[glib/glib-2-66: 4/12] glib: Use g_memdup2() instead of g_memdup() in obvious places
- From: Philip Withnall <pwithnall src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib/glib-2-66: 4/12] glib: Use g_memdup2() instead of g_memdup() in obvious places
- Date: Thu, 4 Feb 2021 18:08:15 +0000 (UTC)
commit 0736b7c1e7cf4232c5d7eb2b0fbfe9be81bd3baa
Author: Philip Withnall <pwithnall endlessos org>
Date: Thu Feb 4 13:41:21 2021 +0000
glib: Use g_memdup2() instead of g_memdup() in obvious places
Convert all the call sites which use `g_memdup()`’s length argument
trivially (for example, by passing a `sizeof()` or an existing `gsize`
variable), so that they use `g_memdup2()` instead.
In almost all of these cases the use of `g_memdup()` would not have
caused problems, but it will soon be deprecated, so best port away from
it
In particular, this fixes an overflow within `g_bytes_new()`, identified
as GHSL-2021-045 by GHSL team member Kevin Backhouse.
Signed-off-by: Philip Withnall <pwithnall endlessos org>
Fixes: GHSL-2021-045
Helps: #2319
glib/gbytes.c | 6 ++++--
glib/gdir.c | 3 ++-
glib/ghash.c | 7 ++++---
glib/giochannel.c | 5 +++--
glib/gslice.c | 3 ++-
glib/gtestutils.c | 3 ++-
glib/gvariant.c | 7 ++++---
glib/gvarianttype.c | 3 ++-
glib/tests/array-test.c | 4 +++-
glib/tests/option-context.c | 6 ++++--
glib/tests/uri.c | 8 +++++---
11 files changed, 35 insertions(+), 20 deletions(-)
---
diff --git a/glib/gbytes.c b/glib/gbytes.c
index ec6923188..6f17d104c 100644
--- a/glib/gbytes.c
+++ b/glib/gbytes.c
@@ -34,6 +34,8 @@
#include <string.h>
+#include "gstrfuncsprivate.h"
+
/**
* GBytes:
*
@@ -95,7 +97,7 @@ g_bytes_new (gconstpointer data,
{
g_return_val_if_fail (data != NULL || size == 0, NULL);
- return g_bytes_new_take (g_memdup (data, size), size);
+ return g_bytes_new_take (g_memdup2 (data, size), size);
}
/**
@@ -499,7 +501,7 @@ g_bytes_unref_to_data (GBytes *bytes,
* Copy: Non g_malloc (or compatible) allocator, or static memory,
* so we have to copy, and then unref.
*/
- result = g_memdup (bytes->data, bytes->size);
+ result = g_memdup2 (bytes->data, bytes->size);
*size = bytes->size;
g_bytes_unref (bytes);
}
diff --git a/glib/gdir.c b/glib/gdir.c
index 6b85e99c8..6747a8c6f 100644
--- a/glib/gdir.c
+++ b/glib/gdir.c
@@ -37,6 +37,7 @@
#include "gconvert.h"
#include "gfileutils.h"
#include "gstrfuncs.h"
+#include "gstrfuncsprivate.h"
#include "gtestutils.h"
#include "glibintl.h"
@@ -112,7 +113,7 @@ g_dir_open_with_errno (const gchar *path,
return NULL;
#endif
- return g_memdup (&dir, sizeof dir);
+ return g_memdup2 (&dir, sizeof dir);
}
/**
diff --git a/glib/ghash.c b/glib/ghash.c
index 40a0fb2ca..f13df254d 100644
--- a/glib/ghash.c
+++ b/glib/ghash.c
@@ -34,6 +34,7 @@
#include "gmacros.h"
#include "glib-private.h"
#include "gstrfuncs.h"
+#include "gstrfuncsprivate.h"
#include "gatomic.h"
#include "gtestutils.h"
#include "gslice.h"
@@ -963,7 +964,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
if (hash_table->have_big_keys)
{
if (key != value)
- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size);
+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size);
/* Keys and values are both big now, so no need for further checks */
return;
}
@@ -971,7 +972,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
{
if (key != value)
{
- hash_table->values = g_memdup (hash_table->keys, sizeof (guint) * hash_table->size);
+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (guint) * hash_table->size);
is_a_set = FALSE;
}
}
@@ -999,7 +1000,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
/* Just split if necessary */
if (is_a_set && key != value)
- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size);
+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size);
#endif
}
diff --git a/glib/giochannel.c b/glib/giochannel.c
index d977b769e..c6a89d6e0 100644
--- a/glib/giochannel.c
+++ b/glib/giochannel.c
@@ -37,6 +37,7 @@
#include "giochannel.h"
#include "gstrfuncs.h"
+#include "gstrfuncsprivate.h"
#include "gtestutils.h"
#include "glibintl.h"
@@ -1673,10 +1674,10 @@ g_io_channel_read_line (GIOChannel *channel,
/* Copy the read bytes (including any embedded nuls) and nul-terminate.
