mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-18 05:38:34 -04:00
Code Issues Packages Projects Releases Wiki Activity

Replace calls to g_memdup() with g_memdup2()

Browse Source 
g_memdup() is subject to an integer overflow on 64-bit machines if the
object being copied is larger than UINT_MAX bytes. I suspect none of
these objects can actually be that large in practice, but it's easier
to replace all the calls than it is to assess whether we need to
replace them.

A backport in libglnx is used on systems where GLib is older than 2.68.x.

Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie
2022-10-28 11:54:36 +01:00
committed by Simon McVittie
parent 7a144248f2
commit 1eed25617c
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/flatpak-builtins-build-commit-from.c
View File

@@ -129,7 +129,7 @@ static GVariant *
new_bytearray (const guchar *data,
gsize len)
{
gpointer data_copy = g_memdup (data, len);
gpointer data_copy = g_memdup2 (data, len);
GVariant *ret = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), data_copy,
len, FALSE, g_free, data_copy);

4
app/flatpak-complete.c
View File

@@ -555,8 +555,8 @@ parse_completion_line_to_argv (const char *initial_completion_line,
/* Make a shallow copy of argv, which will be our "working set" */
completion->argc = completion->original_argc;
completion->argv = g_memdup (completion->original_argv,
sizeof (gchar *) * (completion->original_argc + 1));
completion->argv = g_memdup2 (completion->original_argv,
sizeof (gchar *) * (completion->original_argc + 1));
return parse_result;
}

2
common/flatpak-dir.c
View File

@@ -13002,7 +13002,7 @@ populate_hash_table_from_refs_map (GHashTable *ret_all_refs,
continue; /* New timestamp is older, skip this commit */
}
new_timestamp = g_memdup (&timestamp, sizeof (guint64));
new_timestamp = g_memdup2 (&timestamp, sizeof (guint64));
}
g_hash_table_replace (ret_all_refs, g_steal_pointer (&decomposed), ostree_checksum_from_bytes (csum_bytes));

2
common/flatpak-utils.c
View File

@@ -3662,7 +3662,7 @@ _ostree_repo_static_delta_superblock_digest (OstreeRepo *repo,
g_checksum_get_digest (checksum, digest, &len);
return g_variant_new_from_data (G_VARIANT_TYPE ("ay"),
g_memdup (digest, len), len,
g_memdup2 (digest, len), len,
FALSE, g_free, FALSE);
}