[glib] GVariant: validate that passed string is UTF-8
- From: David Zeuthen <davidz src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib] GVariant: validate that passed string is UTF-8
- Date: Tue, 3 Aug 2010 17:39:46 +0000 (UTC)
commit 5e6f762d61db1a5c64bd1d33e5ba112755106581
Author: David Zeuthen <davidz redhat com>
Date: Tue Aug 3 13:33:03 2010 -0400
GVariant: validate that passed string is UTF-8
As discussed with Ryan on IRC.
This check is crucial because it guarantees that
g_variant_get_string() will _always_ return valid UTF-8. Except in
cases where the programmer used unsafe API such as
g_variant_new_from_data() and setting @trusted to TRUE.
In fact, this check revealed a flaw in my polkit gdbus port
(lt-polkitd:11632): GLib-CRITICAL **: g_variant_new_string: assertion
`g_utf8_validate (string, len, NULL)' failed
and with this I could easily find the problem by using gdb(1) and
G_DBUS=fatal-warnings.
Without this check we'd pass the non-UTF8 string all the way to the
message bus and the bus would then disconnect us. So instead I was
seeing
g_dbus_connection_real_closed: Remote peer vanished with error:
Underlying GIOStream returned 0 bytes on an async read
(g-io-error-quark, 0). Exiting.
and then SIGTERM as raised by g_dbus_connection_real_closed() and my
polkitd process would exit. This behavior is much harder to debug than
failing early (as this patch implements).
Signed-off-by: David Zeuthen <davidz redhat com>
glib/gvariant.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
---
diff --git a/glib/gvariant.c b/glib/gvariant.c
index a259195..ab42d2c 100644
--- a/glib/gvariant.c
+++ b/glib/gvariant.c
@@ -971,6 +971,7 @@ GVariant *
g_variant_new_string (const gchar *string)
{
g_return_val_if_fail (string != NULL, NULL);
+ g_return_val_if_fail (g_utf8_validate (string, -1, NULL), NULL);
return g_variant_new_from_trusted (G_VARIANT_TYPE_STRING,
string, strlen (string) + 1);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]