepend (info_list, info); + } + } +- g_file_enumerator_close (enumerator, NULL, NULL); ++ g_object_unref (enumerator); + + info_list = g_list_sort (info_list, (GCompareFunc) sort_info_by_name); + +-- +GitLab + diff --git a/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch new file mode 100644 index 0000000..c677cfc --- /dev/null +++ b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch @@ -0,0 +1,45 @@ +From 25833cefda24c60af913d6f2d532b5afd608b821 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 19 Sep 2024 18:35:53 +0100 +Subject: [PATCH] gsocks4aproxy: Fix a single byte buffer overflow in connect + messages + +`SOCKS4_CONN_MSG_LEN` failed to account for the length of the final nul +byte in the connect message, which is an addition in SOCKSv4a vs +SOCKSv4. + +This means that the buffer for building and transmitting the connect +message could be overflowed if the username and hostname are both +`SOCKS4_MAX_LEN` (255) bytes long. + +Proxy configurations are normally statically configured, so the username +is very unlikely to be near its maximum length, and hence this overflow +is unlikely to be triggered in practice. + +(Commit message by Philip Withnall, diagnosis and fix by Michael +Catanzaro.) + +Fixes: #3461 +--- + gio/gsocks4aproxy.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/gio/gsocks4aproxy.c b/gio/gsocks4aproxy.c +index 3dad118eb7..b3146d08fd 100644 +--- a/gio/gsocks4aproxy.c ++++ b/gio/gsocks4aproxy.c +@@ -79,9 +79,9 @@ g_socks4a_proxy_init (GSocks4aProxy *proxy) + * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+ + * | VN | CD | DSTPORT | DSTIP | USERID |NULL| HOST | | NULL | + * +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+ +- * 1 1 2 4 variable 1 variable ++ * 1 1 2 4 variable 1 variable 1 + */ +-#define SOCKS4_CONN_MSG_LEN (9 + SOCKS4_MAX_LEN * 2) ++#define SOCKS4_CONN_MSG_LEN (10 + SOCKS4_MAX_LEN * 2) + static gint + set_connect_msg (guint8 *msg, + const gchar *hostname, +-- +GitLab + diff --git a/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch b/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch new file mode 100644 index 0000000..bbb35f1 --- /dev/null +++ b/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch @@ -0,0 +1,43 @@ +From 1196ac7af62887d48e4c2aabf9f1509c306178a5 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 22 Aug 2024 16:14:45 -0500 +Subject: [PATCH] gutils: Fix unlikely minor leaks in xdg directory functions + +We leak if we have a non-null empty string. This was already fixed for +g_build_user_data_dir() in 1a979ab4947fc259af01ea65263aaa4d417553fb +so now fix the others as well. +--- + glib/gutils.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/glib/gutils.c b/glib/gutils.c +index 057e2bcd73..8628a568da 100644 +--- a/glib/gutils.c ++++ b/glib/gutils.c +@@ -1940,6 +1940,7 @@ g_build_user_config_dir (void) + if (!config_dir || !config_dir[0]) + { + gchar *home_dir = g_build_home_dir (); ++ g_free (config_dir); + config_dir = g_build_filename (home_dir, ".config", NULL); + g_free (home_dir); + } +@@ -2003,6 +2004,7 @@ g_build_user_cache_dir (void) + if (!cache_dir || !cache_dir[0]) + { + gchar *home_dir = g_build_home_dir (); ++ g_free (cache_dir); + cache_dir = g_build_filename (home_dir, ".cache", NULL); + g_free (home_dir); + } +@@ -2065,6 +2067,7 @@ g_build_user_state_dir (void) + if (!state_dir || !state_dir[0]) + { + gchar *home_dir = g_build_home_dir (); ++ g_free (state_dir); + state_dir = g_build_filename (home_dir, ".local/state", NULL); + g_free (home_dir); + } +-- +GitLab + -- Gitee From c96ba6f39fb8291e0c4256b4cc82e4e37a9b1eb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 08:59:42 +0000 Subject: [PATCH 05/17] update glib2.spec. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- glib2.spec | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/glib2.spec b/glib2.spec index 4481d62..5a09d7a 100644 --- a/glib2.spec +++ b/glib2.spec @@ -1,6 +1,6 @@ Name: glib2 Version: 2.72.2 -Release: 14 +Release: 15 Summary: The core library that forms the basis for projects such as GTK+ and GNOME License: LGPLv2+ URL: http://www.gtk.org @@ -86,12 +86,6 @@ patch6084: backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-conn patch6085: backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch -https://gitlab.gnome.org/GNOME/glib/-/commit/066fefafa02c01256338c22d1138f8e74acb86b4 -https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 -https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e -https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 -https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 - BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson BuildRequires: systemtap-sdt-devel pkgconfig(libelf) pkgconfig(libffi) -- Gitee From 3a8f6c6b7e7556bd93b69dc1830ec8951ed6dba4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:06:28 +0000 Subject: [PATCH 06/17] update README. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- README | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README b/README index cddc6ae..96dc92f 100644 --- a/README +++ b/README @@ -1,6 +1 @@ See README.md -https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e -https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 -https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 -https://gitlab.gnome.org/GNOME/glib/-/commit/9f70c964a08d09ef82933126eeadb9a82fba92ef -https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 \ No newline at end of file -- Gitee From c7f1cb5d5340152dcd91f64b1ee6dba61bf6846d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:19:32 +0000 Subject: [PATCH 07/17] update patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...x-GFileEnumerator-leaks-in-gio-tools.patch | 134 ++++++------------ 1 file changed, 40 insertions(+), 94 deletions(-) diff --git a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch index 9a84f96..7adf7c7 100644 --- a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch +++ b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch @@ -1,106 +1,52 @@ -From 7c6b11df2d622f4ef83a16ea875e18334c38302e Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Tue, 10 Sep 2024 16:50:38 -0500 -Subject: [PATCH] giochannel: ensure line terminator remains nul-terminated if - needed +From 5b2da7ecb3b509f1a4d72284fdba025db1261d70 Mon Sep 17 00:00:00 2001 +From: correctmost <136447-correctmost@users.noreply.gitlab.gnome.org> +Date: Sat, 2 Nov 2024 17:06:37 -0400 +Subject: [PATCH] gio: Fix GFileEnumerator leaks in gio tools -If the user passes -1 length to g_io_channel_set_line_term() along with -a nul-terminated string, then calls g_io_channel_get_line_term() and -decides to treat the result as nul-terminated rather than checking the -length parameter, then the application will have a problem, because it's -not nul-terminated. That's weird, since the input string was. Let's -ensure the result is consistent: if you pass a nul-terminated string, -the result is nul-terminated. If not, it's not. - -Also add a warning to g_io_channel_get_line_term(), since it's very -strange for a gchar * return value to be anything other than a -nul-terminated UTF-8 string. This is an API design bug, but we cannot -fix it. --- - glib/giochannel.c | 28 +++++++++++++++++----------- - glib/tests/io-channel.c | 7 +++++++ - 2 files changed, 24 insertions(+), 11 deletions(-) + gio/gio-tool-list.c | 2 ++ + gio/gio-tool-trash.c | 2 ++ + gio/gio-tool-tree.c | 2 +- + 3 files changed, 5 insertions(+), 1 