diff --git a/backport-0001-CVE-2021-28153.patch b/backport-0001-CVE-2021-28153.patch deleted file mode 100644 index 95cda13981543d86e63bd3e576e318ebf460fcce..0000000000000000000000000000000000000000 --- a/backport-0001-CVE-2021-28153.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 78420a75aeb70569a8cd79fa0fea7b786b6f785f Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:33:38 +0000 -Subject: [PATCH 1/5] glocalfileoutputstream: Fix a typo in a comment - -Signed-off-by: Philip Withnall - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/01c5468e10707cbf78e6e83bbcf1ce9c866f2885 ---- - gio/glocalfileoutputstream.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index f34c3e439..e3d31d6b3 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -854,7 +854,7 @@ handle_overwrite_open (const char *filename, - mode = mode_from_flags_or_info (flags, reference_info); - - /* We only need read access to the original file if we are creating a backup. -- * We also add O_CREATE to avoid a race if the file was just removed */ -+ * We also add O_CREAT to avoid a race if the file was just removed */ - if (create_backup || readable) - open_flags = O_RDWR | O_CREAT | O_BINARY; - else --- -GitLab diff --git a/backport-0002-CVE-2021-28153.patch b/backport-0002-CVE-2021-28153.patch deleted file mode 100644 index fbfc9f0269102e530a8a6593e2351af087eff076..0000000000000000000000000000000000000000 --- a/backport-0002-CVE-2021-28153.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 32d3d02a50e7dcec5f4cf7908e7ac88d575d8fc5 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:34:32 +0000 -Subject: [PATCH 2/5] tests: Stop using g_test_bug_base() in file tests -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Since a following commit is going to add a new test which references -Gitlab, so it鈥檚 best to move the URI bases inside the test cases. - -Signed-off-by: Philip Withnall - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/01c5468e10707cbf78e6e83bbcf1ce9c866f2885 ---- - gio/tests/file.c | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/gio/tests/file.c b/gio/tests/file.c -index d8769656c..39d51dadb 100644 ---- a/gio/tests/file.c -+++ b/gio/tests/file.c -@@ -686,7 +686,7 @@ test_replace_cancel (void) - guint count; - GError *error = NULL; - -- g_test_bug ("629301"); -+ g_test_bug ("https://bugzilla.gnome.org/629301"); - - path = g_dir_make_tmp ("g_file_replace_cancel_XXXXXX", &error); - g_assert_no_error (error); -@@ -1785,8 +1785,6 @@ main (int argc, char *argv[]) - { - g_test_init (&argc, &argv, NULL); - -- g_test_bug_base ("http://bugzilla.gnome.org/"); -- - g_test_add_func ("/file/basic", test_basic); - g_test_add_func ("/file/build-filename", test_build_filename); - g_test_add_func ("/file/parent", test_parent); --- -GitLab diff --git a/backport-0003-CVE-2021-28153.patch b/backport-0003-CVE-2021-28153.patch deleted file mode 100644 index 3af74bffc1010d6333f62e62972ea1937723dd93..0000000000000000000000000000000000000000 --- a/backport-0003-CVE-2021-28153.patch +++ /dev/null @@ -1,59 +0,0 @@ -From ce0eb088a68171eed3ac217cb92a72e36eb57d1b Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 10 Mar 2021 16:05:55 +0000 -Subject: [PATCH 3/5] glocalfileoutputstream: Factor out a flag check - -This clarifies the code a little. It introduces no functional changes. - -Signed-off-by: Philip Withnall - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/01c5468e10707cbf78e6e83bbcf1ce9c866f2885 ---- - gio/glocalfileoutputstream.c | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index beb8fee..8b087f7 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -847,6 +847,7 @@ handle_overwrite_open (const char *filename, - int res; - int mode; - int errsv; -+ gboolean replace_destination_set = (flags & G_FILE_CREATE_REPLACE_DESTINATION); - - mode = mode_from_flags_or_info (flags, reference_info); - -@@ -953,8 +954,8 @@ handle_overwrite_open (const char *filename, - * The second strategy consist simply in copying the old file - * to a backup file and rewrite the contents of the file. - */ -- -- if ((flags & G_FILE_CREATE_REPLACE_DESTINATION) || -+ -+ if (replace_destination_set || - (!(original_stat.st_nlink > 1) && !is_symlink)) - { - char *dirname, *tmp_filename; -@@ -973,7 +974,7 @@ handle_overwrite_open (const char *filename, - - /* try to keep permissions (unless replacing) */ - -- if ( ! (flags & G_FILE_CREATE_REPLACE_DESTINATION) && -+ if (!replace_destination_set && - ( - #ifdef HAVE_FCHOWN - fchown (tmpfd, original_stat.st_uid, original_stat.st_gid) == -1 || -@@ -1112,7 +1113,7 @@ handle_overwrite_open (const char *filename, - } - } - -- if (flags & G_FILE_CREATE_REPLACE_DESTINATION) -+ if (replace_destination_set) - { - g_close (fd, NULL); - --- -2.23.0 - diff --git a/backport-0004-CVE-2021-28153.patch b/backport-0004-CVE-2021-28153.patch deleted file mode 100644 index df0f68f45ea9bf534199dc7e619542ed292ba7f1..0000000000000000000000000000000000000000 --- a/backport-0004-CVE-2021-28153.patch +++ /dev/null @@ -1,283 +0,0 @@ -From 317b3b587058a05dca95d56dac26568c5b098d33 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:36:07 +0000 -Subject: [PATCH 4/5] glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION - with symlinks -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking -the destination file and re-creating it from scratch. That did -previously work, but in the process the code would call `open(O_CREAT)` -on the file. If the file was a dangling symlink, this would create the -destination file (empty). That鈥檚 not an intended side-effect, and has -security implications if the symlink is controlled by a lower-privileged -process. - -Fix that by not opening the destination file if it鈥檚 a symlink, and -adjusting the rest of the code to cope with - - the fact that `fd == -1` is not an error iff `is_symlink` is true, - - and that `original_stat` will contain the `lstat()` results for the - symlink now, rather than the `stat()` results for its target (again, - iff `is_symlink` is true). - -This means that the target of the dangling symlink is no longer created, -which was the bug. The symlink itself continues to be replaced (as -before) with the new file 鈥� this is the intended behaviour of -`g_file_replace()`. - -The behaviour for non-symlink cases, or cases where the symlink was not -dangling, should be unchanged. - -Includes a unit test. - -Signed-off-by: Philip Withnall - -Fixes: #2325 - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/01c5468e10707cbf78e6e83bbcf1ce9c866f2885 - ---- - gio/glocalfileoutputstream.c | 65 +++++++++++++++------ - gio/tests/file.c | 108 +++++++++++++++++++++++++++++++++++ - 2 files changed, 156 insertions(+), 17 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index 8b087f7..e6edb5e 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -875,16 +875,22 @@ handle_overwrite_open (const char *filename, - /* Could be a symlink, or it could be a regular ELOOP error, - * but then the next open will fail too. */ - is_symlink = TRUE; -- fd = g_open (filename, open_flags, mode); -+ if (!replace_destination_set) -+ fd = g_open (filename, open_flags, mode); - } --#else -- fd = g_open (filename, open_flags, mode); -- errsv = errno; -+#else /* if !O_NOFOLLOW */ - /* This is racy, but we do it as soon as possible to minimize the race */ - is_symlink = g_file_test (filename, G_FILE_TEST_IS_SYMLINK); -+ -+ if (!is_symlink || !replace_destination_set) -+ { -+ fd = g_open (filename, open_flags, mode); -+ errsv = errno; -+ } - #endif - -- if (fd == -1) -+ if (fd == -1 && -+ (!is_symlink || !replace_destination_set)) - { - char *display_name = g_filename_display_name (filename); - g_set_error (error, G_IO_ERROR, -@@ -894,13 +900,26 @@ handle_overwrite_open (const char *filename, - g_free (display_name); - return -1; - } -- -+ -+ if (!is_symlink) -+ { - #ifdef G_OS_WIN32 -- res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat); -+ res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat); - #else -- res = fstat (fd, &original_stat); -+ res = fstat (fd, &original_stat); - #endif -- errsv = errno; -+ errsv = errno; -+ } -+ else -+ { -+#ifdef G_OS_WIN32 -+ res = GLIB_PRIVATE_CALL (g_win32_fstat) (filename, &original_stat); -+#else -+ res = fstat (filename, &original_stat); -+#endif -+ errsv = errno; -+ } -+ - - if (res != 0) - { -@@ -917,16 +936,27 @@ handle_overwrite_open (const char *filename, - if (!S_ISREG (original_stat.st_mode)) - { - if (S_ISDIR (original_stat.st_mode)) -- g_set_error_literal (error, -- G_IO_ERROR, -- G_IO_ERROR_IS_DIRECTORY, -- _("Target file is a directory")); -- else -- g_set_error_literal (error, -+ { -+ g_set_error_literal (error, -+ G_IO_ERROR, -+ G_IO_ERROR_IS_DIRECTORY, -+ _("Target file is a directory")); -+ goto err_out; -+ } -+ else if (!is_symlink || -+#ifdef S_ISLNK -+ !S_ISLNK (original_stat.st_mode) -+#else -+ FALSE -+#endif -+ ) -+ { -+ g_set_error_literal (error, - G_IO_ERROR, - G_IO_ERROR_NOT_REGULAR_FILE, - _("Target file is not a regular file")); -- goto err_out; -+ goto err_out; -+ } - } - - if (etag != NULL) -@@ -1007,7 +1037,8 @@ handle_overwrite_open (const char *filename, - } - } - -- g_close (fd, NULL); -+ if (fd >= 0) -+ g_close (fd, NULL); - *temp_filename = tmp_filename; - return tmpfd; - } -diff --git a/gio/tests/file.c b/gio/tests/file.c -index d51ac6d..51b665f 100644 ---- a/gio/tests/file.c -+++ b/gio/tests/file.c -@@ -804,6 +804,113 @@ test_replace_cancel (void) - g_object_unref (tmpdir); - } - -+static void -+test_replace_symlink (void) -+{ -+#ifdef G_OS_UNIX -+ gchar *tmpdir_path = NULL; -+ GFile *tmpdir = NULL, *source_file = NULL, *target_file = NULL; -+ GFileOutputStream *stream = NULL; -+ const gchar *new_contents = "this is a test message which should be written to source and not target"; -+ gsize n_written; -+ GFileEnumerator *enumerator = NULL; -+ GFileInfo *info = NULL; -+ gchar *contents = NULL; -+ gsize length = 0; -+ GError *local_error = NULL; -+ -+ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/2325"); -+ g_test_summary ("Test that G_FILE_CREATE_REPLACE_DESTINATION doesn’t follow symlinks"); -+ -+ /* Create a fresh, empty working directory. */ -+ tmpdir_path = g_dir_make_tmp ("g_file_replace_symlink_XXXXXX", &local_error); -+ g_assert_no_error (local_error); -+ tmpdir = g_file_new_for_path (tmpdir_path); -+ -+ g_test_message ("Using temporary directory %s", tmpdir_path); -+ g_free (tmpdir_path); -+ -+ /* Create symlink `source` which points to `target`. */ -+ source_file = g_file_get_child (tmpdir, "source"); -+ target_file = g_file_get_child (tmpdir, "target"); -+ g_file_make_symbolic_link (source_file, "target", NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ /* Ensure that `target` doesn’t exist */ -+ g_assert_false (g_file_query_exists (target_file, NULL)); -+ -+ /* Replace the `source` symlink with a regular file using -+ * %G_FILE_CREATE_REPLACE_DESTINATION, which should replace it *without* -+ * following the symlink */ -+ stream = g_file_replace (source_file, NULL, FALSE /* no backup */, -+ G_FILE_CREATE_REPLACE_DESTINATION, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_output_stream_write_all (G_OUTPUT_STREAM (stream), new_contents, strlen (new_contents), -+ &n_written, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_cmpint (n_written, ==, strlen (new_contents)); -+ -+ g_output_stream_close (G_OUTPUT_STREAM (stream), NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_clear_object (&stream); -+ -+ /* At this point, there should still only be one file: `source`. It should -+ * now be a regular file. `target` should not exist. */ -+ enumerator = g_file_enumerate_children (tmpdir, -+ G_FILE_ATTRIBUTE_STANDARD_NAME "," -+ G_FILE_ATTRIBUTE_STANDARD_TYPE, -+ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_nonnull (info); -+ -+ g_assert_cmpstr (g_file_info_get_name (info), ==, "source"); -+ g_assert_cmpint (g_file_info_get_file_type (info), ==, G_FILE_TYPE_REGULAR); -+ -+ g_clear_object (&info); -+ -+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_assert_null (info); -+ -+ g_file_enumerator_close (enumerator, NULL, &local_error); -+ g_assert_no_error (local_error); -+ g_clear_object (&enumerator); -+ -+ /* Double-check that `target` doesn’t exist */ -+ g_assert_false (g_file_query_exists (target_file, NULL)); -+ -+ /* Check the content of `source`. */ -+ g_file_load_contents (source_file, -+ NULL, -+ &contents, -+ &length, -+ NULL, -+ &local_error); -+ g_assert_no_error (local_error); -+ g_assert_cmpstr (contents, ==, new_contents); -+ g_assert_cmpuint (length, ==, strlen (new_contents)); -+ g_free (contents); -+ -+ /* Tidy up. */ -+ g_file_delete (source_file, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_file_delete (tmpdir, NULL, &local_error); -+ g_assert_no_error (local_error); -+ -+ g_clear_object (&target_file); -+ g_clear_object (&source_file); -+ g_clear_object (&tmpdir); -+#else /* if !G_OS_UNIX */ -+ g_test_skip ("Symlink replacement tests can only be run on Unix") -+#endif -+} -+ - static void - on_file_deleted (GObject *object, - GAsyncResult *result, -@@ -1752,6 +1859,7 @@ main (int argc, char *argv[]) - g_test_add_data_func ("/file/async-create-delete/4096", GINT_TO_POINTER (4096), test_create_delete); - g_test_add_func ("/file/replace-load", test_replace_load); - g_test_add_func ("/file/replace-cancel", test_replace_cancel); -+ g_test_add_func ("/file/replace-symlink", test_replace_symlink); - g_test_add_func ("/file/async-delete", test_async_delete); - #ifdef G_OS_UNIX - g_test_add_func ("/file/copy-preserve-mode", test_copy_preserve_mode); --- -2.23.0 - diff --git a/backport-0005-CVE-2021-28153.patch b/backport-0005-CVE-2021-28153.patch deleted file mode 100644 index 2e819beb4b690d8f46acbcc761f91a48e99c83bb..0000000000000000000000000000000000000000 --- a/backport-0005-CVE-2021-28153.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 6c6439261bc7a8a0627519848a7222b3e1bd4ffe Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 24 Feb 2021 17:42:24 +0000 -Subject: [PATCH 5/5] glocalfileoutputstream: Add a missing O_CLOEXEC flag to - replace() - -Signed-off-by: Philip Withnall - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/01c5468e10707cbf78e6e83bbcf1ce9c866f2885 ---- - gio/glocalfileoutputstream.