From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Liliana Marie Prikler <liliana.prikler@gmail.com>
Cc: rg@raghavgururajan.name, 62467@debbugs.gnu.org
Subject: [bug#62467] [PATCH gnome-team v2 09/12] gnu: gtk+-2: Fix build by hardening list store.
Date: Sat, 08 Apr 2023 15:47:07 -0400 [thread overview]
Message-ID: <87fs9aqhqc.fsf@gmail.com> (raw)
In-Reply-To: <09b3598cb0fb0acd211dd59fc10686188b941d8e.camel@gmail.com> (Liliana Marie Prikler's message of "Thu, 30 Mar 2023 20:41:59 +0200")
Hi,
Liliana Marie Prikler <liliana.prikler@gmail.com> writes:
> * gnu/packages/patches/gtk2-harden-list-store.patch: New file.
> * gnu/packages/gtk.scm (gtk+-2)[patches]: Add it here.
> * gnu/local.mk (dist_patch_DATA): Register it here.
> ---
> gnu/local.mk | 1 +
> gnu/packages/gtk.scm | 1 +
> .../patches/gtk2-harden-list-store.patch | 42 +++++++++++++++++++
> 3 files changed, 44 insertions(+)
> create mode 100644 gnu/packages/patches/gtk2-harden-list-store.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 3e94281ccf..31456c5be8 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -1303,6 +1303,7 @@ dist_patch_DATA = \
> %D%/packages/patches/guile-rsvg-pkgconfig.patch \
> %D%/packages/patches/guile-emacs-fix-configure.patch \
> %D%/packages/patches/gtk2-fix-builder-test.patch \
> + %D%/packages/patches/gtk2-harden-list-store.patch \
> %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \
> %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \
> %D%/packages/patches/gtk2-theme-paths.patch \
> diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
> index c756f39e24..196d767160 100644
> --- a/gnu/packages/gtk.scm
> +++ b/gnu/packages/gtk.scm
> @@ -1014,6 +1014,7 @@ (define-public gtk+-2
> "1nn6kks1zyvb5xikr9y2k7r9bwjy1g4b0m0s66532bclymbwfamc"))
> (patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"
> "gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch"
> + "gtk2-harden-list-store.patch"
> "gtk2-theme-paths.patch"
> "gtk2-fix-builder-test.patch"))))
> (build-system gnu-build-system)
> diff --git a/gnu/packages/patches/gtk2-harden-list-store.patch b/gnu/packages/patches/gtk2-harden-list-store.patch
> new file mode 100644
> index 0000000000..b107ba2bcc
> --- /dev/null
> +++ b/gnu/packages/patches/gtk2-harden-list-store.patch
> @@ -0,0 +1,42 @@
> +Mimic the implemenetation in gtk+-3.
Typo: implementation.
I'd like to see a bit more metadata in this patch; is it original work,
or was it retrieved from another distribution such as Debian? It
probably exists elsewhere, if GTK2 can't be built anymore otherwise?
Does upstream still maintain GTK2, or is it completely abandoned?
> +
> +Index: gtk+-2.24.33/gtk/gtkliststore.c
> +===================================================================
> +--- gtk+-2.24.33.orig/gtk/gtkliststore.c
> ++++ gtk+-2.24.33/gtk/gtkliststore.c
> +@@ -1195,16 +1195,31 @@ gboolean
> + gtk_list_store_iter_is_valid (GtkListStore *list_store,
> + GtkTreeIter *iter)
> + {
> ++ GSequenceIter *seq_iter;
> ++
> + g_return_val_if_fail (GTK_IS_LIST_STORE (list_store), FALSE);
> + g_return_val_if_fail (iter != NULL, FALSE);
> +
> +- if (!VALID_ITER (iter, list_store))
> +- return FALSE;
> ++ /* can't use VALID_ITER() here, because iter might point
> ++ * to random memory.
> ++ *
> ++ * We MUST NOT dereference it.
> ++ */
> +
> +- if (g_sequence_iter_get_sequence (iter->user_data) != list_store->seq)
> ++ if (iter == NULL ||
> ++ iter->user_data == NULL ||
> ++ list_store->stamp != iter->stamp)
> + return FALSE;
> +
> +- return TRUE;
> ++ for (seq_iter = g_sequence_get_begin_iter (list_store->seq);
> ++ !g_sequence_iter_is_end (seq_iter);
> ++ seq_iter = g_sequence_iter_next (seq_iter))
> ++ {
> ++ if (seq_iter == iter->user_data)
> ++ return TRUE;
> ++ }
> ++
> ++ return FALSE;
> + }
> +
> + static gboolean real_gtk_list_store_row_draggable (GtkTreeDragSource *drag_source,
I don't know my way much in this code base, but the above looks
reasonable to me, especially if it was mostly copy-pasted from GTK 3.