deletion(-) -diff --git a/glib/giochannel.c b/glib/giochannel.c -index b44fff35b1..e54aea2568 100644 ---- a/glib/giochannel.c -+++ b/glib/giochannel.c -@@ -877,26 +877,31 @@ g_io_channel_set_line_term (GIOChannel *channel, - const gchar *line_term, - gint length) - { -- guint length_unsigned; -- - g_return_if_fail (channel != NULL); - g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ +diff --git a/gio/gio-tool-list.c b/gio/gio-tool-list.c +index 0da86269d1..aafdb85af7 100644 +--- a/gio/gio-tool-list.c ++++ b/gio/gio-tool-list.c +@@ -157,6 +157,8 @@ list (GFile *file) + res = FALSE; + } -+ g_free (channel->line_term); ++ g_object_unref (enumerator); + - if (line_term == NULL) -- length_unsigned = 0; -+ { -+ channel->line_term = NULL; -+ channel->line_term_len = 0; -+ } - else if (length >= 0) -- length_unsigned = (guint) length; -+ { -+ /* We store the value nul-terminated even if the input is not */ -+ channel->line_term = g_malloc0 (length + 1); -+ memcpy (channel->line_term, line_term, length); -+ channel->line_term_len = (guint) length; -+ } - else - { -- /* FIXME: We’re constrained by line_term_len being a guint here */ -+ /* We’re constrained by line_term_len being a guint here */ - gsize length_size = strlen (line_term); - g_return_if_fail (length_size <= G_MAXUINT); -- length_unsigned = (guint) length_size; -+ channel->line_term = g_strdup (line_term); -+ channel->line_term_len = (guint) length_size; - } -- -- g_free (channel->line_term); -- channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; -- channel->line_term_len = length_unsigned; + return res; } - /** -@@ -906,7 +911,8 @@ g_io_channel_set_line_term (GIOChannel *channel, - * - * This returns the string that #GIOChannel uses to determine - * where in the file a line break occurs. A value of %NULL -- * indicates autodetection. -+ * indicates autodetection. Since 2.84, the return value is always -+ * nul-terminated. - * - * Returns: The line termination string. This value - * is owned by GLib and must not be freed. -diff --git a/glib/tests/io-channel.c b/glib/tests/io-channel.c -index c5dd01d04e..99879be1b1 100644 ---- a/glib/tests/io-channel.c -+++ b/glib/tests/io-channel.c -@@ -178,6 +178,8 @@ test_read_line_embedded_nuls (void) - GError *local_error = NULL; - gchar *line = NULL; - gsize line_length, terminator_pos; -+ const gchar *line_term; -+ gint line_term_length; - GIOStatus status; +diff --git a/gio/gio-tool-trash.c b/gio/gio-tool-trash.c +index 6e6137f2ad..65a29f8490 100644 +--- a/gio/gio-tool-trash.c ++++ b/gio/gio-tool-trash.c +@@ -204,6 +204,8 @@ trash_list (GFile *file, + res = FALSE; + } - g_test_summary ("Test that reading a line containing embedded nuls works " -@@ -200,6 +202,11 @@ test_read_line_embedded_nuls (void) - * Use length -1 here to exercise glib#2323; the case where length > 0 - * is covered in glib/tests/protocol.c. */ - g_io_channel_set_line_term (channel, "\n", -1); ++ g_object_unref (enumerator); + -+ line_term = g_io_channel_get_line_term (channel, &line_term_length); -+ g_assert_cmpstr (line_term, ==, "\n"); -+ g_assert_cmpint (line_term_length, ==, 1); -+ - g_io_channel_set_encoding (channel, NULL, &local_error); - g_assert_no_error (local_error); + return res; + } + +diff --git a/gio/gio-tool-tree.c b/gio/gio-tool-tree.c +index 28fad051f0..e26fb6a7a8 100644 +--- a/gio/gio-tool-tree.c ++++ b/gio/gio-tool-tree.c +@@ -106,7 +106,7 @@ do_tree (GFile *f, unsigned int level, guint64 pattern) + info_list = g_list_prepend (info_list, info); + } + } +- g_file_enumerator_close (enumerator, NULL, NULL); ++ g_object_unref (enumerator); + + info_list = g_list_sort (info_list, (GCompareFunc) sort_info_by_name); -- GitLab -- Gitee From 4c14218c3f959fa8e127abcb1d202bf5702ad576 