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c -index a2c7e3cc0..4c512ea81 100644 ---- a/gio/glocalfileoutputstream.c -+++ b/gio/glocalfileoutputstream.c -@@ -63,6 +63,12 @@ - #define O_BINARY 0 - #endif - -+#ifndef O_CLOEXEC -+#define O_CLOEXEC 0 -+#else -+#define HAVE_O_CLOEXEC 1 -+#endif -+ - struct _GLocalFileOutputStreamPrivate { - char *tmp_filename; - char *original_filename; -@@ -1239,7 +1245,7 @@ _g_local_file_output_stream_replace (const char *filename, - sync_on_close = FALSE; - - /* If the file doesn't exist, create it */ -- open_flags = O_CREAT | O_EXCL | O_BINARY; -+ open_flags = O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC; - if (readable) - open_flags |= O_RDWR; - else -@@ -1269,8 +1275,11 @@ _g_local_file_output_stream_replace (const char *filename, - set_error_from_open_errno (filename, error); - return NULL; - } -- -- -+#if !defined(HAVE_O_CLOEXEC) && defined(F_SETFD) -+ else -+ fcntl (fd, F_SETFD, FD_CLOEXEC); -+#endif -+ - stream = g_object_new (G_TYPE_LOCAL_FILE_OUTPUT_STREAM, NULL); - stream->priv->fd = fd; - stream->priv->sync_on_close = sync_on_close; --- -GitLab diff --git a/backport-CVE-2020-35457.patch b/backport-CVE-2020-35457.patch deleted file mode 100644 index 66b1b281e638f2653e62fdedc742ebf4fbcfecf6..0000000000000000000000000000000000000000 --- a/backport-CVE-2020-35457.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 2 Sep 2020 12:38:09 +0100 -Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list - overflow -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -reason:Add a precondition to avoid GOptionEntry list overflow -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d - -Signed-off-by: Philip Withnall - -Fixes: #2197 ---- - glib/goption.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/glib/goption.c b/glib/goption.c -index 9f5b977c4..bb9093a33 100644 ---- a/glib/goption.c -+++ b/glib/goption.c -@@ -2422,6 +2422,8 @@ g_option_group_add_entries (GOptionGroup *group, - - for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ; - -+ g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries); -+ - group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries); - - /* group->entries could be NULL in the trivial case where we add no --- -GitLab - diff --git a/backport-CVE-2021-27218.patch b/backport-CVE-2021-27218.patch deleted file mode 100644 index 86f4cdb1c9bb6f7ed10dda6d4babbaea483079a3..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-27218.patch +++ /dev/null @@ -1,60 +0,0 @@ -From acb7b0ec69f26a7df10af3992359890b09f076e8 Mon Sep 17 00:00:00 2001 -From: Krzesimir Nowak -Date: Wed, 10 Feb 2021 23:51:07 +0100 -Subject: [PATCH] gbytearray: Do not accept too large byte arrays - -GByteArray uses guint for storing the length of the byte array, but it -also has a constructor (g_byte_array_new_take) that takes length as a -gsize. gsize may be larger than guint (64 bits for gsize vs 32 bits -for guint). It is possible to call the function with a value greater -than G_MAXUINT, which will result in silent length truncation. This -may happen as a result of unreffing GBytes into GByteArray, so rather -be loud about it. - -(Test case tweaked by Philip Withnall.) ---- - glib/garray.c | 6 ++++++ - glib/gbytes.c | 4 ++++ - 2 files changed, 10 insertions(+) - -diff --git a/glib/garray.c b/glib/garray.c -index de720210c..2b66f16a6 100644 ---- a/glib/garray.c -+++ b/glib/garray.c -@@ -2261,6 +2261,10 @@ g_byte_array_steal (GByteArray *array, - * Create byte array containing the data. The data will be owned by the array - * and will be freed with g_free(), i.e. it could be allocated using g_strdup(). - * -+ * Do not use it if @len is greater than %G_MAXUINT. #GByteArray -+ * stores the length of its data in #guint, which may be shorter than -+ * #gsize. -+ * - * Since: 2.32 - * - * Returns: (transfer full): a new #GByteArray -@@ -2272,6 +2276,8 @@ g_byte_array_new_take (guint8 *data, - GByteArray *array; - GRealArray *real; - -+ g_return_val_if_fail (len <= G_MAXUINT, NULL); -+ - array = g_byte_array_new (); - real = (GRealArray *)array; - g_assert (real->data == NULL); -diff --git a/glib/gbytes.c b/glib/gbytes.c -index 00fd79155..aaadf451b 100644 ---- a/glib/gbytes.c -+++ b/glib/gbytes.c -@@ -519,6 +519,10 @@ g_bytes_unref_to_data (GBytes *bytes, - * g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes(). In all - * other cases the data is copied. - * -+ * Do not use it if @bytes contains more than %G_MAXUINT -+ * bytes. #GByteArray stores the length of its data in #guint, which -+ * may be shorter than #gsize, that @bytes is using. -+ * - * Returns: (transfer full): a new mutable #GByteArray containing the same byte data - * - * Since: 2.32 --- -GitLab diff --git a/backport-CVE-2021-27219.patch b/backport-CVE-2021-27219.patch deleted file mode 100644 index 8420bd7bf7e518c369fbd7c2e642a8131272d008..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-27219.patch +++ /dev/null @@ -1,808 +0,0 @@ -From f8cf0b8672209e0b829542e194e302f1de169929 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 4 Feb 2021 13:30:52 +0000 -Subject: [PATCH 01/11] gstrfuncs: Add g_memdup2() function - -This will replace the existing `g_memdup()` function, which has an -unavoidable security flaw of taking its `byte_size` argument as a -`guint` rather than as a `gsize`. Most callers will expect it to be a -`gsize`, and may pass in large values which could silently be truncated, -resulting in an undersize allocation compared to what the caller -expects. - -This could lead to a classic buffer overflow vulnerability for many -callers of `g_memdup()`. - -`g_memdup2()`, in comparison, takes its `byte_size` as a `gsize`. - -Spotted by Kevin Backhouse of GHSL. - -Signed-off-by: Philip Withnall -Helps: GHSL-2021-045 -Helps: #2319 - -reason:Fix CVE-2021-27219 - -Conflict:NA -Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/20cfc75d148e3be0c026cc7eff3a9cdb72bf5c56 - -diff -Naur a/docs/reference/glib/glib-sections.txt b/docs/reference/glib/glib-sections.txt ---- a/docs/reference/glib/glib-sections.txt 2021-03-06 09:46:03.657000000 +0800 -+++ b/docs/reference/glib/glib-sections.txt 2021-03-05 14:58:36.022000000 +0800 -@@ -1275,6 +1275,7 @@ - - g_memmove - g_memdup -+g_memdup2 - - - GMemVTable -diff -Naur a/gio/gdatainputstream.c b/gio/gdatainputstream.c ---- a/gio/gdatainputstream.c 2021-03-06 09:46:03.661000000 +0800 -+++ b/gio/gdatainputstream.c 2021-03-05 15:10:26.335000000 +0800 -@@ -856,7 +856,7 @@ - scan_for_chars (GDataInputStream *stream, - gsize *checked_out, - const char *stop_chars, -- gssize stop_chars_len) -+ gsize stop_chars_len) - { - GBufferedInputStream *bstream; - const char *buffer; -@@ -952,7 +952,7 @@ - gsize checked; - - gchar *stop_chars; -- gssize stop_chars_len; -+ gsize stop_chars_len; - gsize length; - } GDataInputStreamReadData; - -@@ -1078,12 +1078,16 @@ - { - GDataInputStreamReadData *data; - GTask *task; -+ gsize stop_chars_len_unsigned; - - data = g_slice_new0 (GDataInputStreamReadData); -- if (stop_chars_len == -1) -- stop_chars_len = strlen (stop_chars); -- data->stop_chars = g_memdup (stop_chars, stop_chars_len); -- data->stop_chars_len = stop_chars_len; -+ if (stop_chars_len < 0) -+ stop_chars_len_unsigned = strlen (stop_chars); -+ else -+ stop_chars_len_unsigned = (gsize) stop_chars_len; -+ -+ data->stop_chars = g_memdup2 (stop_chars, stop_chars_len_unsigned); -+ data->stop_chars_len = stop_chars_len_unsigned; - data->last_saw_cr = FALSE; - - task = g_task_new (stream, cancellable, callback, user_data); -@@ -1338,17 +1342,20 @@ - gssize found_pos; - gssize res; - char *data_until; -+ gsize stop_chars_len_unsigned; - - g_return_val_if_fail (G_IS_DATA_INPUT_STREAM (stream), NULL); - - if (stop_chars_len < 0) -- stop_chars_len = strlen (stop_chars); -+ stop_chars_len_unsigned = strlen (stop_chars); -+ else -+ stop_chars_len_unsigned = (gsize) stop_chars_len; - - bstream = G_BUFFERED_INPUT_STREAM (stream); - - checked = 0; - -- while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len)) == -1) -+ while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len_unsigned)) == -1) - { - if (g_buffered_input_stream_get_available (bstream) == - g_buffered_input_stream_get_buffer_size (bstream)) -diff -Naur a/gio/gdbusconnection.c b/gio/gdbusconnection.c ---- a/gio/gdbusconnection.c 2021-03-06 09:46:03.663000000 +0800 -+++ b/gio/gdbusconnection.c 2021-03-05 15:14:19.973000000 +0800 -@@ -3997,7 +3997,7 @@ - /* Don't waste memory by copying padding - remember to update this - * when changing struct _GDBusInterfaceVTable in gdbusconnection.h - */ -- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); -+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); - } - - static void -@@ -4014,7 +4014,7 @@ - /* Don't waste memory by copying padding - remember to update this - * when changing struct _GDBusSubtreeVTable in gdbusconnection.h - */ -- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer)); -+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer)); - } - - static void -diff -Naur a/gio/gdbusinterfaceskeleton.c b/gio/gdbusinterfaceskeleton.c ---- a/gio/gdbusinterfaceskeleton.c 2021-03-06 09:46:03.663000000 +0800 -+++ b/gio/gdbusinterfaceskeleton.c 2021-03-05 15:36:52.369000000 +0800 -@@ -701,7 +701,7 @@ - * properly before building the hooked_vtable, so we create it - * once at the last minute. - */ -- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); -+ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable)); - interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call; - } - -diff -Naur a/gio/gfile.c b/gio/gfile.c ---- a/gio/gfile.c 2021-03-06 09:46:03.666000000 +0800 -+++ b/gio/gfile.c 2021-03-05 15:44:25.759000000 +0800 -@@ -7884,7 +7884,7 @@ - g_main_context_invoke_full (g_task_get_context (task), - g_task_get_priority (task), - measure_disk_usage_invoke_progress, -- g_memdup (&progress, sizeof progress), -+ g_memdup2 (&progress, sizeof progress), - g_free); - } - -@@ -7902,7 +7902,7 @@ - data->progress_callback ? measure_disk_usage_progress : NULL, task, - &result.disk_usage, &result.num_dirs, &result.num_files, - &error)) -- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free); -+ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free); - else - g_task_return_error (task, error); - } -@@ -7926,7 +7926,7 @@ - - task = g_task_new (file, cancellable, callback, user_data); - g_task_set_source_tag (task, g_file_real_measure_disk_usage_async); -- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free); -+ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free); - g_task_set_priority (task, io_priority); - - g_task_run_in_thread (task, measure_disk_usage_thread); -diff -Naur a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c ---- a/gio/gkeyfilesettingsbackend.c 2021-03-06 09:46:03.670000000 +0800 -+++ b/gio/gkeyfilesettingsbackend.c 2021-03-05 17:24:26.933000000 +0800 -@@ -145,8 +145,8 @@ - gchar **group, - gchar **basename) - { -- gint key_len = strlen (key); -- gint i; -+ gsize key_len = strlen (key); -+ const gchar *last_slash; - - if (key_len < kfsb->prefix_len || - memcmp (key, kfsb->prefix, kfsb->prefix_len) != 0) -@@ -155,38 +155,36 @@ - key_len -= kfsb->prefix_len; - key += kfsb->prefix_len; - -- for (i = key_len; i >= 0; i--) -- if (key[i] == '/') -- break; -+ last_slash = strrchr (key, '/'); - - if (kfsb->root_group) - { - /* if a root_group was specified, make sure the user hasn't given - * a path that ghosts that group name - */ -- if (i == kfsb->root_group_len && memcmp (key, kfsb->root_group, i) == 0) -+ if (last_slash != NULL && (last_slash - key) == kfsb->root_group_len && memcmp (key, kfsb->root_group, last_slash - key) == 0) - return FALSE; - } - else - { - /* if no root_group was given, ensure that the user gave a path */ -- if (i == -1) -+ if (last_slash == NULL) - return FALSE; - } - - if (group) - { -- if (i >= 0) -+ if (last_slash != NULL) - { -- *group = g_memdup (key, i + 1); -- (*group)[i] = '\0'; -+ *group = g_memdup2 (key, (last_slash - key) + 1); -+ (*group)[(last_slash - key)] = '\0'; - } - else - *group = g_strdup (kfsb->root_group); - } - - if (basename) -- *basename = g_memdup (key + i + 1, key_len - i); -+ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key)); - - return TRUE; - } -diff -Naur a/gio/gsettingsschema.c b/gio/gsettingsschema.c ---- a/gio/gsettingsschema.c 2021-03-06 09:46:03.675000000 +0800 -+++ b/gio/gsettingsschema.c 2021-03-05 16:08:24.724000000 +0800 -@@ -1058,9 +1058,9 @@ - - if (g_str_has_suffix (key, "/")) - { -- gint length = strlen (key); -+ gsize length = strlen (key); - -- strv[j] = g_memdup (key, length); -+ strv[j] = g_memdup2 (key, length); - strv[j][length - 1] = '\0'; - j++; - } -diff -Naur a/gio/gsocket.c b/gio/gsocket.c ---- a/gio/gsocket.c 2021-03-06 09:46:03.675000000 +0800 -+++ b/gio/gsocket.c 2021-03-05 16:34:42.236000000 +0800 -@@ -174,7 +174,7 @@ - GError **error); - - static GSocketAddress * --cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len); -+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len); - - static gssize - g_socket_receive_message_with_timeout (GSocket *socket, -@@ -260,7 +260,7 @@ - struct { - GSocketAddress *addr; - struct sockaddr *native; -- gint native_len; -+ gsize native_len; - guint64 last_used; - } recv_addr_cache[RECV_ADDR_CACHE_SIZE]; - }; -@@ -5211,14 +5211,14 @@ - } - - static GSocketAddress * --cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len) -+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len) - { - GSocketAddress *saddr; - gint i; - guint64 oldest_time = G_MAXUINT64; - gint oldest_index = 0; - -- if (native_len <= 0) -+ if (native_len == 0) - return NULL; - - saddr = NULL; -@@ -5226,7 +5226,7 @@ - { - GSocketAddress *tmp = socket->priv->recv_addr_cache[i].addr; - gpointer tmp_native = socket->priv->recv_addr_cache[i].native; -- gint tmp_native_len = socket->priv->recv_addr_cache[i].native_len; -+ gsize tmp_native_len = socket->priv->recv_addr_cache[i].native_len; - - if (!tmp) - continue; -@@ -5256,7 +5256,7 @@ - g_free (socket->priv->recv_addr_cache[oldest_index].native); - } - -- socket->priv->recv_addr_cache[oldest_index].native = g_memdup (native, native_len); -+ socket->priv->recv_addr_cache[oldest_index].native = g_memdup2 (native, native_len); - socket->priv->recv_addr_cache[oldest_index].native_len = native_len; - socket->priv->recv_addr_cache[oldest_index].addr = g_object_ref (saddr); - socket->priv->recv_addr_cache[oldest_index].last_used = g_get_monotonic_time (); -@@ -5404,6 +5404,9 @@ - /* do it */ - while (1) - { -+ /* addrlen has to be of type int because that’s how WSARecvFrom() is defined */ -+ G_STATIC_ASSERT (sizeof addr <= G_MAXINT); -+ - addrlen = sizeof addr; - if (address) - result = WSARecvFrom (socket->priv->fd, -diff -Naur a/gio/gtlspassword.c b/gio/gtlspassword.c ---- a/gio/gtlspassword.c 2021-03-06 09:46:03.678000000 +0800 -+++ b/gio/gtlspassword.c 2021-03-05 16:36:55.266000000 +0800 -@@ -287,9 +287,14 @@ - g_return_if_fail (G_IS_TLS_PASSWORD (password)); - - if (length < 0) -- length = strlen ((gchar *)value); -+ { -+ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ -+ gsize length_unsigned = strlen ((gchar *) value); -+ g_return_if_fail (length_unsigned > G_MAXSSIZE); -+ length = (gssize) length_unsigned; -+ } - -- g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free); -+ g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free); - } - - /** -diff -Naur a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c ---- a/gio/gwin32registrykey.c 2021-03-06 09:46:03.680000000 +0800 -+++ b/gio/gwin32registrykey.c 