[libgsf] openpkg: fix access of absolute relations
- From: Morten Welinder <mortenw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libgsf] openpkg: fix access of absolute relations
- Date: Sat, 6 Feb 2016 22:38:49 +0000 (UTC)
commit 4d66e257e0e16187d3e62600fe3555d0d0666190
Author: Morten Welinder <terra gnome org>
Date: Sat Feb 6 17:38:15 2016 -0500
openpkg: fix access of absolute relations
And plug a leak while we're at it.
ChangeLog | 8 ++++++++
NEWS | 4 ++++
gsf/gsf-libxml.c | 3 +++
gsf/gsf-open-pkg-utils.c | 6 ++++--
4 files changed, 19 insertions(+), 2 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 36ed09b..a3cb0f5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2016-02-06 Morten Welinder <terra gnome org>
+
+ * gsf/gsf-open-pkg-utils.c (gsf_open_pkg_open_rel): Move
+ parent-reffing to after we handle absolute references. Fixes
+ #761648.
+
+ * gsf/gsf-libxml.c (gsf_xml_in_doc_parse): Plug leak.
+
2016-02-06 Morten Welinder <terra gnome org>
* configure.ac: Post-release bump.
diff --git a/NEWS b/NEWS
index 4a6cbd6..7e35055 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
libgsf 1.14.36
+Morten:
+ * Plug leak
+ * Fix openpkg absolute member reference. [#761648]
+
--------------------------------------------------------------------------
libgsf 1.14.35
diff --git a/gsf/gsf-libxml.c b/gsf/gsf-libxml.c
index 6eee5a4..fc77c47 100644
--- a/gsf/gsf-libxml.c
+++ b/gsf/gsf-libxml.c
@@ -1339,6 +1339,9 @@ gsf_xml_in_doc_parse (GsfXMLInDoc *doc, GsfInput *input, gpointer user_state)
res = ctxt->wellFormed;
xmlFreeParserCtxt (ctxt);
+ if (state.pub.content)
+ g_string_free (state.pub.content, TRUE);
+
return res;
}
diff --git a/gsf/gsf-open-pkg-utils.c b/gsf/gsf-open-pkg-utils.c
index 3cfb76f..9e42daf 100644
--- a/gsf/gsf-open-pkg-utils.c
+++ b/gsf/gsf-open-pkg-utils.c
@@ -233,7 +233,6 @@ gsf_open_pkg_open_rel (GsfInput *opkg, GsfOpenPkgRel const *rel,
parent = gsf_input_name (opkg)
? gsf_input_container (opkg)
: GSF_INFILE (opkg);
- g_object_ref (parent);
target = rel->target;
if (target[0] == '/') {
@@ -249,6 +248,7 @@ gsf_open_pkg_open_rel (GsfInput *opkg, GsfOpenPkgRel const *rel,
}
}
+ g_object_ref (parent);
elems = g_strsplit (rel->target, "/", 0);
for (i = 0 ; elems[i] && NULL != parent ; i++) {
if (0 == strcmp (elems[i], ".") || '\0' == *elems[i])
@@ -262,8 +262,10 @@ gsf_open_pkg_open_rel (GsfInput *opkg, GsfOpenPkgRel const *rel,
/* check for attempt to gain access outside the zip file */
if (G_OBJECT_TYPE (parent) == G_OBJECT_TYPE (prev_parent))
g_object_ref (parent);
- else
+ else {
+ g_warning ("Broken file: relation access outside container\n");
parent = NULL;
+ }
}
} else {
res = gsf_infile_child_by_name (parent, elems[i]);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]