[gimp] libgimpbase: use g_try_new0() when allocating the parameters.

[Jehan <jehanp src gnome org>]

commit c059839e7800c16d6e23b56e4934fd652cd9a6da
Author: Jehan <jehan girinstud io>
Date:   Thu Aug 1 16:48:56 2019 +0200

    libgimpbase: use g_try_new0() when allocating the parameters.
    
    Basically the number of parameters comes from plug-ins which could write
    whatever crap on the wire. I had a case (playing with Python plug-ins)
    where GIMP tried to allocate insane amount of parameters. This is bad
    as it allows third-party plug-ins to crash GIMP core.
    
    Instead only *try* to allocate, then return as though there were no
    parameters if allocation fails. I also print some info on stderr, but
    don't output WARNING/CRITICAL (this is not a core error, but a plug-in
    error). Fixes:
    
    > GLib-ERROR **: 16:30:23.357: gmem.c:135: failed to allocate 187186442160 bytes

 libgimpbase/gimpprotocol.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)
---
diff --git a/libgimpbase/gimpprotocol.c b/libgimpbase/gimpprotocol.c
index e0979ecf47..c675e2de85 100644
--- a/libgimpbase/gimpprotocol.c
+++ b/libgimpbase/gimpprotocol.c
@@ -1599,7 +1599,21 @@ _gp_params_read (GIOChannel  *channel,
       return;
     }
 
-  *params = g_new0 (GPParam, *nparams);
+  *params = g_try_new0 (GPParam, *nparams);
+
+  /* We may read crap on the wire (and as a consequence try to allocate
+   * far too much), which would be a plug-in error.
+   */
+  if (*params == NULL)
+    {
+      /* Output on stderr but no WARNING/CRITICAL. This is likely a
+       * plug-in bug sending bogus data, not a core bug.
+       */
+      g_printerr ("%s: failed to allocate %u parameters\n",
+                  G_STRFUNC, *nparams);
+      *nparams = 0;
+      return;
+    }
 
   for (i = 0; i < *nparams; i++)
     {