2021-03-05 16:43:04.459000000 +0800 -@@ -125,16 +125,34 @@ - G_WIN32_REGISTRY_UPDATED_PATH = 1, - } GWin32RegistryKeyUpdateFlag; - -+static gsize -+g_utf16_len (const gunichar2 *str) -+{ -+ gsize result; -+ -+ for (result = 0; str[0] != 0; str++, result++) -+ ; -+ -+ return result; -+} -+ - static gunichar2 * --g_wcsdup (const gunichar2 *str, -- gssize str_size) -+g_wcsdup (const gunichar2 *str, gssize str_len) - { -- if (str_size == -1) -- { -- str_size = wcslen (str) + 1; -- str_size *= sizeof (gunichar2); -- } -- return g_memdup (str, str_size); -+ gsize str_len_unsigned; -+ gsize str_size; -+ -+ g_return_val_if_fail (str != NULL, NULL); -+ -+ if (str_len < 0) -+ str_len_unsigned = g_utf16_len (str); -+ else -+ str_len_unsigned = (gsize) str_len; -+ -+ g_assert (str_len_unsigned <= G_MAXSIZE / sizeof (gunichar2) - 1); -+ str_size = (str_len_unsigned + 1) * sizeof (gunichar2); -+ -+ return g_memdup2 (str, str_size); - } - - /** -@@ -247,7 +265,7 @@ - new_iter->value_name_size = iter->value_name_size; - - if (iter->value_data != NULL) -- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size); -+ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size); - - new_iter->value_data_size = iter->value_data_size; - -@@ -268,8 +286,8 @@ - new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize; - - if (iter->value_data_expanded_u8 != NULL) -- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8, -- iter->value_data_expanded_charsize); -+ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8, -+ iter->value_data_expanded_charsize); - - new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize; - -diff -Naur a/gio/tests/async-close-output-stream.c b/gio/tests/async-close-output-stream.c ---- a/gio/tests/async-close-output-stream.c 2021-03-06 09:46:03.682000000 +0800 -+++ b/gio/tests/async-close-output-stream.c 2021-03-05 16:54:17.745000000 +0800 -@@ -147,9 +147,9 @@ - - data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream)); - -- g_assert_cmpint (data->expected_size, >, 0); -+ g_assert_cmpuint (data->expected_size, >, 0); - -- data->expected_output = g_memdup (written, (guint)data->expected_size); -+ data->expected_output = g_memdup2 (written, data->expected_size); - - /* then recreate the streams and prepare them for the asynchronous close */ - destroy_streams (data); -diff -Naur a/gio/tests/gdbus-export.c b/gio/tests/gdbus-export.c ---- a/gio/tests/gdbus-export.c 2021-03-06 09:46:03.685000000 +0800 -+++ b/gio/tests/gdbus-export.c 2021-03-05 16:56:17.247000000 +0800 -@@ -671,7 +671,7 @@ - g_assert_not_reached (); - } - -- return g_memdup (interfaces, 2 * sizeof (void *)); -+ return g_memdup2 (interfaces, 2 * sizeof (void *)); - } - - static const GDBusInterfaceVTable * -@@ -727,7 +727,7 @@ - { - const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL }; - -- return g_memdup (interfaces, 2 * sizeof (void *)); -+ return g_memdup2 (interfaces, 2 * sizeof (void *)); - } - - static const GDBusInterfaceVTable * -diff -Naur a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c ---- a/gio/win32/gwinhttpfile.c 2021-03-06 09:46:03.693000000 +0800 -+++ b/gio/win32/gwinhttpfile.c 2021-03-05 16:58:28.076000000 +0800 -@@ -393,10 +393,10 @@ - child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); - child->vfs = winhttp_file->vfs; - child->url = winhttp_file->url; -- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); -- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); -- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); -- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); -+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, ((gsize) winhttp_file->url.dwSchemeLength + 1) * 2); -+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, ((gsize) winhttp_file->url.dwHostNameLength + 1) * 2); -+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, ((gsize) winhttp_file->url.dwUserNameLength + 1) * 2); -+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, ((gsize) winhttp_file->url.dwPasswordLength + 1) * 2); - child->url.lpszUrlPath = wnew_path; - child->url.dwUrlPathLength = wcslen (wnew_path); - child->url.lpszExtraInfo = NULL; -diff -Naur a/glib/gbytes.c b/glib/gbytes.c ---- a/glib/gbytes.c 2021-03-06 09:46:03.721000000 +0800 -+++ b/glib/gbytes.c 2021-03-05 17:29:25.481000000 +0800 -@@ -95,7 +95,7 @@ - { - g_return_val_if_fail (data != NULL || size == 0, NULL); - -- return g_bytes_new_take (g_memdup (data, size), size); -+ return g_bytes_new_take (g_memdup2 (data, size), size); - } - - /** -@@ -499,7 +499,7 @@ - * Copy: Non g_malloc (or compatible) allocator, or static memory, - * so we have to copy, and then unref. - */ -- result = g_memdup (bytes->data, bytes->size); -+ result = g_memdup2 (bytes->data, bytes->size); - *size = bytes->size; - g_bytes_unref (bytes); - } -diff -Naur a/glib/gdir.c b/glib/gdir.c ---- a/glib/gdir.c 2021-03-06 09:46:03.696000000 +0800 -+++ b/glib/gdir.c 2021-03-06 09:11:06.646000000 +0800 -@@ -112,7 +112,7 @@ - return NULL; - #endif - -- return g_memdup (&dir, sizeof dir); -+ return g_memdup2 (&dir, sizeof dir); - } - - /** -diff -Naur a/glib/ghash.c b/glib/ghash.c ---- a/glib/ghash.c 2021-03-06 09:46:03.697000000 +0800 -+++ b/glib/ghash.c 2021-03-06 09:12:58.243000000 +0800 -@@ -964,7 +964,7 @@ - if (hash_table->have_big_keys) - { - if (key != value) -- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); -+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); - /* Keys and values are both big now, so no need for further checks */ - return; - } -@@ -972,7 +972,7 @@ - { - if (key != value) - { -- hash_table->values = g_memdup (hash_table->keys, sizeof (guint) * hash_table->size); -+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (guint) * hash_table->size); - is_a_set = FALSE; - } - } -@@ -1000,7 +1000,7 @@ - - /* Just split if necessary */ - if (is_a_set && key != value) -- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size); -+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size); - - #endif - } -diff -Naur a/glib/giochannel.c b/glib/giochannel.c ---- a/glib/giochannel.c 2021-03-06 09:46:03.697000000 +0800 -+++ b/glib/giochannel.c 2021-03-06 09:20:11.237000000 +0800 -@@ -883,16 +883,25 @@ - const gchar *line_term, - gint length) - { -+ guint length_unsigned; -+ - g_return_if_fail (channel != NULL); - g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */ - - if (line_term == NULL) -- length = 0; -- else if (length < 0) -- length = strlen (line_term); -+ length_unsigned = 0; -+ else if (length >= 0) -+ length_unsigned = (guint) length; -+ else -+ { -+ /* FIXME: We’re constrained by line_term_len being a guint here */ -+ gsize length_size = strlen (line_term); -+ g_return_if_fail (length_size > G_MAXUINT); -+ length_unsigned = (guint) length_size; -+ } - - g_free (channel->line_term); -- channel->line_term = line_term ? g_memdup (line_term, length) : NULL; -+ channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL; - channel->line_term_len = length; - } - -diff -Naur a/glib/gstrfuncs.c b/glib/gstrfuncs.c ---- a/glib/gstrfuncs.c 2021-03-06 09:46:03.703000000 +0800 -+++ b/glib/gstrfuncs.c 2021-03-06 09:21:27.836000000 +0800 -@@ -398,6 +398,38 @@ - } - - /** -+ * g_memdup2: -+ * @mem: (nullable): the memory to copy. -+ * @byte_size: the number of bytes to copy. -+ * -+ * Allocates @byte_size bytes of memory, and copies @byte_size bytes into it -+ * from @mem. If @mem is %NULL it returns %NULL. -+ * -+ * This replaces g_memdup(), which was prone to integer overflows when -+ * converting the argument from a #gsize to a #guint. -+ * -+ * Returns: (nullable): a pointer to the newly-allocated copy of the memory, -+ * or %NULL if @mem is %NULL. -+ * Since: 2.68 -+ */ -+gpointer -+g_memdup2 (gconstpointer mem, -+ gsize byte_size) -+{ -+ gpointer new_mem; -+ -+ if (mem && byte_size != 0) -+ { -+ new_mem = g_malloc (byte_size); -+ memcpy (new_mem, mem, byte_size); -+ } -+ else -+ new_mem = NULL; -+ -+ return new_mem; -+} -+ -+/** - * g_strndup: - * @str: the string to duplicate - * @n: the maximum number of bytes to copy from @str -diff -Naur a/glib/gstrfuncs.h b/glib/gstrfuncs.h ---- a/glib/gstrfuncs.h 2021-03-06 09:46:03.703000000 +0800 -+++ b/glib/gstrfuncs.h 2021-03-06 09:23:07.268000000 +0800 -@@ -257,6 +257,10 @@ - gpointer g_memdup (gconstpointer mem, - guint byte_size) G_GNUC_ALLOC_SIZE(2); - -+GLIB_AVAILABLE_IN_ALL -+gpointer g_memdup2 (gconstpointer mem, -+ gsize byte_size) G_GNUC_ALLOC_SIZE(2); -+ - /* NULL terminated string arrays. - * g_strsplit(), g_strsplit_set() split up string into max_tokens tokens - * at delim and return a newly allocated string array. -diff -Naur a/glib/gtestutils.c b/glib/gtestutils.c ---- a/glib/gtestutils.c 2021-03-06 09:46:03.704000000 +0800 -+++ b/glib/gtestutils.c 2021-03-06 09:24:38.454000000 +0800 -@@ -3801,7 +3801,7 @@ - if (p <= tbuffer->data->str + mlength) - { - g_string_erase (tbuffer->data, 0, mlength); -- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg))); -+ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg))); - return TRUE; - } - -diff -Naur a/glib/gvariant.c b/glib/gvariant.c ---- a/glib/gvariant.c 2021-03-06 09:46:03.709000000 +0800 -+++ b/glib/gvariant.c 2021-03-06 09:26:50.164000000 +0800 -@@ -725,7 +725,7 @@ - g_variant_ref_sink (value); - - return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT, -- g_memdup (&value, sizeof value), -+ g_memdup2 (&value, sizeof value), - 1, g_variant_is_trusted (value)); - } - -@@ -1229,7 +1229,7 @@ - return NULL; - } - -- data = g_memdup (elements, n_elements * element_size); -+ data = g_memdup2 (elements, n_elements * element_size); - value = g_variant_new_from_data (array_type, data, - n_elements * element_size, - FALSE, g_free, data); -@@ -1908,7 +1908,7 @@ - if (length) - *length = size; - -- return g_memdup (original, size + 1); -+ return g_memdup2 (original, size + 1); - } - - /** -diff -Naur a/glib/gvarianttype.c b/glib/gvarianttype.c ---- a/glib/gvarianttype.c 2021-03-06 09:46:03.709000000 +0800 -+++ b/glib/gvarianttype.c 2021-03-06 09:28:03.190000000 +0800 -@@ -1181,7 +1181,7 @@ - g_assert (offset < sizeof buffer); - buffer[offset++] = ')'; - -- return (GVariantType *) g_memdup (buffer, offset); -+ return (GVariantType *) g_memdup2 (buffer, offset); - } - - /** -diff -Naur a/glib/tests/array-test.c b/glib/tests/array-test.c ---- a/glib/tests/array-test.c 2021-03-06 09:46:03.712000000 +0800 -+++ b/glib/tests/array-test.c 2021-03-06 09:28:56.467000000 +0800 -@@ -1616,7 +1616,7 @@ - GByteArray *gbarray; - guint8 *data; - -- data = g_memdup ("woooweeewow", 11); -+ data = g_memdup2 ("woooweeewow", 11); - gbarray = g_byte_array_new_take (data, 11); - g_assert (gbarray->data == data); - g_assert_cmpuint (gbarray->len, ==, 11); -diff -Naur a/glib/tests/option-context.c b/glib/tests/option-context.c ---- a/glib/tests/option-context.c 2021-03-06 09:46:03.719000000 +0800 -+++ b/glib/tests/option-context.c 2021-03-06 09:30:07.022000000 +0800 -@@ -256,7 +256,7 @@ - static char ** - copy_stringv (char **argv, int argc) - { -- return g_memdup (argv, sizeof (char *) * (argc + 1)); -+ return g_memdup2 (argv, sizeof (char *) * (argc + 1)); - } - - static void -@@ -2323,7 +2323,7 @@ - g_option_context_add_group (context, group); - - argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc); -- orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *)); -+ orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *)); - - retval = g_option_context_parse (context, &argc, &argv, &error); - -diff -Naur a/glib/tests/strfuncs.c b/glib/tests/strfuncs.c ---- a/glib/tests/strfuncs.c 2021-03-06 09:46:03.720000000 +0800 -+++ b/glib/tests/strfuncs.c 2021-03-06 09:33:09.312000000 +0800 -@@ -219,6 +219,26 @@ - g_free (str_dup); - } - -+/* Testing g_memdup2() function with various positive and negative cases */ -+static void -+test_memdup2 (void) -+{ -+ gchar *str_dup = NULL; -+ const gchar *str = "The quick brown fox jumps over the lazy dog"; -+ -+ /* Testing negative cases */ -+ g_assert_null (g_memdup2 (NULL, 1024)); -+ g_assert_null (g_memdup2 (str, 0)); -+ g_assert_null (g_memdup2 (NULL, 0)); -+ -+ /* Testing normal usage cases */ -+ str_dup = g_memdup2 (str, strlen (str) + 1); -+ g_assert_nonnull (str_dup); -+ g_assert_cmpstr (str, ==, str_dup); -+ -+ g_free (str_dup); -+} -+ - /* Testing g_strpcpy() function with various positive and negative cases */ - static void - test_stpcpy (void) -@@ -2523,6 +2543,7 @@ - g_test_add_func ("/strfuncs/has-prefix", test_has_prefix); - g_test_add_func ("/strfuncs/has-suffix", test_has_suffix); - g_test_add_func ("/strfuncs/memdup", test_memdup); -+ g_test_add_func ("/strfuncs/memdup2", test_memdup2); - g_test_add_func ("/strfuncs/stpcpy", test_stpcpy); - g_test_add_func ("/strfuncs/str_match_string", test_str_match_string); - g_test_add_func ("/strfuncs/str_tokenize_and_fold", test_str_tokenize_and_fold); -diff -Naur a/gobject/gsignal.c b/gobject/gsignal.c ---- a/gobject/gsignal.c 2021-03-06 09:46:03.722000000 +0800 -+++ b/gobject/gsignal.c 2021-03-06 09:36:46.688000000 +0800 -@@ -1730,7 +1730,7 @@ - node->single_va_closure_is_valid = FALSE; - node->flags = signal_flags & G_SIGNAL_FLAGS_MASK; - node->n_params = n_params; -- node->param_types = g_memdup (param_types, sizeof (GType) * n_params); -+ node->param_types = g_memdup2 (param_types, sizeof (GType) * n_params); - node->return_type = return_type; - node->class_closure_bsa = NULL; - if (accumulator) -diff -Naur a/gobject/gtype.c b/gobject/gtype.c ---- a/gobject/gtype.c 2021-03-06 09:46:03.724000000 +0800 -+++ b/gobject/gtype.c 2021-03-06 09:38:47.030000000 +0800 -@@ -1470,7 +1470,7 @@ - iholder->next = iface_node_get_holders_L (iface); - iface_node_set_holders_W (iface, iholder); - iholder->instance_type = NODE_TYPE (node); -- iholder->info = info ? g_memdup (info, sizeof (*info)) : NULL; -+ iholder->info = info ? g_memdup2 (info, sizeof (*info)) : NULL; - iholder->plugin = plugin; - - /* create an iface entry for this type */ -@@ -1731,7 +1731,7 @@ - INVALID_RECURSION ("g_type_plugin_*", iholder->plugin, NODE_NAME (iface)); - - check_interface_info_I (iface, instance_type, &tmp_info); -- iholder->info = g_memdup (&tmp_info, sizeof (tmp_info)); -+ iholder->info = g_memdup2 (&tmp_info, sizeof (tmp_info)); - } - - return iholder; /* we don't modify write lock upon returning NULL */ -@@ -2016,10 +2016,10 @@ - IFaceEntry *pentry = type_lookup_iface_entry_L (pnode, iface); - - if (pentry) -- vtable = g_memdup (pentry->vtable, iface->data->iface.vtable_size); -+ vtable = g_memdup2 (pentry->vtable, iface->data->iface.vtable_size); - } - if (!vtable) -- vtable = g_memdup (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); -+ vtable = g_memdup2 (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size); - entry->vtable = vtable; - vtable->g_type = NODE_TYPE (iface); - vtable->g_instance_type = NODE_TYPE (node); -diff -Naur a/gobject/gtypemodule.c b/gobject/gtypemodule.c ---- a/gobject/gtypemodule.c 2021-03-06 09:46:03.724000000 +0800 -+++ b/gobject/gtypemodule.c 2021-03-06 09:39:57.337000000 +0800 -@@ -436,7 +436,7 @@ - module_type_info->loaded = TRUE; - module_type_info->info = *type_info; - if (type_info->value_table) -- module_type_info->info.value_table = g_memdup (type_info->value_table, -+ module_type_info->info.value_table = g_memdup2 (type_info->value_table, - sizeof (GTypeValueTable)); - - return module_type_info->type; -diff -Naur a/gobject/tests/param.c b/gobject/tests/param.c ---- a/gobject/tests/param.c 2021-03-06 09:46:03.725000000 +0800 -+++ b/gobject/tests/param.c 2021-03-06 09:40:28.446000000 +0800 -@@ -851,7 +851,7 @@ - test_path = g_strdup_printf ("/param/implement/subprocess/%d-%d-%d-%d", - data.change_this_flag, data.change_this_type, - data.use_this_flag, data.use_this_type); -- test_data = g_memdup (&data, sizeof (TestParamImplementData)); -+ test_data = g_memdup2 (&data, sizeof (TestParamImplementData)); - g_test_add_data_func_full (test_path, test_data, test_param_implement_child, g_free); - g_free (test_path); - } -diff -Naur a/gio/gwin32appinfo.c b/gio/gwin32appinfo.c -index 9f335b3..2a0fe38 100644 ---- a/gio/gwin32appinfo.c -+++ b/gio/gwin32appinfo.c -@@ -472,7 +472,7 @@ g_wcsdup (const gunichar2 *str, gssize str_size) - str_size = wcslen (str) + 1; - str_size *= sizeof (gunichar2); - } -- return g_memdup (str, str_size); -+ return g_memdup2 (str, str_size); - } - - #define URL_ASSOCIATIONS L"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\" diff --git a/backport-Correct-memory-leaks-of-error-in-completion-case.patch b/backport-Correct-memory-leaks-of-error-in-completion-case.patch deleted file mode 100644 index d35626a2f9c800ba5b5447a68b165008f2c70517..0000000000000000000000000000000000000000 --- a/backport-Correct-memory-leaks-of-error-in-completion-case.