Package: glib2.0 / 2.50.3-2+deb9u2
Metadata
Package | Version | Patches format |
---|---|---|
glib2.0 | 2.50.3-2+deb9u2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
01_gettext desktopfiles.patch | (download) |
glib/gkeyfile.c |
71 71 + 0 - 0 ! |
add some description |
02_gettext desktopfiles ubuntu.patch | (download) |
glib/gkeyfile.c |
20 20 + 0 - 0 ! |
provide backwards compatibility for 01_gettext-desktopfiles.patch for x-{debian,ubuntu}-gettext-domain # UbuntuSpecific: 01_gettext-desktopfiles.patch was changed to use X-GNOME-, so this is necessary until all our .desktop files are converted |
03_disble_glib_compile_schemas_warning.patch | (download) |
gio/glib-compile-schemas.c |
6 4 + 2 - 0 ! |
disable confusing (to users) warning about deprecated schema paths |
04_homedir_env.patch | (download) |
docs/reference/glib/running.xml |
18 18 + 0 - 0 ! |
handle the g_home environment variable to override the passwd entry This will allow to fix various kinds of build failures due to restricted build environments. |
06_thread_test_ignore_prctl_fail.patch | (download) |
glib/tests/thread.c |
6 4 + 2 - 0 ! |
do not fail the /thread/thread4 test if prctrl() fails. this happens on the debian buildds. |
07_disable_tests_on_slow_archs.patch | (download) |
gio/tests/gdbus-threading.c |
2 2 + 0 - 0 ! |
disable tests on slow architectures which keep failing the tests. |
61_glib compile binaries path.patch | (download) |
gio-2.0.pc.in |
4 2 + 2 - 0 ! |
adjust path to glib-compile-schemas in the pkg-config file This is because gio-querymodules and glib-compile-schemas have been put in a private, versioned directory in libglib2.0-0 to avoid a dependency loop. |
90_gio modules multiarch compat.patch | (download) |
gio/giomodule.c |
3 3 + 0 - 0 ! |
gio: add fallback directory for pre-multiarch compatibility Date: Sat, 16 Jul 2011 13:12:48 -0700 |
skip brokwn dbus appinfo test.patch | (download) |
gio/tests/Makefile.am |
1 0 + 1 - 0 ! |
the dbus-appinfo test hangs in a build environment (with no x server) |
Do not attempt to autolaunch a session dbus daemon w.patch | (download) |
gio/gdbusaddress.c |
7 7 + 0 - 0 ! |
[patch] do not attempt to autolaunch a session dbus-daemon with no DISPLAY The two known use-cases for autolaunching are: * X-forwarding: "ssh -Y myhost myapp" resulting in a session bus on myhost but an X server on the original host * Legacy desktop environments on OSs without D-Bus integration: e.g. running a single GNOME or KDE app under fvwm or something, without a session dbus-daemon being started by either systemd, gnome-session, or OS integration scripts analogous to Debian's /etc/X11/Xsession.d/75dbus_dbus-launch In either case, an X11 DISPLAY is also needed. "dbus-launch --autolaunch" doesn't do anything useful when unable to connect to an X11 display; this has been the case since the feature was added in 2006, and is useful to avoid "split brain" situations in which two processes that ought to be part of the same session end up on separate session buses. Since dbus commit 407c111 in 2011, libdbus hasn't even attempted to run "dbus-launch --autolaunch" unless getenv("DISPLAY") returns non-null in the parent: this avoids doing a relatively complicated fork-and-exec that is clearly not going to lead to success. This commit gives GDBus the same policy. In Debian, I've encountered GLib test failures in gio/tests/gapplication.c which appear to be related to the fork-and-exec for dbus-launch (Debian bug #737380). Specifically, one test-case ends by calling g_test_dbus_unset(), and the next test-case tries to access the session bus with DBUS_SESSION_BUS_ADDRESS unset, resulting in an attempt to autolaunch. Checking for DISPLAY avoids this attempt to autolaunch, since g_test_dbus_unset() also unsets DISPLAY. It seems likely that there is some orthogonal bug here, perhaps involving g_spawn_sync() in the GDBus thread racing with g_spawn_async_with_pipes() in the main thread, but GApplication is probably not the ideal place to debug that. In my opinion as D-Bus maintainer, "dbus-launch --autolaunch" should be considered to be an X11 feature, and any future D-Bus enhancements (e.g. kdbus) or successors for X11 (e.g. Wayland, Mir) should obtain a session bus address by other means - either a session manager such as "systemd --user", gnome-session or Upstart, or a wrapper for the user session like dbus-run-session(1). Related to dbus bug <https://bugs.freedesktop.org/show_bug.cgi?id=19997>. Bug: https://bugzilla.gnome.org/show_bug.cgi?id=723506 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737380 |
81 skip monitor test on non linux.patch | (download) |
gio/tests/monitor.c |
2 2 + 0 - 0 ! |
skip the monitor test on non-linux as it currently hangs |
0001 timer test use volatile for locals.patch | (download) |
glib/tests/timer.c |
4 2 + 2 - 0 ! |