* `USE_BUF (channel)->str` is guaranteed to be nul-terminated as it’s a
- * #GString, so it’s safe to call g_memdup() with +1 length to allocate
+ * #GString, so it’s safe to call g_memdup2() with +1 length to allocate
* a nul-terminator. */
g_assert (USE_BUF (channel));
- line = g_memdup (USE_BUF (channel)->str, got_length + 1);
+ line = g_memdup2 (USE_BUF (channel)->str, got_length + 1);
line[got_length] = '\0';
*str_return = g_steal_pointer (&line);
g_string_erase (USE_BUF (channel), 0, got_length);
diff --git a/glib/gslice.c b/glib/gslice.c
index 589619080..9a5eb8e52 100644
--- a/glib/gslice.c
+++ b/glib/gslice.c
@@ -41,6 +41,7 @@
#include "gmain.h"
#include "gmem.h" /* gslice.h */
#include "gstrfuncs.h"
+#include "gstrfuncsprivate.h"
#include "gutils.h"
#include "gtrashstack.h"
#include "gtestutils.h"
@@ -351,7 +352,7 @@ g_slice_get_config_state (GSliceConfig ckey,
array[i++] = allocator->contention_counters[address];
array[i++] = allocator_get_magazine_threshold (allocator, address);
*n_values = i;
- return g_memdup (array, sizeof (array[0]) * *n_values);
+ return g_memdup2 (array, sizeof (array[0]) * *n_values);
default:
return NULL;
}
diff --git a/glib/gtestutils.c b/glib/gtestutils.c
index 3b03e9831..58cd1b512 100644
--- a/glib/gtestutils.c
+++ b/glib/gtestutils.c
@@ -49,6 +49,7 @@
#include "gpattern.h"
#include "grand.h"
#include "gstrfuncs.h"
+#include "gstrfuncsprivate.h"
#include "gtimer.h"
#include "gslice.h"
#include "gspawn.h"
@@ -3825,7 +3826,7 @@ g_test_log_extract (GTestLogBuffer *tbuffer)
if (p <= tbuffer->data->str + mlength)
{
g_string_erase (tbuffer->data, 0, mlength);
- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg)));
+ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg)));
return TRUE;
}
diff --git a/glib/gvariant.c b/glib/gvariant.c
index 6b460d843..50fae546d 100644
--- a/glib/gvariant.c
+++ b/glib/gvariant.c
@@ -33,6 +33,7 @@
#include <string.h>
+#include "gstrfuncsprivate.h"
/**
* SECTION:gvariant
@@ -725,7 +726,7 @@ g_variant_new_variant (GVariant *value)
g_variant_ref_sink (value);
return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT,
- g_memdup (&value, sizeof value),
+ g_memdup2 (&value, sizeof value),
1, g_variant_is_trusted (value));
}
@@ -1229,7 +1230,7 @@ g_variant_new_fixed_array (const GVariantType *element_type,
return NULL;
}
- data = g_memdup (elements, n_elements * element_size);
+ data = g_memdup2 (elements, n_elements * element_size);
value = g_variant_new_from_data (array_type, data,
n_elements * element_size,
FALSE, g_free, data);
@@ -1912,7 +1913,7 @@ g_variant_dup_bytestring (GVariant *value,
if (length)
*length = size;
- return g_memdup (original, size + 1);
+ return g_memdup2 (original, size + 1);
}
/**
diff --git a/glib/gvarianttype.c b/glib/gvarianttype.c
index c46f1a2c6..585e29ab2 100644
--- a/glib/gvarianttype.c
+++ b/glib/gvarianttype.c
@@ -28,6 +28,7 @@
#include <string.h>
+#include "gstrfuncsprivate.h"
/**
* SECTION:gvarianttype
@@ -1181,7 +1182,7 @@ g_variant_type_new_tuple (const GVariantType * const *items,
g_assert (offset < sizeof buffer);