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 1c7c849d34ee89a030fe0d85e326311741a0f3d1 Mon Sep 17 00:00:00 2001 -From: Frederic Martinsons -Date: Tue, 26 Jan 2021 15:43:46 +0100 -Subject: [PATCH] Correct memory leaks of error in completion case. - -Signed-off-by: Frederic Martinsons - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/1c7c849d34ee89a030fe0d85e326311741a0f3d1 - ---- - gio/gdbus-tool.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/gio/gdbus-tool.c b/gio/gdbus-tool.c -index 5cb80b45f7..06f61cfac6 100644 ---- a/gio/gdbus-tool.c -+++ b/gio/gdbus-tool.c -@@ -681,8 +681,8 @@ handle_emit (gint *argc, - else - { - g_printerr (_("Error connecting: %s\n"), error->message); -- g_error_free (error); - } -+ g_error_free (error); - goto out; - } - -@@ -995,8 +995,8 @@ handle_call (gint *argc, - else - { - g_printerr (_("Error connecting: %s\n"), error->message); -- g_error_free (error); - } -+ g_error_free (error); - goto out; - } - -@@ -1825,8 +1825,8 @@ handle_introspect (gint *argc, - else - { - g_printerr (_("Error connecting: %s\n"), error->message); -- g_error_free (error); - } -+ g_error_free (error); - goto out; - } - -@@ -2057,8 +2057,8 @@ handle_monitor (gint *argc, - else - { - g_printerr (_("Error connecting: %s\n"), error->message); -- g_error_free (error); - } -+ g_error_free (error); - goto out; - } - -@@ -2277,8 +2277,8 @@ handle_wait (gint *argc, - else - { - g_printerr (_("Error connecting: %s\n"), error->message); -- g_error_free (error); - } -+ g_error_free (error); - goto out; - } - diff --git a/backport-Fix-giomodule-cache-being-wrongly-considered-stale.patch b/backport-Fix-giomodule-cache-being-wrongly-considered-stale.patch deleted file mode 100644 index ded0c5516603679606e646d8df555e9a3432ac80..0000000000000000000000000000000000000000 --- a/backport-Fix-giomodule-cache-being-wrongly-considered-stale.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 497c511a984d8c71b3ea48e4f5cfc2537b907021 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?L=C3=A9o=20Stefanesco?= -Date: Fri, 3 Jul 2020 15:16:33 +0200 -Subject: [PATCH 0698/1095] Fix giomodule.cache being wrongly considered stale - -In ostree based systems, such as flatpak and fedora silverblue, the -time of modification of every system file is epoch 0, including -giomodule.cache, which means that every module is loaded and unloaded -every time. - -The solution is to use the change time of the file as well. In a typical -system, it is equal to the mtime, and in an ostree based system, since -the directory is mounted as read-only, the user cannot add a module and -we must assume that the cache file corresponds to the modules. - -reason:Fix giomodule.cache being wrongly considered stale - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/497c511a984d8c71b3ea48e4f5cfc2537b907021 ---- - gio/giomodule.c | 23 +++++++++++++---------- - 1 file changed, 13 insertions(+), 10 deletions(-) - -diff --git a/gio/giomodule.c b/gio/giomodule.c -index f49ea3e..d8d64be 100644 ---- a/gio/giomodule.c -+++ b/gio/giomodule.c -@@ -462,7 +462,7 @@ g_io_modules_scan_all_in_directory_with_scope (const char *dirname, - GDir *dir; - GStatBuf statbuf; - char *data; -- time_t cache_mtime; -+ time_t cache_time; - GHashTable *cache; - - if (!g_module_supported ()) -@@ -477,21 +477,24 @@ g_io_modules_scan_all_in_directory_with_scope (const char *dirname, - cache = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, (GDestroyNotify)g_strfreev); - -- cache_mtime = 0; -+ cache_time = 0; - if (g_stat (filename, &statbuf) == 0 && - g_file_get_contents (filename, &data, NULL, NULL)) - { - char **lines; - int i; - -- /* Cache mtime is the time the cache file was created, any file -- * that has a ctime before this was created then and not modified -- * since then (userspace can't change ctime). Its possible to change -- * the ctime forward without changing the file content, by e.g. -- * chmoding the file, but this is uncommon and will only cause us -- * to not use the cache so will not cause bugs. -+ /* cache_time is the time the cache file was created; we also take -+ * into account the change time because in ostree based systems, all -+ * system file have mtime equal to epoch 0. -+ * -+ * Any file that has a ctime before this was created then and not modified -+ * since then (userspace can't change ctime). Its possible to change the -+ * ctime forward without changing the file content, by e.g. chmoding the -+ * file, but this is uncommon and will only cause us to not use the cache -+ * so will not cause bugs. - */ -- cache_mtime = statbuf.st_mtime; -+ cache_time = MAX(statbuf.st_mtime, statbuf.st_ctime); - - lines = g_strsplit (data, "\n", -1); - g_free (data); -@@ -539,7 +542,7 @@ g_io_modules_scan_all_in_directory_with_scope (const char *dirname, - extension_points = g_hash_table_lookup (cache, name); - if (extension_points != NULL && - g_stat (path, &statbuf) == 0 && -- statbuf.st_ctime <= cache_mtime) -+ statbuf.st_ctime <= cache_time) - { - /* Lazy load/init the library when first required */ - for (i = 0; extension_points[i] != NULL; i++) --- -1.8.3.1 - diff --git a/backport-Fix-the-6-days-until-the-end-of-the-month-bug.patch b/backport-Fix-the-6-days-until-the-end-of-the-month-bug.patch deleted file mode 100644 index f57df122b40a74a57457e95e13b7d9f00f02b4af..0000000000000000000000000000000000000000 --- a/backport-Fix-the-6-days-until-the-end-of-the-month-bug.patch +++ /dev/null @@ -1,49 +0,0 @@ -From da00779093f8c69b77b578795e8bec8e27f107d0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?=D0=A0=D1=83=D1=81=D0=BB=D0=B0=D0=BD=20=D0=98=D0=B6=D0=B1?= - =?UTF-8?q?=D1=83=D0=BB=D0=B0=D1=82=D0=BE=D0=B2?= -Date: Mon, 5 Oct 2020 16:53:47 +0000 -Subject: [PATCH 1022/1095] Fix the 6-days-until-the-end-of-the-month bug - -The addition causes the date to shift -forward into 1st of the next month, because a 0-based offset -is compared to be "more than" the days in the month instead of "more than -or equal to". - -This is triggered by corner-cases where transition date is 6 days -off the end of the month and our calculations put it at N+1th day of the -month (where N is the number of days in the month). The subtraction should -be triggered to move the date back a week, putting it 6 days off the end; -for example, October 25 for CET DST transition; but due to incorrect comparison -the date isn't shifted back, we add 31 days to October 1st and end up -at November 1st). - -Fixes issue #2215. - -reason:Fix the 6-days-until-the-end-of-the-month bug - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/da00779093f8c69b77b578795e8bec8e27f107d0 ---- - glib/gtimezone.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/glib/gtimezone.c b/glib/gtimezone.c -index ef67ec5..0de5c92 100644 ---- a/glib/gtimezone.c -+++ b/glib/gtimezone.c -@@ -1041,7 +1041,11 @@ find_relative_date (TimeZoneDate *buffer) - /* week is 1 <= w <= 5, we need 0-based */ - days = 7 * (buffer->week - 1) + wday - first_wday; - -- while (days > days_in_month) -+ /* "days" is a 0-based offset from the 1st of the month. -+ * Adding days == days_in_month would bring us into the next month, -+ * hence the ">=" instead of just ">". -+ */ -+ while (days >= days_in_month) - days -= 7; - - g_date_add_days (&date, days); --- -1.8.3.1 - diff --git a/backport-gapplication-Fix-a-memory-leak.patch b/backport-gapplication-Fix-a-memory-leak.patch deleted file mode 100644 index 355f6bf27c5324a9f52cf06827ce6d2c0ab4dbd8..0000000000000000000000000000000000000000 --- a/backport-gapplication-Fix-a-memory-leak.patch +++ /dev/null @@ -1,24 +0,0 @@ -From a1203b3d3bbdf3f851ffa5a903cf4fb9644e5943 Mon Sep 17 00:00:00 2001 -From: Mohammed Sadiq -Date: Thu, 4 Feb 2021 18:36:45 +0530 -Subject: [PATCH] gapplication: Fix a memory leak - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/a1203b3d3bbdf3f851ffa5a903cf4fb9644e5943 - ---- - gio/gapplication.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/gio/gapplication.c b/gio/gapplication.c -index 1c560e5e8c..3720146af9 100644 ---- a/gio/gapplication.c -+++ b/gio/gapplication.c -@@ -1091,6 +1091,7 @@ g_application_real_local_command_line (GApplication *application, - if (!options) - { - g_printerr ("%s\n", error->message); -+ g_error_free (error); - *exit_status = 1; - return TRUE; - } diff --git a/backport-gbookmarkfile-Fix-a-minor-leak-on-an-error-path.patch b/backport-gbookmarkfile-Fix-a-minor-leak-on-an-error-path.patch deleted file mode 100644 index ca4090c5a288102936abc4eab8b4e18aaaae3963..0000000000000000000000000000000000000000 --- a/backport-gbookmarkfile-Fix-a-minor-leak-on-an-error-path.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 4332e3b160a1fef92f86b38be3b7286712925d67 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Tue, 5 Nov 2019 10:08:45 +0000 -Subject: [PATCH 0115/1095] gbookmarkfile: Fix a minor leak on an error path - -Signed-off-by: Philip Withnall - -reason:Fix a minor leak on an error path - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/4332e3b160a1fef92f86b38be3b7286712925d67 ---- - glib/gbookmarkfile.c | 15 ++++++++++++--- - 1 file changed, 12 insertions(+), 3 deletions(-) - -diff --git a/glib/gbookmarkfile.c b/glib/gbookmarkfile.c -index 25f1234..e22f794 100644 ---- a/glib/gbookmarkfile.c -+++ b/glib/gbookmarkfile.c -@@ -775,13 +775,22 @@ parse_bookmark_element (GMarkupParseContext *context, - item = bookmark_item_new (uri); - - if (added != NULL && !timestamp_from_iso8601 (added, &item->added, error)) -- return; -+ { -+ bookmark_item_free (item); -+ return; -+ } - - if (modified != NULL && !timestamp_from_iso8601 (modified, &item->modified, error)) -- return; -+ { -+ bookmark_item_free (item); -+ return; -+ } - - if (visited != NULL && !timestamp_from_iso8601 (visited, &item->visited, error)) -- return; -+ { -+ bookmark_item_free (item); -+ return; -+ } - - add_error = NULL; - g_bookmark_file_add_item (parse_data->bookmark_file, --- -1.8.3.1 - diff --git a/backport-gdbusauth-fix-error-leak.patch b/backport-gdbusauth-fix-error-leak.patch deleted file mode 100644 index 709b71e1bc3783f365bc016a8b015d56f11c35b2..0000000000000000000000000000000000000000 --- a/backport-gdbusauth-fix-error-leak.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 2b29495bcb59ba00bec808c509112dae6e019fd7 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Wed, 31 Mar 2021 14:12:39 -0500 -Subject: [PATCH] gdbusauth: fix error leak - -local_error is leaked in the G_IO_ERROR_NOT_SUPPORTED case. Found by -Coverity. - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/2b29495bcb59ba00bec808c509112dae6e019fd7 - ---- - gio/gdbusauth.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c -index c430f0cf03..534dca2d19 100644 ---- a/gio/gdbusauth.c -+++ b/gio/gdbusauth.c -@@ -1007,6 +1007,7 @@ _g_dbus_auth_run_server (GDBusAuth *auth, - g_propagate_error (error, local_error); - goto out; - } -+ g_clear_error (&local_error); - } - else - { diff --git a/backport-gdbusobjectmanagerservice-fix-leak-in-error-path.patch b/backport-gdbusobjectmanagerservice-fix-leak-in-error-path.patch deleted file mode 100644 index 79cf015c01479a7944d18693ff34ac82d2689ea0..0000000000000000000000000000000000000000 --- a/backport-gdbusobjectmanagerservice-fix-leak-in-error-path.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 719484a5754cca036d123ae4c2ae3d150bacef32 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Wed, 31 Mar 2021 14:23:13 -0500 -Subject: [PATCH] gdbusobjectmanagerservice: fix leak in error path - -If the third g_return_val_if_fail() is hit, then we leak -orig_object_path. There is no reason we need to strdup it here. - -Found by Coverity. - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/719484a5754cca036d123ae4c2ae3d150bacef32 ---- - gio/gdbusobjectmanagerserver.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/gio/gdbusobjectmanagerserver.c b/gio/gdbusobjectmanagerserver.c -index 39f4ed5006..0a0cea84ab 100644 ---- a/gio/gdbusobjectmanagerserver.c -+++ b/gio/gdbusobjectmanagerserver.c -@@ -565,12 +565,12 @@ void - g_dbus_object_manager_server_export_uniquely (GDBusObjectManagerServer *manager, - GDBusObjectSkeleton *object) - { -- gchar *orig_object_path; -+ const gchar *orig_object_path; - gchar *object_path; - guint count; - gboolean modified; - -- orig_object_path = g_strdup (g_dbus_object_get_object_path (G_DBUS_OBJECT (object))); -+ orig_object_path = g_dbus_object_get_object_path (G_DBUS_OBJECT (object)); - - g_return_if_fail (G_IS_DBUS_OBJECT_MANAGER_SERVER (manager)); - g_return_if_fail (G_IS_DBUS_OBJECT (object)); -@@ -602,7 +602,6 @@ g_dbus_object_manager_server_export_uniquely (GDBusObjectManagerServer *manager, - g_dbus_object_skeleton_set_object_path (G_DBUS_OBJECT_SKELETON (object), object_path); - - g_free (object_path); -- g_free (orig_object_path); - - } - diff --git a/backport-gfileenumerator-fix-leak-in-error-path.patch b/backport-gfileenumerator-fix-leak-in-error-path.patch deleted file mode 100644 index ddfe7fcaf76bc7c794f4600c130a158d20a45a99..0000000000000000000000000000000000000000 --- a/backport-gfileenumerator-fix-leak-in-error-path.