[patch] timer test: use 'volatile' for locals GCC seems to be failing to follow the letter of the C spec by allowing extra precision in floating point values to persist across assignments which are optimised away. Force its hand by using 'volatile' on the locals in question. https://bugzilla.gnome.org/show_bug.cgi?id=722604 |
skip broken timer test.patch | (download) |
glib/tests/timer.c |
2 1 + 1 - 0 ! |
skip test which performs some unreliable floating point comparisons |
0001 Fix trashing on overlayfs.patch | (download) |
gio/glocalfile.c |
20 19 + 1 - 0 ! |
[patch] fix trashing on overlayfs In order to determine whether to trash a file to the home directory, we compare its st_dev to our home directory's st_dev field. This is the wrong thing to do on overlayfs when deleting files, because st_dev contains the ID of the filesystem providing the file (which can be the lower or upper filesystem), but directories always return the ID of the overlayfs. Thus the comparison fails and we are unable to trash the file. Fix this by checking st_dev of the parent directory when we are deleting a file. |
tests gdatetime Use a real rather than invented time.patch | (download) |
glib/tests/gdatetime.c |
12 6 + 6 - 0 ! |
[patch] tests/gdatetime: use a real rather than invented timezone The tzdata maintainers had previously invented abbreviations for timezones. As of their 2017a release, the one we were testing ("BRT") has been dropped. Switch to testing PST, which is a real timezone abbreviation. https://bugzilla.gnome.org/show_bug.cgi?id=779799 (cherry picked from commit ec02a1875f29ecb8e46c0d8c1403cd00a0b3a9e4) |
gfile Limit access to files when copying.patch | (download) |
gio/gfile.c |
11 6 + 5 - 0 ! |
gfile: limit access to files when copying file_copy_fallback creates new files with default permissions and set the correct permissions after the operation is finished. This might cause that the files can be accessible by more users during the operation than expected. Use G_FILE_CREATE_PRIVATE for the new files to limit access to those files. Bug: https://gitlab.gnome.org/GNOME/glib/merge_requests/876 Bug-CVE: CVE-2019-12450 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929753 |
keyfile settings Use tighter permissions.patch | (download) |
gio/gkeyfilesettingsbackend.c |
8 6 + 2 - 0 ! |
keyfile settings: use tighter permissions When creating directories, create them with 700 permissions, instead of 777. Bug: https://gitlab.gnome.org/GNOME/glib/issues/1658 |
gmarkup Fix unvalidated UTF 8 read in markup parsing erro.patch | (download) |
glib/gmarkup.c |
14 13 + 1 - 0 ! |
gmarkup: fix unvalidated utf-8 read in markup parsing error paths MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit When formatting the error messages for markup parsing errors, the parser was unconditionally reading a UTF-8 character from the input buffer but the buffer might end with a partial code sequence, resulting in reading off the end of the buffer by up to three bytes. Fix this and add a test case, courtesy of pdknsk. Signed-off-by: Philip Withnall <withnall@endlessm.com> Bug: https://gitlab.gnome.org/GNOME/glib/issues/1361 Bug: https://gitlab.gnome.org/GNOME/glib/issues/1462 |
gmarkup Avoid reading off the end of a buffer when non nu.patch | (download) |
glib/gmarkup.c |
30 20 + 10 - 0 ! |
gmarkup: avoid reading off the end of a buffer when non-nul-terminated When extracting a UTF-8 character to put in an error message on parse failure, pass the remaining buffer length to utf8_str() to avoid it running off the end of the input buffer. It previously assumed that the buffer was nul-terminated, which was the case in all the tests until now. A following commit will add test coverage for this. Signed-off-by: Philip Withnall <withnall@endlessm.com> (cherry picked from commit 8cfe53f081f8147cd3c36aebf64c635e04d3ab09) |
gmarkup Fix crash in error handling path for closing elem.patch | (download) |
glib/gmarkup.c |
11 8 + 3 - 0 ! |
gmarkup: fix crash in error handling path for closing elements MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit If something which looks like a closing tag is left unfinished, but isnt paired to an opening tag in the document, the error handling code would do a null pointer dereference. Avoid that, at the cost of introducing a new translatable error message. Includes a test case, courtesy of pdknsk. Signed-off-by: Philip Withnall <withnall@endlessm.com> Bug: https://gitlab.gnome.org/GNOME/glib/issues/1364 Bug: https://gitlab.gnome.org/GNOME/glib/issues/1461 |
credentials Invalid Linux struct ucred means no informati.patch | (download) |
gio/gcredentials.c |
42 39 + 3 - 0 ! |