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:20:43 +0000 Subject: [PATCH 08/17] update patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...tor-remains-nul-terminated-if-needed.patch | 134 ++++++++++++------ 1 file changed, 94 insertions(+), 40 deletions(-) diff --git a/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch index 7adf7c7..9a84f96 100644 --- a/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch +++ b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch @@ -1,52 +1,106 @@ -From 5b2da7ecb3b509f1a4d72284fdba025db1261d70 Mon Sep 17 00:00:00 2001 -From: correctmost <136447-correctmost@users.noreply.gitlab.gnome.org> -Date: Sat, 2 Nov 2024 17:06:37 -0400 -Subject: [PATCH] gio: Fix GFileEnumerator leaks in gio tools +From 7c6b11df2d622f4ef83a16ea875e18334c38302e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Tue, 10 Sep 2024 16:50:38 -0500 +Subject: [PATCH] giochannel: ensure line terminator remains nul-terminated if + needed +If the user passes -1 length to g_io_channel_set_line_term() along with +a nul-terminated string, then calls g_io_channel_get_line_term() and +decides to treat the result as nul-terminated rather than checking the +length parameter, then the application will have a problem, because it's +not nul-terminated. That's weird, since the input string was. Let's +ensure the result is consistent: if you pass a nul-terminated string, +the result is nul-terminated. If not, it's not. + +Also add a warning to g_io_channel_get_line_term(), since it's very +strange for a gchar * return value to be anything other than a +nul-terminated UTF-8 string. This is an API design bug, but we cannot +fix it. --- - gio/gio-tool-list.c | 2 ++ - gio/gio-tool-trash.c | 2 ++ - gio/gio-tool-tree.c | 2 +- - 3 files changed, 5 insertions(+), 1 deletion(-) + glib/giochannel.c | 28 +++++++++++++++++----------- + glib/tests/io-channel.c | 7 +++++++ + 2 files changed, 24 insertions(+), 11 deletions(-) -diff --git a/gio/gio-tool-list.c b/gio/gio-tool-list.c -index 0da86269d1..aafdb85af7 100644 ---- a/gio/gio-tool-list.c -+++ b/gio/gio-tool-list.c -@@ -157,6 +157,8 @@ list (GFile *file) - res = FALSE; - } +diff --git a/glib/giochannel.c b/glib/giochannel.c +index b44fff35b1..e54aea2568 100644 +--- a/glib/giochannel.c ++++ b/glib/giochannel.c +@@ -877,26 +877,31 @@ g_io_channel_set_line_term (GIOChannel *channel, + const gchar *line_term, + gint length) + { +- guint length_unsigned; +- + g_return_if_fail (channel != NULL); + g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ -+ g_object_unref (enumerator); ++ g_free (channel->line_term); + - return res; - } - -diff --git a/gio/gio-tool-trash.c b/gio/gio-tool-trash.c -index 6e6137f2ad..65a29f8490 100644 ---- a/gio/gio-tool-trash.c -+++ b/gio/gio-tool-trash.c -@@ -204,6 +204,8 @@ trash_list (GFile *file, - res = FALSE; + if (line_term == NULL) +- length_unsigned = 0; ++ { ++ channel->line_term = NULL; ++ channel->line_term_len = 0; ++ } + else if (length >= 0) +- length_unsigned = (guint) length; ++ { ++ /* We store the value nul-terminated even if the input is not */ ++ channel->line_term = g_malloc0 (length + 1); ++ memcpy (channel->line_term, line_term, length); ++ channel->line_term_len = (guint) length; ++ } + else + { +- /* FIXME: We’re constrained by line_term_len being a guint here */ ++ /* We’re constrained by line_term_len being a guint here */ + gsize length_size = strlen (line_term); + g_return_if_fail (length_size <= G_MAXUINT); +- length_unsigned = (guint) length_size; ++ channel->line_term = g_strdup (line_term); ++ channel->line_term_len = (guint) length_size; } - -+ g_object_unref (enumerator); -+ - return res; +- +- g_free (channel->line_term); +- channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; +- channel->line_term_len = length_unsigned; } -diff --git a/gio/gio-tool-tree.c b/gio/gio-tool-tree.c -index 28fad051f0..e26fb6a7a8 100644 ---- a/gio/gio-tool-tree.c -+++ b/gio/gio-tool-tree.c -@@ -106,7 +106,7 @@ do_tree (GFile *f, unsigned int level, guint64 pattern) - info_list = g_list_prepend (info_list, info); - } - } -- g_file_enumerator_close (enumerator, NULL, NULL); -+ g_object_unref (enumerator); + /** +@@ -906,7 +911,8 @@ g_io_channel_set_line_term (GIOChannel *channel, + * + * This returns the string that #GIOChannel uses to determine + * where in the file a line break occurs. A value of %NULL +- * indicates autodetection. ++ * indicates autodetection. Since 2.84, the return value is always ++ * nul-terminated. + * + * Returns: The line termination string. This value + * is owned by GLib and must not be freed. +diff --git a/glib/tests/io-channel.c b/glib/tests/io-channel.c +index c5dd01d04e..99879be1b1 100644 +--- a/glib/tests/io-channel.c ++++ b/glib/tests/io-channel.c +@@ -178,6 +178,8 @@ test_read_line_embedded_nuls (void) + GError *local_error = NULL; + gchar *line = NULL; + gsize line_length, terminator_pos; ++ const gchar *line_term; ++ gint line_term_length; + GIOStatus status; - info_list = g_list_sort (info_list, (GCompareFunc) sort_info_by_name); + g_test_summary ("Test that reading a line containing embedded nuls works " +@@ -200,6 +202,11 @@ test_read_line_embedded_nuls (void) + * Use length -1 here to exercise glib#2323; the case where length > 0 + * is covered in glib/tests/protocol.c. */ + g_io_channel_set_line_term (channel, "\n", -1); ++ ++ line_term = g_io_channel_get_line_term (channel, &line_term_length); ++ g_assert_cmpstr (line_term, ==, "\n"); ++ g_assert_cmpint (line_term_length, ==, 1); ++ + g_io_channel_set_encoding (channel, NULL, &local_error); + g_assert_no_error (local_error); -- GitLab -- Gitee From 89172be83e61877dfa3396da3ca55fcc3e022eee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:30:26 +0000 Subject: [PATCH 09/17] update patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch b/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch index bbb35f1..272276a 100644 --- a/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch +++ b/patch/backport-gutils-Fix-unlikely-minor-leaks-in-xdg-directory-functions.patch @@ -6,6 +6,10 @@ Subject: [PATCH] gutils: Fix unlikely minor leaks in xdg directory functions We leak if we have a non-null empty string. This was already fixed for g_build_user_data_dir() in 1a979ab4947fc259af01ea65263aaa4d417553fb so now fix the others as well. + +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/1196ac7af62887d48e4c2aabf9f1509c306178a5 + --- glib/gutils.c | 3 +++ 1 file changed, 3 insertions(+) -- Gitee From 443c4980b3f7a4256dc794e8c184fb48e7aa431d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:32:47 +0000 Subject: [PATCH 10/17] update patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...ix-a-single-byte-buffer-overflow-in-connect-messages.patch | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch index c677cfc..2e5765a 100644 --- a/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch +++ b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch @@ -19,6 +19,10 @@ is unlikely to be triggered in practice. (Commit message by Philip Withnall, diagnosis and fix by Michael Catanzaro.) + +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 + Fixes: #3461 --- gio/gsocks4aproxy.c | 4 ++-- -- Gitee From 32afafea51d27a650c0ca7a2fc274ae92bf9258a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:33:20 +0000 Subject: [PATCH 11/17] update patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...y-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch | 1 - 1 file changed, 1 deletion(-) diff --git a/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch index 2e5765a..ffec87b 100644 --- a/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch +++ b/patch/backport-gsocks4aproxy-Fix-a-single-byte-buffer-overflow-in-connect-messages.patch @@ -19,7 +19,6 @@ is unlikely to be triggered in practice. (Commit message by Philip Withnall, diagnosis and fix by Michael Catanzaro.) - Conflict:NA Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/25833cefda24c60af913d6f2d532b5afd608b821 -- Gitee From b84e7911486c4ab032729237b6d027c9e64c2138 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:34:19 +0000 Subject: [PATCH 12/17] update patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...ure-line-terminator-remains-nul-terminated-if-needed.patch | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch index 9a84f96..1b1164b 100644 --- a/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch +++ b/patch/backport-giochannel-ensure-line-terminator-remains-nul-terminated-if-needed.patch @@ -16,6 +16,10 @@ Also add a warning to g_io_channel_get_line_term(), since it's very strange for a gchar * return value to be anything other than a nul-terminated UTF-8 string. This is an API design bug, but we cannot fix it. + +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/7c6b11df2d622f4ef83a16ea875e18334c38302e + --- glib/giochannel.c | 28 +++++++++++++++++----------- glib/tests/io-channel.c | 7 +++++++ -- Gitee From e90cbe339b68ef8930babf729823d6827f8b1870 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:35:10 +0000 Subject: [PATCH 13/17] update patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- .../backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch index 7adf7c7..ef11cbb 100644 --- a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch +++ b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch @@ -3,6 +3,9 @@ From: correctmost <136447-correctmost@users.noreply.gitlab.gnome.org> Date: Sat, 2 Nov 2024 17:06:37 -0400 Subject: [PATCH] gio: Fix GFileEnumerator leaks in gio tools +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/5b2da7ecb3b509f1a4d72284fdba025db1261d70 + --- gio/gio-tool-list.c | 2 ++ gio/gio-tool-trash.c | 2 ++ @@ -50,4 +53,3 @@ index 28fad051f0..e26fb6a7a8 100644 -- GitLab - -- Gitee From 84530c69893f7a58f1699b2fb0644c4a69bacb19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:39:17 +0000 Subject: [PATCH 14/17] update patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch | 1 + 1 file changed, 1 insertion(+) diff --git a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch index ef11cbb..21ef422 100644 --- a/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch +++ b/patch/backport-gio-Fix-GFileEnumerator-leaks-in-gio-tools.patch @@ -53,3 +53,4 @@ index 28fad051f0..e26fb6a7a8 100644 -- GitLab + -- Gitee From 42ef32ceea6ee77f78082d4af544f602ef1629f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:41:17 +0000 Subject: [PATCH 15/17] update patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...rn-value-on-UTF-8-validation-failure.patch | 86 +++++++++++++++++++ 1 file changed, 86 insertions(+) diff --git a/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch index 4ca8327..43fb48e 100644 --- a/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch +++ b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch @@ -9,6 +9,10 @@ Content-Transfer-Encoding: 8bit It won’t get compiled out with `G_DISABLE_ASSERT`. + +Conflict:NA +Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/066fefafa02c01256338c22d1138f8e74acb86b4 + Signed-off-by: Philip Withnall --- gio/tests/data-input-stream.c | 8 ++++---- @@ -51,3 +55,85 @@ index 8a1e8fb288..6934817773 