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 8bfc2998135ee9c4460520febb3af720c61438a5 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Thu, 1 Apr 2021 14:13:19 -0500 -Subject: [PATCH] gfileenumerator: fix leak in error path - -Found by Coverity. - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/8bfc2998135ee9c4460520febb3af720c61438a5 ---- - gio/gfileenumerator.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/gio/gfileenumerator.c b/gio/gfileenumerator.c -index ac2e4eb980..1f9bc24ebe 100644 ---- a/gio/gfileenumerator.c -+++ b/gio/gfileenumerator.c -@@ -787,7 +787,10 @@ next_files_thread (GTask *task, - } - - if (error) -- g_task_return_error (task, error); -+ { -+ g_list_free_full (files, g_object_unref); -+ g_task_return_error (task, error); -+ } - else - g_task_return_pointer (task, files, (GDestroyNotify)next_async_op_free); - } diff --git a/backport-gfileutils-Correct-operator-precedence-to-avoid-undefined-pointer-maths.patch b/backport-gfileutils-Correct-operator-precedence-to-avoid-undefined-pointer-maths.patch deleted file mode 100644 index 5e62f601f4df28cbc6ff32a6add78791cb5bdd75..0000000000000000000000000000000000000000 --- a/backport-gfileutils-Correct-operator-precedence-to-avoid-undefined-pointer-maths.patch +++ /dev/null @@ -1,48 +0,0 @@ -From e86dd776552224dfc06818b45257066d4ed5bb25 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 10 Jun 2020 13:26:14 +0100 -Subject: [PATCH 0631/1095] gfileutils: Correct operator precedence to avoid - undefined pointer maths -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -`base` can be `-1` in some situations, which would lead to pointing -outside an allocation area if the sums were evaluated as `(file_name + -base) + 1` rather than `file_name + (base + 1)`. - -I don’t see how this can practically cause an issue, as the arithmetic -is all finished before anything’s dereferenced, but let’s keep to the -letter of the C standard to avoid this coming up in code audits in -future. - -Fix suggested by fablhx. - -Signed-off-by: Philip Withnall - -Closes: #2077 - -reason: Correct operator precedence to avoid undefined pointer maths - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/e86dd776552224dfc06818b45257066d4ed5bb25 ---- - glib/gfileutils.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/glib/gfileutils.c b/glib/gfileutils.c -index f0799e2..ede22b8 100644 ---- a/glib/gfileutils.c -+++ b/glib/gfileutils.c -@@ -2397,7 +2397,7 @@ g_path_get_basename (const gchar *file_name) - - len = last_nonslash - base; - retval = g_malloc (len + 1); -- memcpy (retval, file_name + base + 1, len); -+ memcpy (retval, file_name + (base + 1), len); - retval [len] = '\0'; - - return retval; --- -1.8.3.1 - diff --git a/backport-glib-ensure-consistent-abort-on-OOM-with-g-vasprintf-its-callers.patch b/backport-glib-ensure-consistent-abort-on-OOM-with-g-vasprintf-its-callers.patch deleted file mode 100644 index dc10e3aca48c6d823483c159181e77776f938bcc..0000000000000000000000000000000000000000 --- a/backport-glib-ensure-consistent-abort-on-OOM-with-g-vasprintf-its-callers.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 14035010dd760d2202d03eba3ca392a488ff04eb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= -Date: Fri, 4 Oct 2019 13:52:39 +0100 -Subject: [PATCH] glib: ensure consistent abort-on-OOM with g_vasprintf & its - callers -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The g_vasprintf method is called by g_strdup_vprintf, g_strdup_printf, -g_string_append_vprintf and more. It has three different implementations -depending on what the build target platform supports: - - 1. The gnulib impl appears to use the system malloc, but a - '#define malloc g_malloc' causes it to use GLib's wrapper - and thus abort on OOM. This mostly gets used on Windows - platforms or UNIX platforms with broken printf formatting. - - 2. The main impl mostly used on modern Linux/UNIX calls the - system vasprintf which uses the system malloc and does not - abort on OOM. - - 3. The final impl used on remaining platforms calls system - vsprintf on a buffer allocated by g_new, and thus always - aborts on OOM. - -Of note is that impl 2 (using vasprintf) historically could abort on -OOM, if the application had installed a non-system malloc impl with -GLib. This was because the code would g_strndup the result from -vasprintf() in that scenario. This was removed in: - - commit a3660532535f92cfac136435579ed4f23231f48c - Author: Dan Winship - Date: Fri Aug 7 09:46:49 2015 -0400 - - glib: remove deprecated g_mem_is_system_malloc() check in gprintf.c - -Having inconsistent OOM behaviour for the three impls is undesirable and -aborting on OOM is normal pratice for GLib APIs. Thus we must thus ensure -this happens in all impls of g_vasprintf. - -Fixes #1622 - -Signed-off-by: Daniel P. Berrangé - -reason:ensure consistent abort-on-OOM with g_vasprintf & its callers - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/14035010dd760d2202d03eba3ca392a488ff04eb ---- - glib/gprintf.c | 16 +++++++++++++--- - 1 file changed, 13 insertions(+), 3 deletions(-) - -diff --git a/glib/gprintf.c b/glib/gprintf.c -index fc0a02a..d4d0b3e 100644 ---- a/glib/gprintf.c -+++ b/glib/gprintf.c -@@ -20,6 +20,7 @@ - #include - #include - #include -+#include - - #include "gprintf.h" - #include "gprintfint.h" -@@ -327,9 +328,18 @@ g_vasprintf (gchar **string, - - #elif defined (HAVE_VASPRINTF) - -- len = vasprintf (string, format, args); -- if (len < 0) -- *string = NULL; -+ { -+ int saved_errno; -+ len = vasprintf (string, format, args); -+ saved_errno = errno; -+ if (len < 0) -+ { -+ if (saved_errno == ENOMEM) -+ g_error ("%s: failed to allocate memory", G_STRLOC); -+ else -+ *string = NULL; -+ } -+ } - - #else - --- -1.8.3.1 - diff --git a/backport-glib-supp-Suppress-calloc-variant-of-g-get-charset.patch b/backport-glib-supp-Suppress-calloc-variant-of-g-get-charset.patch deleted file mode 100644 index 04d4c8e281be45215cb23cbd0c8e29d0071fb4bb..0000000000000000000000000000000000000000 --- a/backport-glib-supp-Suppress-calloc-variant-of-g-get-charset.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 02f0d4fc6a863d57f0a669428ef44ee867918a23 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Thu, 25 Jun 2020 10:00:58 +0100 -Subject: [PATCH] glib.supp: Suppress calloc() variant of g_get_charset() - -Signed-off-by: Philip Withnall - -Fixes: #2136 - -reason:Suppress calloc() variant of g_get_charset() - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/02f0d4fc6a863d57f0a669428ef44ee867918a23 ---- - glib.supp | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff -Naur a/glib.supp b/glib.supp ---- a/glib.supp 2020-12-14 14:14:06.868000000 +0800 -+++ b/glib.supp 2020-12-14 15:46:11.033000000 +0800 -@@ -946,3 +946,13 @@ - ... - fun:g_file_* - } -+ -+# Cached charset -+{ -+ g_get_charset_calloc -+ Memcheck:Leak -+ match-leak-kinds:reachable -+ fun:calloc -+ ... -+ fun:g_get_charset -+} diff --git a/backport-glocalfileinfo-Correct-an-off-by-one-error-when-unescaping-hex.patch b/backport-glocalfileinfo-Correct-an-off-by-one-error-when-unescaping-hex.patch deleted file mode 100644 index c6301bed5a25b5906a769527a40cf0382dd2bc64..0000000000000000000000000000000000000000 --- a/backport-glocalfileinfo-Correct-an-off-by-one-error-when-unescaping-hex.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 63b329fb818358eaf6688f4f78779ef3ee6cfb99 Mon Sep 17 00:00:00 2001 -From: Sergio Gelato -Date: Wed, 8 Jul 2020 12:45:43 +0100 -Subject: [PATCH 0715/1095] glocalfileinfo: Correct an off-by-one error when - unescaping hex - -Correct an off-by-one error in hex_unescape_string()'s computation of -the output string length. - -(Turned into a git-format patch by Philip Withnall. Original patch -submitted on the Debian bug tracker, bug#962912.) - -reason:Correct an off-by-one error when unescaping hex - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/63b329fb818358eaf6688f4f78779ef3ee6cfb99 ---- - gio/glocalfileinfo.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/gio/glocalfileinfo.c b/gio/glocalfileinfo.c -index 6cac187..4ca1ce6 100644 ---- a/gio/glocalfileinfo.c -+++ b/gio/glocalfileinfo.c -@@ -394,10 +394,10 @@ hex_unescape_string (const char *str, - else - *p++ = str[i]; - } -- *p++ = 0; -- - if (out_len) - *out_len = p - unescaped_str; -+ *p++ = 0; -+ - *free_return = TRUE; - return unescaped_str; - } --- -1.8.3.1 - diff --git a/backport-glocalfileinfo-Fix-minor-leak-on-error-handling-path-for-xattrs.patch b/backport-glocalfileinfo-Fix-minor-leak-on-error-handling-path-for-xattrs.patch deleted file mode 100644 index 7921d83d603f288e330b0a3ab7c3457e80684fe9..0000000000000000000000000000000000000000 --- a/backport-glocalfileinfo-Fix-minor-leak-on-error-handling-path-for-xattrs.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 15818926b360b99d7897e519d7414470870b2e58 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 30 Oct 2019 15:35:15 +0000 -Subject: [PATCH 0099/1095] glocalfileinfo: Fix minor leak on error handling - path for xattrs - -Spotted by `scan-build`. - -Signed-off-by: Philip Withnall - -reason: Fix minor leak on error handling path for xattrs - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/15818926b360b99d7897e519d7414470870b2e58 ---- - gio/glocalfileinfo.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/gio/glocalfileinfo.c b/gio/glocalfileinfo.c -index dcc9bce..5ba7691 100644 ---- a/gio/glocalfileinfo.c -+++ b/gio/glocalfileinfo.c -@@ -504,7 +504,10 @@ get_xattrs (const char *path, - } - - if (list_res_size == -1) -- return; -+ { -+ g_free (list); -+ return; -+ } - - attr = list; - while (list_res_size > 0) --- -1.8.3.1 - diff --git a/backport-gparamspecs-Fix-type-class-leaks-on-error-handling-paths.patch b/backport-gparamspecs-Fix-type-class-leaks-on-error-handling-paths.patch deleted file mode 100644 index b78ba69605ecfadab4617dc9542aaa0493e3521c..0000000000000000000000000000000000000000 --- a/backport-gparamspecs-Fix-type-class-leaks-on-error-handling-paths.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 1a3bba4670e79f9e78fae512ace9191226715e35 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Mon, 28 Oct 2019 14:57:33 +0000 -Subject: [PATCH 0078/1095] gparamspecs: Fix type class leaks on error handling - paths - -Signed-off-by: Philip Withnall - -Helps: #1911 - -reason: Fix type class leaks on error handling paths - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/1a3bba4670e79f9e78fae512ace9191226715e35 ---- - gobject/gparamspecs.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/gobject/gparamspecs.c b/gobject/gparamspecs.c -index 5d15c26..490c7c2 100644 ---- a/gobject/gparamspecs.c -+++ b/gobject/gparamspecs.c -@@ -2092,7 +2092,10 @@ g_param_spec_enum (const gchar *name, - blurb, - flags); - if (espec == NULL) -- return NULL; -+ { -+ g_type_class_unref (enum_class); -+ return NULL; -+ } - - espec->enum_class = enum_class; - espec->default_value = default_value; -@@ -2140,7 +2143,10 @@ g_param_spec_flags (const gchar *name, - blurb, - flags); - if (fspec == NULL) -- return NULL; -+ { -+ g_type_class_unref (flags_class); -+ return NULL; -+ } - - fspec->flags_class = flags_class; - fspec->default_value = default_value; --- -1.8.3.1 - diff --git a/backport-gsettings-Fix-a-minor-memory-leak-when-getting-GSettingsAction-state.patch b/backport-gsettings-Fix-a-minor-memory-leak-when-getting-GSettingsAction-state.patch deleted file mode 100644 index 2c48db800353fb81bf7ecd6af30387de84ef05a9..0000000000000000000000000000000000000000 --- a/backport-gsettings-Fix-a-minor-memory-leak-when-getting-GSettingsAction-state.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 1cde07b9789ff3b58be4af4596065d4f6fc365f0 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Tue, 15 Dec 2020 10:54:41 +0000 -Subject: [PATCH] gsettings: Fix a minor memory leak when getting - GSettingsAction:state - -Signed-off-by: Philip Withnall - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/1cde07b9789ff3b58be4af4596065d4f6fc365f0 - ---- - gio/gsettings.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gio/gsettings.c b/gio/gsettings.c -index 4332ebe444..9a04a86309 100644 ---- a/gio/gsettings.c -+++ b/gio/gsettings.c -@@ -3296,7 +3296,7 @@ g_settings_action_get_property (GObject *object, guint prop_id, - break; - - case ACTION_PROP_STATE: -- g_value_set_variant (value, g_settings_action_get_state (action)); -+ g_value_take_variant (value, g_settings_action_get_state (action)); - break; - - default: diff --git a/backport-gsignal-Plug-g-signal-connect-object-leak.patch b/backport-gsignal-Plug-g-signal-connect-object-leak.patch deleted file mode 100644 index 9445a044da9ba8cb824219dd2459e54be7d3c209..0000000000000000000000000000000000000000 --- a/backport-gsignal-Plug-g-signal-connect-object-leak.patch +++ /dev/null @@ -1,39 +0,0 @@ -From d691c2ebd269e394457d6367db14cf2cc22bc281 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 13 Oct 2020 09:24:02 -0400 -Subject: [PATCH 0999/1095] gsignal: Plug g_signal_connect_object leak - -commit 916297be799ee001b4a214cc52c3b960bb0b5deb added a hash table -to provide constant time lookups of signal handlers. - -Unfortunately, that commit neglected to remove handlers from -g_signal_connect_object calls from the hash table that are -disconnected implicitly when the associated object goes away. - -This commit addresses that bug by changing the closure invalidate -handler associated with the signal connection to properly remove the -handler from the hash table. - -reason:Plug g_signal_connect_object leak - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/d691c2ebd269e394457d6367db14cf2cc22bc281 ---- - gobject/gsignal.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/gobject/gsignal.c b/gobject/gsignal.c -index ebf5b3c..41599eb 100644 ---- a/gobject/gsignal.c -+++ b/gobject/gsignal.c -@@ -3916,6 +3916,7 @@ invalid_closure_notify (gpointer instance, - g_assert (handler != NULL); - g_assert (handler->closure == closure); - -+ g_hash_table_remove (g_handlers, handler); - handler->sequential_number = 0; - handler->block_count = 1; - handler_unref_R (signal_id, instance, handler); --- -1.8.3.1 - diff --git a/backport-gsocketclient-Crash-on-error-if-error-is-missing.patch b/backport-gsocketclient-Crash-on-error-if-error-is-missing.patch deleted file mode 100644 index b73aebd451b017e01e68f1ad20fa9faaabb75105..0000000000000000000000000000000000000000 --- a/backport-gsocketclient-Crash-on-error-if-error-is-missing.