credentials: invalid linux struct ucred means "no information" On Linux, if getsockopt SO_PEERCRED is used on a TCP socket, one might expect it to fail with an appropriate error like ENOTSUP or EPROTONOSUPPORT. However, it appears that in fact it succeeds, but yields a credentials structure with pid 0, uid -1 and gid -1. These are not real process, user and group IDs that can be allocated to a real process (pid 0 needs to be reserved to give kill(0) its documented special semantics, and similarly uid and gid -1 need to be reserved for setresuid() and setresgid()) so it is not meaningful to signal them to high-level API users. An API user with Linux-specific knowledge can still inspect these fields via g_credentials_get_native() if desired. Similarly, if SO_PASSCRED is used to receive a SCM_CREDENTIALS message on a receiving Unix socket, but the sending socket had not enabled SO_PASSCRED at the time that the message was sent, it is possible for it to succeed but yield a credentials structure with pid 0, uid /proc/sys/kernel/overflowuid and gid /proc/sys/kernel/overflowgid. Even if we were to read those pseudo-files, we cannot distinguish between the overflow IDs and a real process that legitimately has the same IDs (typically they are set to 'nobody' and 'nogroup', which can be used by a real process), so we detect this situation by noticing that pid == 0, and to save syscalls we do not read the overflow IDs from /proc at all. This results in a small API change: g_credentials_is_same_user() now returns FALSE if we compare two credentials structures that are both invalid. This seems like reasonable, conservative behaviour: if we cannot prove that they are the same user, we should assume they are not. [Philip Withnall: Dropped new translatable string when backporting to `glib-2-62`.] Signed-off-by: Simon McVittie <smcv@collabora.com> |
GDBus prefer getsockopt style credentials passing APIs.patch | (download) |
gio/gcredentialsprivate.h |
18 18 + 0 - 0 ! |
gdbus: prefer getsockopt()-style credentials-passing apis Conceptually, a D-Bus server is really trying to determine the credentials of (the process that initiated) a connection, not the credentials that the process had when it sent a particular message. Ideally, it does this with a getsockopt()-style API that queries the credentials of the connection's initiator without requiring any particular cooperation from that process, avoiding a class of possible failures. The leading '\0' in the D-Bus protocol is primarily a workaround for platforms where the message-based credentials-passing API is strictly better than the getsockopt()-style API (for example, on FreeBSD, SCM_CREDS includes a process ID but getpeereid() does not), or where the getsockopt()-style API does not exist at all. As a result libdbus, the reference implementation of D-Bus, does not implement Linux SCM_CREDENTIALS at all - it has no reason to do so, because the SO_PEERCRED socket option is equally informative. This change makes GDBusServer on Linux more closely match the behaviour of libdbus. In particular, GNOME/glib#1831 indicates that when a libdbus client connects to a GDBus server, recvmsg() sometimes yields a SCM_CREDENTIALS message with cmsg_data={pid=0, uid=65534, gid=65534}. I think this is most likely a race condition in the early steps to connect: client server connect accept send '\0' <- race -> set SO_PASSCRED = 1 receive '\0' If the server wins the race: client server connect accept set SO_PASSCRED = 1 send '\0' receive '\0' then everything is fine. However, if the client wins the race: client server connect accept send '\0' set SO_PASSCRED = 1 receive '\0' then the kernel does not record credentials for the message containing '\0' (because SO_PASSCRED was 0 at the time). However, by the time the server receives the message, the kernel knows that credentials are desired. I would have expected the kernel to omit the credentials header in this case, but it seems that instead, it synthesizes a credentials structure with a dummy process ID 0, a dummy uid derived from /proc/sys/kernel/overflowuid and a dummy gid derived from /proc/sys/kernel/overflowgid. In an unconfigured GDBusServer, hitting this race condition results in falling back to DBUS_COOKIE_SHA1 authentication, which in practice usually succeeds in authenticating the peer's uid. However, we encourage AF_UNIX servers on Unix platforms to allow only EXTERNAL authentication as a security-hardening measure, because DBUS_COOKIE_SHA1 relies on a series of assumptions including a cryptographically strong PRNG and a shared home directory with no write access by others, which are not necessarily true for all operating systems and users. EXTERNAL authentication will fail if the server cannot determine the client's credentials. In particular, this caused a regression when CVE-2019-14822 was fixed in ibus, which appears to be resolved by this commit. Qt clients (which use libdbus) intermittently fail to connect to an ibus server (which uses GDBusServer), because ibus no longer allows DBUS_COOKIE_SHA1 authentication or non-matching uids. Signed-off-by: Simon McVittie <smcv@collabora.com> Bug: https://gitlab.gnome.org/GNOME/glib/issues/1831 |