100644 -- GitLab +From 9f70c964a08d09ef82933126eeadb9a82fba92ef Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Sat, 12 Oct 2024 13:02:27 +0100 +Subject: [PATCH 2/2] gdatainputstream: Fix length return value on UTF-8 + validation failure +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The method was correctly returning an error from +`g_data_input_stream_read_line_utf8()` if the line contained invalid +UTF-8, but it wasn鈥檛 correctly setting the returned line length to 0. +This could have caused problems if callers were basing subsequent logic +on the length and not the return value nullness or `GError`. + +Signed-off-by: Philip Withnall + +oss-fuzz#372819437 +--- + gio/gdatainputstream.c | 4 ++++ + gio/tests/data-input-stream.c | 18 ++++++++++++++++-- + 2 files changed, 20 insertions(+), 2 deletions(-) + +diff --git a/gio/gdatainputstream.c b/gio/gdatainputstream.c +index ce61759510..ef728f006e 100644 +--- a/gio/gdatainputstream.c ++++ b/gio/gdatainputstream.c +@@ -840,7 +840,11 @@ g_data_input_stream_read_line_utf8 (GDataInputStream *stream, + g_set_error_literal (error, G_CONVERT_ERROR, + G_CONVERT_ERROR_ILLEGAL_SEQUENCE, + _("Invalid byte sequence in conversion input")); ++ ++ if (length != NULL) ++ *length = 0; + g_free (res); ++ + return NULL; + } + return res; +diff --git a/gio/tests/data-input-stream.c b/gio/tests/data-input-stream.c +index 6934817773..11c997bceb 100644 +--- a/gio/tests/data-input-stream.c ++++ b/gio/tests/data-input-stream.c +@@ -174,8 +174,17 @@ test_read_lines_LF_valid_utf8 (void) + gsize length = -1; + line = g_data_input_stream_read_line_utf8 (G_DATA_INPUT_STREAM (stream), &length, NULL, &error); + g_assert_no_error (error); ++ + if (line == NULL) +- break; ++ { ++ g_assert_cmpuint (length, ==, 0); ++ break; ++ } ++ else ++ { ++ g_assert_cmpuint (length, >, 0); ++ } ++ + n_lines++; + g_free (line); + } +@@ -207,11 +216,16 @@ test_read_lines_LF_invalid_utf8 (void) + gsize length = -1; + line = g_data_input_stream_read_line_utf8 (G_DATA_INPUT_STREAM (stream), &length, NULL, &error); + if (n_lines == 0) +- g_assert_no_error (error); ++ { ++ /* First line is valid UTF-8 */ ++ g_assert_no_error (error); ++ g_assert_cmpuint (length, ==, 3); ++ } + else + { + g_assert_error (error, G_CONVERT_ERROR, G_CONVERT_ERROR_ILLEGAL_SEQUENCE); + g_clear_error (&error); ++ g_assert_cmpuint (length, ==, 0); + g_free (line); + break; + } +-- +GitLab -- Gitee From 9fbd885f5975ac70fd647e1814b12a92cc5c0a66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:41:53 +0000 Subject: [PATCH 16/17] update patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- ...eam-Fix-length-return-value-on-UTF-8-validation-failure.patch | 1 + 1 file changed, 1 insertion(+) diff --git a/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch index 43fb48e..aea82c0 100644 --- a/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch +++ b/patch/backport-gdatainputstream-Fix-length-return-value-on-UTF-8-validation-failure.patch @@ -137,3 +137,4 @@ index 6934817773..11c997bceb 100644 } -- GitLab + -- Gitee From 6180ae78a426ea3b69a184ab0afac412621ccc6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E9=A5=BC=E5=B9=B2?= <3364917990@qq.com> Date: Sun, 15 Dec 2024 09:48:56 +0000 Subject: [PATCH 17/17] update glib2.spec. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 小饼干 <3364917990@qq.com> --- glib2.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/glib2.spec b/glib2.spec index 5a09d7a..1f17f43 100644 --- a/glib2.spec +++ b/glib2.spec @@ -271,7 +271,7 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %endif %changelog -* Wed Dec 15 2024 wangdingbang - 2.72.2-15 +* Sun Dec 15 2024 wangdingbang - 2.72.2-15 - Type:bugfix - CVE:NA - SUG:NA -- Gitee