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 14f7b5e590f6adc3207019227586d20848274654 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Mon, 5 Oct 2020 12:32:32 -0500 -Subject: [PATCH 0990/1095] gsocketclient: Crash on error if error is missing - -We should never return unknown errors to the application. This would be -a glib bug. - -I don't think it's currently possible to hit these cases, so asserts -should be OK. For this to happen, either (a) a GSocketAddressEnumerator -would have to return NULL on its first enumeration, without returning an -error, or (b) there would have to be a bug in our GSocketClient logic. -Either way, if such a bug were to exist, it would be better to surface -it rather than hide it. - -These changes are actually going to be effectively undone in a -subsequent commit, as I'm refactoring the error handling, but the commit -history is a bit nicer with two separate commits, so let's go with two. - -reason:Crash on error if error is missing - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/14f7b5e590f6adc3207019227586d20848274654 ---- - gio/gsocketclient.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/gio/gsocketclient.c b/gio/gsocketclient.c -index 9df8f29..fb68c09 100644 ---- a/gio/gsocketclient.c -+++ b/gio/gsocketclient.c -@@ -1053,8 +1053,9 @@ g_socket_client_connect (GSocketClient *client, - g_propagate_error (error, last_error); - } - else -- g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, -- _("Unknown error on connect")); -+ { -+ g_assert_not_reached (); -+ } - break; - } - -@@ -1879,10 +1880,9 @@ g_socket_client_enumerator_callback (GObject *object, - error = data->last_error; - data->last_error = NULL; - } -- else if (!error) -+ else - { -- g_set_error_literal (&error, G_IO_ERROR, G_IO_ERROR_FAILED, -- _("Unknown error on connect")); -+ g_assert (error); - } - - complete_connection_with_error (data, error); --- -1.8.3.1 - diff --git a/backport-gsocketclient-emit-RESOLVING-RESOLVED-events-only-once.patch b/backport-gsocketclient-emit-RESOLVING-RESOLVED-events-only-once.patch deleted file mode 100644 index e94d93699ca4545dd7d7dd631aea65d0926c5b8d..0000000000000000000000000000000000000000 --- a/backport-gsocketclient-emit-RESOLVING-RESOLVED-events-only-once.patch +++ /dev/null @@ -1,118 +0,0 @@ -From f0a7b147806e852e2090eeda6e4e38f7d3f52b52 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Tue, 6 Oct 2020 15:39:45 -0500 -Subject: [PATCH 0989/1095] gsocketclient: emit RESOLVING/RESOLVED events only - once - -GSocketAddressEnumerator encapsulates the details of how DNS happens, so -we don't have to think about it. But we may have taken encapsulation a -bit too far, here. Usually, we resolve a domain name to a list of IPv4 -and IPv6 addresses. Then we go through each address in the list and try -to connect to it. Name resolution happens exactly once, at the start. -It doesn't happen each time we enumerate the enumerator. In theory, it -*could*, because we've designed these APIs to be agnostic of underlying -implementation details like DNS and network protocols. But in practice, -we know that's not really what's happening. It's weird to say that we -are RESOLVING what we know to be the same name multiple times. Behind -the scenes, we're not doing that. - -This also fixes #1994, where enumeration can end with a RESOLVING event, -even though this is supposed to be the first event rather than the last. -I thought this would be hard to fix, even requiring new public API in -GSocketAddressEnumerator to peek ahead to see if the next enumeration is -going to return NULL. Then I decided we should just fake it: always emit -both RESOLVING and RESOLVED at the same time right after each -enumeration. Finally, I realized we can emit them at the correct time if -we simply assume resolving only happens the first time. This seems like -the most elegant of the possible solutions. - -Now, this is a behavior change, and arguably an API break, but it should -align better with reasonable expectations of how GSocketClientEvent -ought to work. I don't expect it to break anything besides tests that -check which order GSocketClientEvent events are emitted in. (Currently, -libsoup has such tests, which will need to be updated.) Ideally we would -have GLib-level tests as well, but in a concession to pragmatism, it's a -lot easier to keep network tests in libsoup. - -reason:emit RESOLVING/RESOLVED events only once - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/f0a7b147806e852e2090eeda6e4e38f7d3f52b52 ---- - gio/gsocketclient.c | 29 +++++++++++++++++++++-------- - 1 file changed, 21 insertions(+), 8 deletions(-) - -diff --git a/gio/gsocketclient.c b/gio/gsocketclient.c -index 8a663c3..9df8f29 100644 ---- a/gio/gsocketclient.c -+++ b/gio/gsocketclient.c -@@ -991,6 +991,7 @@ g_socket_client_connect (GSocketClient *client, - { - GIOStream *connection = NULL; - GSocketAddressEnumerator *enumerator = NULL; -+ gboolean ever_resolved = FALSE; - GError *last_error, *tmp_error; - - last_error = NULL; -@@ -1025,10 +1026,20 @@ g_socket_client_connect (GSocketClient *client, - } - - tmp_error = NULL; -- g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVING, -- connectable, NULL); -+ -+ if (!ever_resolved) -+ { -+ g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVING, -+ connectable, NULL); -+ } - address = g_socket_address_enumerator_next (enumerator, cancellable, - &tmp_error); -+ if (!ever_resolved) -+ { -+ g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVED, -+ connectable, NULL); -+ ever_resolved = TRUE; -+ } - - if (address == NULL) - { -@@ -1046,8 +1057,6 @@ g_socket_client_connect (GSocketClient *client, - _("Unknown error on connect")); - break; - } -- g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVED, -- connectable, NULL); - - using_proxy = (G_IS_PROXY_ADDRESS (address) && - client->priv->enable_proxy); -@@ -1509,7 +1518,8 @@ enumerator_next_async (GSocketClientAsyncConnectData *data, - if (add_task_ref) - g_object_ref (data->task); - -- g_socket_client_emit_event (data->client, G_SOCKET_CLIENT_RESOLVING, data->connectable, NULL); -+ if (!data->enumerated_at_least_once) -+ g_socket_client_emit_event (data->client, G_SOCKET_CLIENT_RESOLVING, data->connectable, NULL); - g_debug ("GSocketClient: Starting new address enumeration"); - g_socket_address_enumerator_next_async (data->enumerator, - data->enumeration_cancellable, -@@ -1883,10 +1893,13 @@ g_socket_client_enumerator_callback (GObject *object, - return; - } - -- data->enumerated_at_least_once = TRUE; - g_debug ("GSocketClient: Address enumeration succeeded"); -- g_socket_client_emit_event (data->client, G_SOCKET_CLIENT_RESOLVED, -- data->connectable, NULL); -+ if (!data->enumerated_at_least_once) -+ { -+ g_socket_client_emit_event (data->client, G_SOCKET_CLIENT_RESOLVED, -+ data->connectable, NULL); -+ data->enumerated_at_least_once = TRUE; -+ } - - g_clear_error (&data->last_error); - --- -1.8.3.1 - diff --git a/backport-gsocketclient-fix-crash-when-async-connectio-step-fails.patch b/backport-gsocketclient-fix-crash-when-async-connectio-step-fails.patch deleted file mode 100644 index 59b2460d5800ccad76a4633e74b18985a3d6b1bf..0000000000000000000000000000000000000000 --- a/backport-gsocketclient-fix-crash-when-async-connectio-step-fails.patch +++ /dev/null @@ -1,38 +0,0 @@ -From c2b8fa8a34765d42be69e7eb9a4c44eeb970f775 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Wed, 28 Oct 2020 10:41:13 -0500 -Subject: [PATCH 1035/1095] gsocketclient: fix crash when async connection step - fails - -This is a regression from !1686. The tmp_error is no longer valid after -it is "considered" and cannot be used at this point. We should print the -error earlier instead. - -Fixes #2233 - -reason:fix crash when async connection step fails - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/c2b8fa8a34765d42be69e7eb9a4c44eeb970f775 ---- - gio/gsocketclient.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gio/gsocketclient.c b/gio/gsocketclient.c -index ce3c186..3737746 100644 ---- a/gio/gsocketclient.c -+++ b/gio/gsocketclient.c -@@ -1837,9 +1837,9 @@ g_socket_client_connected_callback (GObject *source, - { - if (!g_cancellable_is_cancelled (attempt->cancellable)) - { -+ g_debug ("GSocketClient: Connection attempt failed: %s", data->error_info->tmp_error->message); - clarify_connect_error (data->error_info->tmp_error, data->connectable, attempt->address); - consider_tmp_error (data->error_info, G_SOCKET_CLIENT_CONNECTING); -- g_debug ("GSocketClient: Connection attempt failed: %s", data->error_info->tmp_error->message); - connection_attempt_remove (attempt); - connection_attempt_unref (attempt); - try_next_connection_or_finish (data, FALSE); --- -1.8.3.1 - diff --git a/backport-gsocketclient-return-best-errors-possible.patch b/backport-gsocketclient-return-best-errors-possible.patch deleted file mode 100644 index 0cf0e07d79c03d5b5f187681315de661eb004745..0000000000000000000000000000000000000000 --- a/backport-gsocketclient-return-best-errors-possible.patch +++ /dev/null @@ -1,520 +0,0 @@ -From b88b3712e0d4474ff55d3b94050285ea08580ddb Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Thu, 8 Oct 2020 18:02:56 -0500 -Subject: [PATCH 0991/1095] gsocketclient: return best errors possible - -Originally, GSocketClient returned whatever error occured last. Turns -out this doesn't work well in practice. Consider the following case: -DNS returns an IPv4 and IPv6 address. First we'll connect() to the -IPv4 address, and say that succeeds, but TLS is enabled and the TLS -handshake fails. Then we try the IPv6 address and receive ENETUNREACH -because IPv6 isn't supported. We wind up returning NETWORK_UNREACHABLE -even though the address can be pinged and a TLS error would be more -appropriate. So instead, we now try to return the error corresponding -to the latest attempted GSocketClientEvent in the connection process. -TLS errors take precedence over proxy errors, which take precedence -over connect() errors, which take precedence over DNS errors. - -In writing this commit, I made several mistakes that were caught by -proxy-test.c, which tests using GSocketClient to make a proxy -connection. So although adding a new test to ensure we get the -best-possible error would be awkward, at least we have some test -coverage for the code that helped avoid introducing bugs. - -Fixes #2211 - -reason:gsocketclient: return best errors possible - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/b88b3712e0d4474ff55d3b94050285ea08580ddb ---- - gio/gsocketclient.c | 209 ++++++++++++++++++++++++++++++++-------------------- - 1 file changed, 130 insertions(+), 79 deletions(-) - -diff --git a/gio/gsocketclient.c b/gio/gsocketclient.c -index fb68c09..ce3c186 100644 ---- a/gio/gsocketclient.c -+++ b/gio/gsocketclient.c -@@ -953,6 +953,72 @@ g_socket_client_emit_event (GSocketClient *client, - event, connectable, connection); - } - -+/* Originally, GSocketClient returned whatever error occured last. Turns -+ * out this doesn't work well in practice. Consider the following case: -+ * DNS returns an IPv4 and IPv6 address. First we'll connect() to the -+ * IPv4 address, and say that succeeds, but TLS is enabled and the TLS -+ * handshake fails. Then we try the IPv6 address and receive ENETUNREACH -+ * because IPv6 isn't supported. We wind up returning NETWORK_UNREACHABLE -+ * even though the address can be pinged and a TLS error would be more -+ * appropriate. So instead, we now try to return the error corresponding -+ * to the latest attempted GSocketClientEvent in the connection process. -+ * TLS errors take precedence over proxy errors, which take precedence -+ * over connect() errors, which take precedence over DNS errors. -+ * -+ * Note that the example above considers a sync codepath, but this is an -+ * issue for the async codepath too, where events and errors may occur -+ * in confusing orders. -+ */ -+typedef struct -+{ -+ GError *tmp_error; -+ GError *best_error; -+ GSocketClientEvent best_error_event; -+} SocketClientErrorInfo; -+ -+static SocketClientErrorInfo * -+socket_client_error_info_new (void) -+{ -+ return g_new0 (SocketClientErrorInfo, 1); -+} -+ -+static void -+socket_client_error_info_free (SocketClientErrorInfo *info) -+{ -+ g_assert (info->tmp_error == NULL); -+ g_clear_error (&info->best_error); -+ g_free (info); -+} -+ -+static void -+consider_tmp_error (SocketClientErrorInfo *info, -+ GSocketClientEvent event) -+{ -+ if (info->tmp_error == NULL) -+ return; -+ -+ /* If we ever add more GSocketClientEvents in the future, then we'll -+ * no longer be able to use >= for this comparison, because future -+ * events will compare greater than G_SOCKET_CLIENT_COMPLETE. Until -+ * then, this is convenient. Note G_SOCKET_CLIENT_RESOLVING is 0 so we -+ * need to use >= here or those errors would never be set. That means -+ * if we get two errors on the same GSocketClientEvent, we wind up -+ * preferring the last one, which is fine. -+ */ -+ g_assert (event <= G_SOCKET_CLIENT_COMPLETE); -+ if (event >= info->best_error_event) -+ { -+ g_clear_error (&info->best_error); -+ info->best_error = info->tmp_error; -+ info->tmp_error = NULL; -+ info->best_error_event = event; -+ } -+ else -+ { -+ g_clear_error (&info->tmp_error); -+ } -+} -+ - /** - * g_socket_client_connect: - * @client: a #GSocketClient. -@@ -991,10 +1057,10 @@ g_socket_client_connect (GSocketClient *client, - { - GIOStream *connection = NULL; - GSocketAddressEnumerator *enumerator = NULL; -+ SocketClientErrorInfo *error_info; - gboolean ever_resolved = FALSE; -- GError *last_error, *tmp_error; - -- last_error = NULL; -+ error_info = socket_client_error_info_new (); - - if (can_use_proxy (client)) - { -@@ -1019,21 +1085,19 @@ g_socket_client_connect (GSocketClient *client, - - if (g_cancellable_is_cancelled (cancellable)) - { -- g_clear_error (error); -- g_clear_error (&last_error); -- g_cancellable_set_error_if_cancelled (cancellable, error); -+ g_clear_error (&error_info->best_error); -+ g_cancellable_set_error_if_cancelled (cancellable, &error_info->best_error); - break; - } - -- tmp_error = NULL; -- - if (!ever_resolved) - { - g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVING, - connectable, NULL); - } - address = g_socket_address_enumerator_next (enumerator, cancellable, -- &tmp_error); -+ &error_info->tmp_error); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_RESOLVING); - if (!ever_resolved) - { - g_socket_client_emit_event (client, G_SOCKET_CLIENT_RESOLVED, -@@ -1043,29 +1107,16 @@ g_socket_client_connect (GSocketClient *client, - - if (address == NULL) - { -- if (tmp_error) -- { -- g_clear_error (&last_error); -- g_propagate_error (error, tmp_error); -- } -- else if (last_error) -- { -- g_propagate_error (error, last_error); -- } -- else -- { -- g_assert_not_reached (); -- } -+ /* Enumeration is finished. */ -+ g_assert (&error_info->best_error != NULL); - break; - } - - using_proxy = (G_IS_PROXY_ADDRESS (address) && - client->priv->enable_proxy); - -- /* clear error from previous attempt */ -- g_clear_error (&last_error); -- -- socket = create_socket (client, address, &last_error); -+ socket = create_socket (client, address, &error_info->tmp_error); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_CONNECTING); - if (socket == NULL) - { - g_object_unref (address); -@@ -1077,14 +1128,15 @@ g_socket_client_connect (GSocketClient *client, - g_socket_client_emit_event (client, G_SOCKET_CLIENT_CONNECTING, connectable, connection); - - if (g_socket_connection_connect (G_SOCKET_CONNECTION (connection), -- address, cancellable, &last_error)) -+ address, cancellable, &error_info->tmp_error)) - { - g_socket_connection_set_cached_remote_address ((GSocketConnection*)connection, NULL); - g_socket_client_emit_event (client, G_SOCKET_CLIENT_CONNECTED, connectable, connection); - } - else - { -- clarify_connect_error (last_error, connectable, address); -+ clarify_connect_error (error_info->tmp_error, connectable, address); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_CONNECTING); - g_object_unref (connection); - connection = NULL; - } -@@ -1105,9 +1157,10 @@ g_socket_client_connect (GSocketClient *client, - g_critical ("Trying to proxy over non-TCP connection, this is " - "most likely a bug in GLib IO library."); - -- g_set_error_literal (&last_error, -+ g_set_error_literal (&error_info->tmp_error, - G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, - _("Proxying over a non-TCP connection is not supported.")); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); - - g_object_unref (connection); - connection = NULL; -@@ -1125,7 +1178,9 @@ g_socket_client_connect (GSocketClient *client, - connection, - proxy_addr, - cancellable, -- &last_error); -+ &error_info->tmp_error); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); -+ - g_object_unref (connection); - connection = proxy_connection; - g_object_unref (proxy); -@@ -1135,9 +1190,10 @@ g_socket_client_connect (GSocketClient *client, - } - else - { -- g_set_error (&last_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, -+ g_set_error (&error_info->tmp_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, - _("Proxy protocol “%s” is not supported."), - protocol); -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); - g_object_unref (connection); - connection = NULL; - } -@@ -1147,7 +1203,7 @@ g_socket_client_connect (GSocketClient *client, - { - GIOStream *tlsconn; - -- tlsconn = g_tls_client_connection_new (connection, connectable, &last_error); -+ tlsconn = g_tls_client_connection_new (connection, connectable, &error_info->tmp_error); - g_object_unref (connection); - connection = tlsconn; - -@@ -1157,16 +1213,21 @@ g_socket_client_connect (GSocketClient *client, - client->priv->tls_validation_flags); - g_socket_client_emit_event (client, G_SOCKET_CLIENT_TLS_HANDSHAKING, connectable, connection); - if (g_tls_connection_handshake (G_TLS_CONNECTION (tlsconn), -- cancellable, &last_error)) -+ cancellable, &error_info->tmp_error)) - { - g_socket_client_emit_event (client, G_SOCKET_CLIENT_TLS_HANDSHAKED, connectable, connection); - } - else - { -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_TLS_HANDSHAKING); - g_object_unref (tlsconn); - connection = NULL; - } - } -+ else -+ { -+ consider_tmp_error (error_info, G_SOCKET_CLIENT_TLS_HANDSHAKING); -+ } - } - - if (connection && !G_IS_SOCKET_CONNECTION (connection)) -@@ -1183,6 +1244,10 @@ g_socket_client_connect (GSocketClient *client, - } - g_object_unref (enumerator); - -+ if (!connection) -+ g_propagate_error (error, g_steal_pointer (&error_info->best_error)); -+ socket_client_error_info_free (error_info); -+ - g_socket_client_emit_event (client, G_SOCKET_CLIENT_COMPLETE, connectable, connection); - return G_SOCKET_CONNECTION (connection); - } -@@ -1360,7 +1425,7 @@ typedef struct - - GSList *connection_attempts; - GSList *successful_connections; -- GError *last_error; -+ SocketClientErrorInfo *error_info; - - gboolean enumerated_at_least_once; - gboolean enumeration_completed; -@@ -1380,7 +1445,7 @@ g_socket_client_async_connect_data_free (GSocketClientAsyncConnectData *data) - g_slist_free_full (data->connection_attempts, connection_attempt_unref); - g_slist_free_full (data->successful_connections, connection_attempt_unref); - -- g_clear_error (&data->last_error); -+ g_clear_pointer (&data->error_info, socket_client_error_info_free); - - g_slice_free (GSocketClientAsyncConnectData, data); - } -@@ -1503,14 +1568,6 @@ g_socket_client_enumerator_callback (GObject *object, - gpointer user_data); - - static void --set_last_error (GSocketClientAsyncConnectData *data, -- GError *error) --{ -- g_clear_error (&data->last_error); -- data->last_error = error; --} -- --static void - enumerator_next_async (GSocketClientAsyncConnectData *data, - gboolean add_task_ref) - { -@@ -1540,7 +1597,7 @@ g_socket_client_tls_handshake_callback (GObject *object, - - if (g_tls_connection_handshake_finish (G_TLS_CONNECTION (object), - result, -- &data->last_error)) -+ &data->error_info->tmp_error)) - { - g_object_unref (attempt->connection); - attempt->connection = G_IO_STREAM (object); -@@ -1553,7 +1610,9 @@ g_socket_client_tls_handshake_callback (GObject *object, - { - g_object_unref (object); - connection_attempt_unref (attempt); -- g_debug ("GSocketClient: TLS handshake failed: %s", data->last_error->message); -+ -+ g_debug ("GSocketClient: TLS handshake failed: %s", data->error_info->tmp_error->message); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_TLS_HANDSHAKING); - try_next_connection_or_finish (data, TRUE); - } - } -@@ -1573,7 +1632,7 @@ g_socket_client_tls_handshake (ConnectionAttempt *attempt) - g_debug ("GSocketClient: Starting TLS handshake"); - tlsconn = g_tls_client_connection_new (attempt->connection, - data->connectable, -- &data->last_error); -+ &data->error_info->tmp_error); - if (tlsconn) - { - g_tls_client_connection_set_validation_flags (G_TLS_CLIENT_CONNECTION (tlsconn), -@@ -1588,6 +1647,8 @@ g_socket_client_tls_handshake (ConnectionAttempt *attempt) - else - { - connection_attempt_unref (attempt); -+ -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_TLS_HANDSHAKING); - try_next_connection_or_finish (data, TRUE); - } - } -@@ -1603,19 +1664,19 @@ g_socket_client_proxy_connect_callback (GObject *object, - g_object_unref (attempt->connection); - attempt->connection = g_proxy_connect_finish (G_PROXY (object), - result, -- &data->last_error); -+ &data->error_info->tmp_error); - if (attempt->connection) - { - g_socket_client_emit_event (data->client, G_SOCKET_CLIENT_PROXY_NEGOTIATED, data->connectable, attempt->connection); -+ g_socket_client_tls_handshake (attempt); - } - else - { - connection_attempt_unref (attempt); -+ -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); - try_next_connection_or_finish (data, TRUE); -- return; - } -- -- g_socket_client_tls_handshake (attempt); - } - - static void -@@ -1683,9 +1744,10 @@ try_next_successful_connection (GSocketClientAsyncConnectData *data) - g_critical ("Trying to proxy over non-TCP connection, this is " - "most likely a bug in GLib IO library."); - -- g_set_error_literal (&data->last_error, -+ g_set_error_literal (&data->error_info->tmp_error, - G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, - _("Proxying over a non-TCP connection is not supported.")); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); - } - else if (g_hash_table_contains (data->client->priv->app_proxies, protocol)) - { -@@ -1712,11 +1774,10 @@ try_next_successful_connection (GSocketClientAsyncConnectData *data) - } - else - { -- g_clear_error (&data->last_error); -- -- g_set_error (&data->last_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, -+ g_set_error (&data->error_info->tmp_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, - _("Proxy protocol “%s” is not supported."), - protocol); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_PROXY_NEGOTIATING); - } - - data->connection_in_progress = FALSE; -@@ -1747,7 +1808,7 @@ try_next_connection_or_finish (GSocketClientAsyncConnectData *data, - return; - } - -- complete_connection_with_error (data, data->last_error); -+ complete_connection_with_error (data, g_steal_pointer (&data->error_info->best_error)); - } - - static void -@@ -1757,7 +1818,6 @@ g_socket_client_connected_callback (GObject *source, - { - ConnectionAttempt *attempt = user_data; - GSocketClientAsyncConnectData *data = attempt->data; -- GError *error = NULL; - - if (task_completed_or_cancelled (data) || g_cancellable_is_cancelled (attempt->cancellable)) - { -@@ -1773,20 +1833,20 @@ g_socket_client_connected_callback (GObject *source, - } - - if (!g_socket_connection_connect_finish (G_SOCKET_CONNECTION (source), -- result, &error)) -+ result, &data->error_info->tmp_error)) - { - if (!g_cancellable_is_cancelled (attempt->cancellable)) - { -- clarify_connect_error (error, data->connectable, attempt->address); -- set_last_error (data, error); -- g_debug ("GSocketClient: Connection attempt failed: %s", error->message); -+ clarify_connect_error (data->error_info->tmp_error, data->connectable, attempt->address); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_CONNECTING); -+ g_debug ("GSocketClient: Connection attempt failed: %s", data->error_info->tmp_error->message); - connection_attempt_remove (attempt); - connection_attempt_unref (attempt); - try_next_connection_or_finish (data, FALSE); - } - else /* Silently ignore cancelled attempts */ - { -- g_clear_error (&error); -+ g_clear_error (&data->error_info->tmp_error); - g_object_unref (data->task); - connection_attempt_unref (attempt); - } -@@ -1844,7 +1904,6 @@ g_socket_client_enumerator_callback (GObject *object, - GSocketAddress *address = NULL; - GSocket *socket; - ConnectionAttempt *attempt; -- GError *error = NULL; - - if (task_completed_or_cancelled (data)) - { -@@ -1853,7 +1912,7 @@ g_socket_client_enumerator_callback (GObject *object, - } - - address = g_socket_address_enumerator_next_finish (data->enumerator, -- result, &error); -+ result, &data->error_info->tmp_error); - if (address == NULL) - { - if (G_UNLIKELY (data->enumeration_completed)) -@@ -1862,7 +1921,7 @@ g_socket_client_enumerator_callback (GObject *object, - data->enumeration_completed = TRUE; - g_debug ("GSocketClient: Address enumeration completed (out of addresses)"); - -- /* As per API docs: We only care about error if its the first call, -+ /* As per API docs: We only care about error if it's the first call, - after that the enumerator is done. - - Note that we don't care about cancellation errors because -@@ -1873,19 +1932,11 @@ g_socket_client_enumerator_callback (GObject *object, - if ((data->enumerated_at_least_once && !data->connection_attempts && !data->connection_in_progress) || - !data->enumerated_at_least_once) - { -- g_debug ("GSocketClient: Address enumeration failed: %s", error ? error->message : NULL); -- if (data->last_error) -- { -- g_clear_error (&error); -- error = data->last_error; -- data->last_error = NULL; -- } -- else -- { -- g_assert (error); -- } -- -- complete_connection_with_error (data, error); -+ g_debug ("GSocketClient: Address enumeration failed: %s", -+ data->error_info->tmp_error ? data->error_info->tmp_error->message : NULL); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_RESOLVING); -+ g_assert (data->error_info->best_error); -+ complete_connection_with_error (data, g_steal_pointer (&data->error_info->best_error)); - } - - /* Enumeration should never trigger again, drop our ref */ -@@ -1901,12 +1952,11 @@ g_socket_client_enumerator_callback (GObject *object, - data->enumerated_at_least_once = TRUE; - } - -- g_clear_error (&data->last_error); -- -- socket = create_socket (data->client, address, &data->last_error); -+ socket = create_socket (data->client, address, &data->error_info->tmp_error); - if (socket == NULL) - { - g_object_unref (address); -+ consider_tmp_error (data->error_info, G_SOCKET_CLIENT_CONNECTING); - enumerator_next_async (data, FALSE); - return; - } -@@ -1978,6 +2028,7 @@ g_socket_client_connect_async (GSocketClient *client, - data = g_slice_new0 (GSocketClientAsyncConnectData); - data->client = client; - data->connectable = g_object_ref (connectable); -+ data->error_info = socket_client_error_info_new (); - - if (can_use_proxy (client)) - { --- -1.8.3.1 - diff --git a/backport-gsocketclient-set-IP-BIND-ADDRESS-NO-PORT-if-binding.patch b/backport-gsocketclient-set-IP-BIND-ADDRESS-NO-PORT-if-binding.patch deleted file mode 100644 index 6832679488ee5510eadf883ad917c177d37c011d..0000000000000000000000000000000000000000 --- a/backport-gsocketclient-set-IP-BIND-ADDRESS-NO-PORT-if-binding.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 35bb69bc47fecdf54de887a0c29a0889b79663a1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= -Date: Wed, 29 Jul 2020 12:10:08 -0400 -Subject: [PATCH 0985/1095] gsocketclient: set IP_BIND_ADDRESS_NO_PORT if - binding to local address - -The linux kernel does not know that the socket will be used -for connect or listen and if you bind() to a local address it must -reserve a random port (if port == 0) at bind() time, making very easy -to exhaust the ~32k port range, setting IP_BIND_ADDRESS_NO_PORT tells -the kernel to choose random port at connect() time instead, when the -full 4-tuple is known. - -reason:gsocketclient: set IP_BIND_ADDRESS_NO_PORT if binding to local address - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/35bb69bc47fecdf54de887a0c29a0889b79663a1 ---- - gio/gsocketclient.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/gio/gsocketclient.c b/gio/gsocketclient.c -index c994330..ca01b68 100644 ---- a/gio/gsocketclient.c -+++ b/gio/gsocketclient.c -@@ -24,6 +24,10 @@ - #include "config.h" - #include "gsocketclient.h" - -+#ifndef G_OS_WIN32 -+#include -+#endif -+ - #include - #include - -@@ -39,6 +43,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -142,6 +147,10 @@ create_socket (GSocketClient *client, - - if (client->priv->local_address) - { -+#ifdef IP_BIND_ADDRESS_NO_PORT -+ g_socket_set_option (socket, IPPROTO_IP, IP_BIND_ADDRESS_NO_PORT, 1, NULL); -+#endif -+ - if (!g_socket_bind (socket, - client->priv->local_address, - FALSE, --- -1.8.3.1 - diff --git a/backport-gtestutils-Fix-a-minor-memory-leak.patch b/backport-gtestutils-Fix-a-minor-memory-leak.patch deleted file mode 100644 index 4ee4bc1c16a8747a5c0ba64270c610c0495bce18..0000000000000000000000000000000000000000 --- a/backport-gtestutils-Fix-a-minor-memory-leak.patch +++ /dev/null @@ -1,35 +0,0 @@ -From b639687b60fb0bd1e2addfa960c3532bf3ebf2a3 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Tue, 18 Aug 2020 09:33:06 +0100 -Subject: [PATCH 0861/1095] gtestutils: Fix a minor memory leak - -Coverity CID: #1430603 -Signed-off-by: Philip Withnall - -reason:gtestutils: Fix a minor memory leak - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/b639687b60fb0bd1e2addfa960c3532bf3ebf2a3 ---- - glib/gtestutils.