[vala] gobject-introspection: Free allocated memory and fix format strings

[Jürg Billeter <juergbi src gnome org>]

commit 368d71448acad0546efbb203c08a093ec43611a4
Author: Tobias Mueller <tobiasmue gnome org>
Date:   Mon Apr 12 18:22:43 2010 +0100

    gobject-introspection: Free allocated memory and fix format strings
    
    g_markup_printf_escaped allocates memory which now is free()d. Also,
    move from g_string_append_printf to g_string_append because it has a
    clearer and easier semantic and is less error prone. In fact, this fixes
    potential format string vulnerabilties.
    
    Fixes bug 615552.

 gobject-introspection/gidlwriter.c |   31 ++++++++++++++++++-------------
 1 files changed, 18 insertions(+), 13 deletions(-)
---
diff --git a/gobject-introspection/gidlwriter.c b/gobject-introspection/gidlwriter.c
index cd6cbad..2c0cbaa 100644
--- a/gobject-introspection/gidlwriter.c
+++ b/gobject-introspection/gidlwriter.c
@@ -138,12 +138,14 @@ function_generate (GIdlWriter * writer, GIdlNodeFunction * node)
 			  "%s name=\"%s\"",
 			  tag_name, node->node.name);
 
-  if (node->node.type != G_IDL_NODE_CALLBACK)
-    g_string_append_printf (markup_s,
-			    g_markup_printf_escaped (" symbol=\"%s\"", node->symbol));
+  if (node->node.type != G_IDL_NODE_CALLBACK) {
+    gchar *tmp = g_markup_printf_escaped (" symbol=\"%s\"", node->symbol);
+    markup_s = g_string_append (markup_s, tmp);
+    g_free (tmp);
+  }
 
   if (node->deprecated)
-    g_string_append_printf (markup_s, " deprecated=\"1\"");
+    markup_s = g_string_append (markup_s, " deprecated=\"1\"");
 
   g_string_append (markup_s, ">\n");
 
@@ -388,18 +390,21 @@ enum_generate (GIdlWriter * writer, GIdlNodeEnum * node)
 			  "%s name=\"%s\"",
 			  tag_name, node->node.name);
 
-  if (node->gtype_name != NULL)
-    g_string_append_printf (markup_s,
-			    g_markup_printf_escaped (" type-name=\"%s\"", node->gtype_name));
-
-  if (node->gtype_init != NULL)
-    g_string_append_printf (markup_s,
-			    g_markup_printf_escaped (" get-type=\"%s\"", node->gtype_init));
+  if (node->gtype_name != NULL) {
+    gchar *tmp = g_markup_printf_escaped (" type-name=\"%s\"", node->gtype_name);
+    markup_s = g_string_append (markup_s, tmp);
+    g_free (tmp);
+  }
+  if (node->gtype_init != NULL) {
+    gchar *tmp = g_markup_printf_escaped (" get-type=\"%s\"", node->gtype_init);
+    markup_s = g_string_append (markup_s, tmp);
+    g_free(tmp);
+  }
 
   if (node->deprecated)
-    g_string_append_printf (markup_s, " deprecated=\"1\"");
+    markup_s = g_string_append (markup_s, " deprecated=\"1\"");
 
-  g_string_append (markup_s, ">\n");
+  markup_s = g_string_append (markup_s, ">\n");
 
   g_writer_write_indent (writer, markup_s->str);
   g_string_free (markup_s, TRUE);