buffer[offset++] = ')';
- return (GVariantType *) g_memdup (buffer, offset);
+ return (GVariantType *) g_memdup2 (buffer, offset);
}
/**
diff --git a/glib/tests/array-test.c b/glib/tests/array-test.c
index e6d6059b1..9c27c51c9 100644
--- a/glib/tests/array-test.c
+++ b/glib/tests/array-test.c
@@ -29,6 +29,8 @@
#include <string.h>
#include "glib.h"
+#include "gstrfuncsprivate.h"
+
/* Test data to be passed to any function which calls g_array_new(), providing
* the parameters for that call. Most #GArray tests should be repeated for all
* possible values of #ArrayTestData. */
@@ -1933,7 +1935,7 @@ byte_array_new_take (void)
GByteArray *gbarray;
guint8 *data;
- data = g_memdup ("woooweeewow", 11);
+ data = g_memdup2 ("woooweeewow", 11);
gbarray = g_byte_array_new_take (data, 11);
g_assert (gbarray->data == data);
g_assert_cmpuint (gbarray->len, ==, 11);
diff --git a/glib/tests/option-context.c b/glib/tests/option-context.c
index 149d22353..88d2b80d1 100644
--- a/glib/tests/option-context.c
+++ b/glib/tests/option-context.c
@@ -27,6 +27,8 @@
#include <string.h>
#include <locale.h>
+#include "gstrfuncsprivate.h"
+
static GOptionEntry main_entries[] = {
{ "main-switch", 0, 0,
G_OPTION_ARG_NONE, NULL,
@@ -256,7 +258,7 @@ join_stringv (int argc, char **argv)
static char **
copy_stringv (char **argv, int argc)
{
- return g_memdup (argv, sizeof (char *) * (argc + 1));
+ return g_memdup2 (argv, sizeof (char *) * (argc + 1));
}
static void
@@ -2323,7 +2325,7 @@ test_group_parse (void)
g_option_context_add_group (context, group);
argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc);
- orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *));
+ orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *));
retval = g_option_context_parse (context, &argc, &argv, &error);
diff --git a/glib/tests/uri.c b/glib/tests/uri.c
index b8a0c6a47..c03669bd1 100644
--- a/glib/tests/uri.c
+++ b/glib/tests/uri.c
@@ -27,6 +27,8 @@
#include <string.h>
#include <stdlib.h>
+#include "gstrfuncsprivate.h"
+
typedef struct
{
char *filename;
@@ -409,7 +411,7 @@ test_uri_unescape_bytes (gconstpointer test_data)
else
{
escaped_len = strlen (tests[i].escaped); /* no trailing nul */
- escaped = g_memdup (tests[i].escaped, escaped_len);
+ escaped = g_memdup2 (tests[i].escaped, escaped_len);
}
bytes = g_uri_unescape_bytes (escaped, escaped_len, tests[i].illegal, &error);
@@ -1506,7 +1508,7 @@ test_uri_iter_params (gconstpointer test_data)
else
{
uri_len = strlen (params_tests[i].uri); /* no trailing nul */
- uri = g_memdup (params_tests[i].uri, uri_len);
+ uri = g_memdup2 (params_tests[i].uri, uri_len);
}
/* Run once without extracting the attr or value, just to check the numbers. */
@@ -1573,7 +1575,7 @@ test_uri_parse_params (gconstpointer test_data)
else
{
uri_len = strlen (params_tests[i].uri); /* no trailing nul */
- uri = g_memdup (params_tests[i].uri, uri_len);
+ uri = g_memdup2 (params_tests[i].uri, uri_len);
}
params = g_uri_parse_params (uri, uri_len, params_tests[i].separators, params_tests[i].flags, &err);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]