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/glib/gtestutils.c b/glib/gtestutils.c -index 8ca995c..3b03e98 100644 ---- a/glib/gtestutils.c -+++ b/glib/gtestutils.c -@@ -1530,7 +1530,10 @@ void - - test_prgname = g_path_get_basename (g_get_prgname ()); - if (*test_prgname == '\0') -- test_prgname = g_strdup ("unknown"); -+ { -+ g_free (test_prgname); -+ test_prgname = g_strdup ("unknown"); -+ } - tmpl = g_strdup_printf ("test_%s_XXXXXX", test_prgname); - g_free (test_prgname); - --- -1.8.3.1 - diff --git a/backport-gthread-Destroy-value-after-replacing-it.patch b/backport-gthread-Destroy-value-after-replacing-it.patch deleted file mode 100644 index 0d65b4c0cda7c3c57fe2e4ba160a763183b08b85..0000000000000000000000000000000000000000 --- a/backport-gthread-Destroy-value-after-replacing-it.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 8c76bec77985be7f4c81a052ec649232341369f6 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 30 Sep 2020 16:16:11 +0100 -Subject: [PATCH] gthread: Destroy value after replacing it in - g_private_replace() -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -If the old value is destroyed before updating the TLS value in pthreads -(or the Windows equivalent) then there’s a risk of infinite recursion if -`g_private_replace()` is called from within the `GDestroyNotify`. - -Avoid that by destroying the old value after doing the TLS update. - -Thanks to Matthias Clasen for diagnosing the issue. - -Signed-off-by: Philip Withnall - -Fixes: #2210 - -reason:gtestutils: Destroy value after replacing it in g_private_replace() - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/8c76bec77985be7f4c81a052ec649232341369f6 ---- - glib/gthread-posix.c | 5 +++-- - glib/gthread-win32.c | 2 +- - 2 files changed, 4 insertions(+), 3 deletions(-) - -diff --git a/glib/gthread-posix.c b/glib/gthread-posix.c -index f360559..f09f58a 100644 ---- a/glib/gthread-posix.c -+++ b/glib/gthread-posix.c -@@ -1116,11 +1116,12 @@ g_private_replace (GPrivate *key, - gint status; - - old = pthread_getspecific (*impl); -- if (old && key->notify) -- key->notify (old); - - if G_UNLIKELY ((status = pthread_setspecific (*impl, value)) != 0) - g_thread_abort (status, "pthread_setspecific"); -+ -+ if (old && key->notify) -+ key->notify (old); - } - - /* {{{1 GThread */ -diff --git a/glib/gthread-win32.c b/glib/gthread-win32.c -index 54f74f2..0c37dc6 100644 ---- a/glib/gthread-win32.c -+++ b/glib/gthread-win32.c -@@ -373,9 +373,9 @@ g_private_replace (GPrivate *key, - gpointer old; - - old = TlsGetValue (impl); -+ TlsSetValue (impl, value); - if (old && key->notify) - key->notify (old); -- TlsSetValue (impl, value); - } - - /* {{{1 GThread */ --- -1.8.3.1 - diff --git a/backport-gvdb-builder-Initialise-some-memory-to-zero-in-the-bloom-filter.patch b/backport-gvdb-builder-Initialise-some-memory-to-zero-in-the-bloom-filter.patch deleted file mode 100644 index bf81e026ffae14c1232e62e33521089fc9d98d68..0000000000000000000000000000000000000000 --- a/backport-gvdb-builder-Initialise-some-memory-to-zero-in-the-bloom-filter.patch +++ /dev/null @@ -1,41 +0,0 @@ -From ea64c739239faea463f3cb9154a12cc4532ba525 Mon Sep 17 00:00:00 2001 -From: Philip Withnall -Date: Wed, 18 Mar 2020 09:15:59 +0000 -Subject: [PATCH 0506/1095] gvdb-builder: Initialise some memory to zero in the - bloom filter -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Until a bloom filter is implemented, we need to ensure that all the -memory returned by `file_builder_allocate()` is initialised, since it’s -not initialised at allocation time. - -Signed-off-by: Philip Withnall - -Fixes: #2 - -reason:Initialise some memory to zero in the bloom filter - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/ea64c739239faea463f3cb9154a12cc4532ba525 ---- - gio/gvdb/gvdb-builder.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/gio/gvdb/gvdb-builder.c b/gio/gvdb/gvdb-builder.c -index 2383e60..aa29d22 100644 ---- a/gio/gvdb/gvdb-builder.c -+++ b/gio/gvdb/gvdb-builder.c -@@ -339,6 +339,8 @@ file_builder_allocate_for_hash (FileBuilder *fb, - #undef chunk - - memset (*bloom_filter, 0, n_bloom_words * sizeof (guint32_le)); -+ memset (*hash_buckets, 0, n_buckets * sizeof (guint32_le)); -+ memset (*hash_items, 0, n_items * sizeof (struct gvdb_hash_item)); - - /* NOTE - the code to actually fill in the bloom filter here is missing. - * Patches welcome! --- -2.23.0 - diff --git a/backport-portal-Read-flatpak-info-in-thread-safe-fashion.patch b/backport-portal-Read-flatpak-info-in-thread-safe-fashion.patch deleted file mode 100644 index 80858571a02820e71199cd8136a11a9d9701c1ab..0000000000000000000000000000000000000000 --- a/backport-portal-Read-flatpak-info-in-thread-safe-fashion.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 4b3183435bc14daca21bced6d51ac81493649c11 Mon Sep 17 00:00:00 2001 -From: Will Thompson -Date: Mon, 13 Jul 2020 16:26:44 +0100 -Subject: [PATCH 0722/1095] portal: Read /.flatpak-info in thread-safe fashion - -There is no guarantee that this function would not be called -concurrently. Particularly since flatpak_info_read was set to TRUE -before /.flatpak-info is actually read from disk, there is a potential -race where a second thread would return default values for the various -flags set from that file. - -Fixes #2159 - -reason:Read /.flatpak-info in thread-safe fashion - -Conflict:NA -Reference:https://github.com/GNOME/glib/commit/4b3183435bc14daca21bced6d51ac81493649c11 ---- - gio/gportalsupport.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/gio/gportalsupport.c b/gio/gportalsupport.c -index b0a94b3..233f6af 100644 ---- a/gio/gportalsupport.c -+++ b/gio/gportalsupport.c -@@ -20,7 +20,6 @@ - - #include "gportalsupport.h" - --static gboolean flatpak_info_read; - static gboolean use_portal; - static gboolean network_available; - static gboolean dconf_access; -@@ -28,13 +27,12 @@ static gboolean dconf_access; - static void - read_flatpak_info (void) - { -+ static gsize flatpak_info_read = 0; - const gchar *path = "/.flatpak-info"; - -- if (flatpak_info_read) -+ if (!g_once_init_enter (&flatpak_info_read)) - return; - -- flatpak_info_read = TRUE; -- - if (g_file_test (path, G_FILE_TEST_EXISTS)) - { - GKeyFile *keyfile; -@@ -77,6 +75,8 @@ read_flatpak_info (void) - network_available = TRUE; - dconf_access = TRUE; - } -+ -+ g_once_init_leave (&flatpak_info_read, 1); - } - - gboolean --- -1.8.3.1 - diff --git a/fix-accidentally-delete-temp-file-within-dtrace.patch b/fix-accidentally-delete-temp-file-within-dtrace.patch deleted file mode 100644 index e3eea52b7b7cf9115edb4c6972865043029952ba..0000000000000000000000000000000000000000 --- a/fix-accidentally-delete-temp-file-within-dtrace.patch +++ /dev/null @@ -1,31 +0,0 @@ -From c89133504b600c653d56e56648764e49f5f127cc Mon Sep 17 00:00:00 2001 -From: hexiujun -Date: Mon, 2 Mar 2020 10:49:04 +0800 -Subject: [PATCH] fix accidentally delete temp file within dtrace - ---- - meson.build | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/meson.build b/meson.build -index d1551bd..4e56f06 100644 ---- a/meson.build -+++ b/meson.build -@@ -2066,12 +2066,12 @@ if want_dtrace - # FIXME: autotools build also passes -fPIC -DPIC but is it needed in this case? - dtrace_obj_gen = generator(dtrace, - output : '@BASENAME@.o', -- arguments : ['-G', '-s', '@INPUT@', '-o', '@OUTPUT@']) -+ arguments : ['-G', '-k', '-s', '@INPUT@', '-o', '@OUTPUT@']) - # FIXME: $(SED) -e "s,define STAP_HAS_SEMAPHORES 1,undef STAP_HAS_SEMAPHORES," - # -e "s,define _SDT_HAS_SEMAPHORES 1,undef _SDT_HAS_SEMAPHORES," - dtrace_hdr_gen = generator(dtrace, - output : '@BASENAME@.h', -- arguments : ['-h', '-s', '@INPUT@', '-o', '@OUTPUT@']) -+ arguments : ['-h', '-k', '-s', '@INPUT@', '-o', '@OUTPUT@']) - glib_conf.set('HAVE_DTRACE', 1) - enable_dtrace = true - endif --- -1.8.3.1 - diff --git a/glib-2.62.5.tar.xz b/glib-2.66.8.tar.xz similarity index 39% rename from glib-2.62.5.tar.xz rename to glib-2.66.8.tar.xz index f8ab5fa4fdd911c05262f16e9aa9e922a356afd9..967f3dfc0e89c66aa7f6846c05d8a49115795813 100644 Binary files a/glib-2.62.5.tar.xz and b/glib-2.66.8.tar.xz differ diff --git a/glib2.spec b/glib2.spec index 92efc86acc842cc64b1515e79dc0c5ca43bf6ad3..49e379986b2a60e1d4d3223244a7f18550b50875 100644 --- a/glib2.spec +++ b/glib2.spec @@ -1,58 +1,16 @@ Name: glib2 -Version: 2.62.5 -Release: 9 +Version: 2.66.8 +Release: 1 Summary: The core library that forms the basis for projects such as GTK+ and GNOME License: LGPLv2+ URL: http://www.gtk.org -Source0: http://download.gnome.org/sources/glib/2.62/glib-%{version}.tar.xz - -Patch9001: fix-accidentally-delete-temp-file-within-dtrace.patch -Patch6000: backport-CVE-2020-35457.patch -Patch6001: backport-glib-ensure-consistent-abort-on-OOM-with-g-vasprintf-its-callers.patch -Patch6002: backport-gparamspecs-Fix-type-class-leaks-on-error-handling-paths.patch -Patch6003: backport-glocalfileinfo-Fix-minor-leak-on-error-handling-path-for-xattrs.patch -Patch6004: backport-gbookmarkfile-Fix-a-minor-leak-on-an-error-path.patch -Patch6005: backport-gvdb-builder-Initialise-some-memory-to-zero-in-the-bloom-filter.patch -Patch6006: backport-gfileutils-Correct-operator-precedence-to-avoid-undefined-pointer-maths.patch -Patch6007: backport-glib-supp-Suppress-calloc-variant-of-g-get-charset.patch -Patch6008: backport-Fix-giomodule-cache-being-wrongly-considered-stale.patch -Patch6009: backport-glocalfileinfo-Correct-an-off-by-one-error-when-unescaping-hex.patch -Patch6010: backport-portal-Read-flatpak-info-in-thread-safe-fashion.patch -Patch6012: backport-gtestutils-Fix-a-minor-memory-leak.patch -Patch6013: backport-gthread-Destroy-value-after-replacing-it.patch -Patch6014: backport-gsocketclient-set-IP-BIND-ADDRESS-NO-PORT-if-binding.patch -Patch6015: backport-gsocketclient-emit-RESOLVING-RESOLVED-events-only-once.patch -Patch6016: backport-gsocketclient-Crash-on-error-if-error-is-missing.patch -Patch6017: backport-gsocketclient-return-best-errors-possible.patch -Patch6018: backport-gsignal-Plug-g-signal-connect-object-leak.patch -Patch6019: backport-Fix-the-6-days-until-the-end-of-the-month-bug.patch -Patch6020: backport-gsocketclient-fix-crash-when-async-connectio-step-fails.patch -Patch6021: backport-CVE-2021-27218.patch -Patch6022: backport-CVE-2021-27219.patch -Patch6023: backport-0001-CVE-2021-28153.patch -Patch6024: backport-0002-CVE-2021-28153.patch -Patch6025: backport-0003-CVE-2021-28153.patch -Patch6026: backport-0004-CVE-2021-28153.patch -Patch6027: backport-0005-CVE-2021-28153.patch -Patch6028: backport-Correct-memory-leaks-of-error-in-completion-case.patch -Patch6029: backport-gapplication-Fix-a-memory-leak.patch -Patch6030: backport-gdbusauth-fix-error-leak.patch -Patch6031: backport-gdbusobjectmanagerservice-fix-leak-in-error-path.patch -Patch6032: backport-gfileenumerator-fix-leak-in-error-path.patch -Patch6033: backport-gsettings-Fix-a-minor-memory-leak-when-getting-GSettingsAction-state.patch - -BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter -%ifnarch i686 -BUildRequires: gtk-doc -%endif +Source0: http://download.gnome.org/sources/glib/2.66/glib-%{version}.tar.xz + +BuildRequires: chrpath gcc gcc-c++ gettext gtk-doc perl-interpreter BUildRequires: glibc-devel libattr-devel libselinux-devel meson BuildRequires: systemtap-sdt-devel pkgconfig(libelf) pkgconfig(libffi) BuildRequires: pkgconfig(libpcre) pkgconfig(mount) pkgconfig(zlib) BuildRequires: python3-devel gamin-devel -Requires: %{name}-help -%ifarch i686 -BuildRequires: libxslt -%endif Provides: %{name}-fam = %{version}-%{release} Obsoletes: %{name}-fam < %{version}-%{release} @@ -79,7 +37,6 @@ Obsoletes: %{name}-tests < %{version}-%{release} %description devel Development and test files for the GLib library. -%ifnarch i686 %package help Summary: help document for the glib2 package Buildarch: noarch @@ -88,20 +45,14 @@ Obsoletes: %{name}-doc < %{version}-%{release} %description help help document for the glib2 package. -%endif %prep %autosetup -n glib-%{version} -p1 %build rm glib/pcre/*.[ch] -%meson --default-library=both -Ddtrace=true \ -%ifarch i686 - -Dman=false -Dgtk_doc=false \ -%else - -Dman=true -Dgtk_doc=true \ -%endif - -Dsystemtap=true -Dfam=true -Dinstalled_tests=true +%meson --default-library=both -Dman=true -Ddtrace=true \ + -Dsystemtap=true -Dgtk_doc=true -Dfam=true -Dinstalled_tests=true %meson_build @@ -119,16 +70,6 @@ mv %{buildroot}%{_bindir}/gio-querymodules %{buildroot}%{_bindir}/gio-querymodu touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache %find_lang glib20 -#remove rpath -chrpath -d %{buildroot}%{_libexecdir}/installed-tests/glib/gdbus-peer - -mkdir -p $RPM_BUILD_ROOT/etc/ld.so.conf.d -echo %{_libexecdir}/installed-tests/glib > $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.conf - -%ldconfig_scriptlets devel - - - %transfiletriggerin -- %{_libdir}/gio/modules gio-querymodules-%{__isa_bits} %{_libdir}/gio/modules &> /dev/null || : @@ -158,7 +99,6 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %{_datadir}/bash-completion/completions/gsettings %{_bindir}/gio -%{_bindir}/gio-launch-desktop %{_bindir}/gio-querymodules* %{_bindir}/glib-compile-schemas %{_bindir}/gsettings @@ -166,8 +106,6 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %{_bindir}/gapplication %files devel -%defattr(-,root,root) -%config(noreplace) /etc/ld.so.conf.d/* %{_libdir}/lib*.so %{_libdir}/glib-2.0 %{_libdir}/pkgconfig/* @@ -195,46 +133,44 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %{_bindir}/glib-compile-resources %{_bindir}/gresource %attr (0755, root, root) %{_bindir}/gtester-report -%ifarch i686 -%exclude %{_libexecdir}/installed-tests/glib/libgdbus-example-objectmanager.a -%exclude %{_datadir}/glib-2.0/codegen/__pycache__ -%exclude %{_datadir}/glib-2.0/gdb/__pycache__ -%exclude %{_datadir}/installed-tests/glib/static-link.test -%endif - -%ifnarch i686 + %files help %defattr(-,root,root) %{_mandir}/man1/* %doc %{_datadir}/gtk-doc/html/* -%endif %changelog -* Fri Jun 11 2021 hanhui - 2.62.5-9 -- round community patches - -* Sat Jun 05 2021 zhanzhimin - 2.62.5-8 -- fix yum/dnf problem - -* Tue Apr 13 2021 hanhui - 2.62.5-7 -- fix CVE-2021-28153 - -* Sat Mar 06 2021 hanhui - 2.62.5-6 -- fix CVE-2021-27219 - -* Wed Mar 03 2021 jinzhimin - 2.62.5-5 -- fix CVE-2021-27218 +* Mon Jul 5 2021 weijin deng - 2.66.8-1 +- Upgrade to 2.66.8 +- Update Version, Release +- Delete patch files, delete gio-launch-desktop(not exist in 2.66.8) +- Correct date, make it match weekday + +* Tue Apr 13 2021 hanhui - 2.62.5-5 +- Type:cve +- Id:CVE-2021-28153 +- SUG:NA +- DESC:fix CVE-2021-28153 -* Thu Feb 18 2021 jinzhimin - 2.62.5-4 -- round community patches +* Sat Mar 6 2021 hanhui - 2.62.5-4 +- Type:cve +- Id:CVE-2021-27219 +- SUG:NA +- DESC:fix CVE-2021-27219 -* Thu Feb 18 2021 jinzhimin - 2.62.5-3 -- add i686 options +* Mon Mar 1 2021 jinzhimin - 2.62.5-3 +- Type:cve +- Id:CVE-2021-27218 +- SUG:NA +- DESC:fix CVE-2021-27218 -* Thu Nov 5 2020 wangye - 2.62.5-2 -- add require for package +* Sat Feb 27 2021 zhujunhao - 2.62.5-2 +- Type:cve +- Id:CVE-2020-35457 +- SUG:NA +- DESC:fix CVE-2020-35457 -* Thu Apr 16 2020 hexiujun - 2.62.5-1 +* Tue Jul 21 2020 hanhui - 2.62.5-1 - Update to 2.62.5 * Mon Mar 2 2020 hexiujun - 2.62.1-4