--
Thanks,
Maxim
next prev parent reply other threads:[~2023-04-08 19:48 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-26 19:20 [bug#62467] [PATCH gnome-team 0/5] Update fundamental packages Liliana Marie Prikler
2023-03-26 15:39 ` [bug#62467] [PATCH gnome-team v2 01/12] gnu: glib: Update to 2.76.1 Liliana Marie Prikler
2023-04-08 19:37 ` Maxim Cournoyer
2023-04-08 19:54 ` Liliana Marie Prikler
2023-04-09 5:03 ` Maxim Cournoyer
2023-03-26 15:39 ` [bug#62467] [PATCH gnome-team v3 02/15] " Liliana Marie Prikler
2023-03-26 15:39 ` [bug#62467] [PATCH gnome-team 1/5] " Liliana Marie Prikler
2023-03-26 15:53 ` [bug#62467] [PATCH gnome-team v2 02/12] gnu: Make pango-next the new pango Liliana Marie Prikler
2023-04-08 19:39 ` Maxim Cournoyer
2023-03-26 15:53 ` [bug#62467] [PATCH gnome-team v3 03/15] " Liliana Marie Prikler
2023-03-26 15:53 ` [bug#62467] [PATCH gnome-team 2/5] " Liliana Marie Prikler
2023-03-26 18:53 ` [bug#62467] [PATCH gnome-team v2 03/12] gnu: pango: Update to 1.50.14 Liliana Marie Prikler
2023-04-08 19:39 ` Maxim Cournoyer
2023-03-26 18:53 ` [bug#62467] [PATCH gnome-team v3 04/15] " Liliana Marie Prikler
2023-03-26 18:53 ` [bug#62467] [PATCH gnome-team 3/5] " Liliana Marie Prikler
2023-03-26 19:14 ` [bug#62467] [PATCH gnome-team v2 04/12] gnu: Make gobject-introspection-next the new gobject-introspection Liliana Marie Prikler
2023-04-08 19:41 ` Maxim Cournoyer
2023-03-26 19:14 ` [bug#62467] [PATCH gnome-team 4/5] " Liliana Marie Prikler
2023-03-26 19:14 ` [bug#62467] [PATCH gnome-team v3 05/15] " Liliana Marie Prikler
2023-03-26 19:19 ` [bug#62467] [PATCH gnome-team v2 05/12] gnu: gobject-introspection: Update to 1.76.1 Liliana Marie Prikler
2023-04-08 19:40 ` Maxim Cournoyer
2023-03-26 19:19 ` [bug#62467] [PATCH gnome-team 5/5] " Liliana Marie Prikler
2023-03-26 19:19 ` [bug#62467] [PATCH gnome-team v3 06/15] " Liliana Marie Prikler
2023-03-28 4:26 ` [bug#62467] [PATCH gnome-team v3 07/15] gnu: libsoup-minimal@2: Update to 2.74.3 Liliana Marie Prikler
2023-03-28 4:26 ` [bug#62467] [PATCH gnome-team v2 06/12] " Liliana Marie Prikler
2023-04-08 19:42 ` Maxim Cournoyer
2023-04-08 19:56 ` Liliana Marie Prikler
2023-04-09 5:04 ` Maxim Cournoyer
2023-03-28 16:50 ` [bug#62467] [PATCH gnome-team v2 07/12] gnu: python-pygobject: Set upstream-name Liliana Marie Prikler
2023-04-08 19:42 ` Maxim Cournoyer
2023-03-28 16:50 ` [bug#62467] [PATCH gnome-team v3 08/15] " Liliana Marie Prikler
2023-03-28 16:51 ` [bug#62467] [PATCH gnome-team v2 08/12] gnu: python-pygobject: Update to 3.44.1 Liliana Marie Prikler
2023-04-08 19:43 ` Maxim Cournoyer
2023-03-28 16:51 ` [bug#62467] [PATCH gnome-team v3 09/15] " Liliana Marie Prikler
2023-03-28 19:34 ` [bug#62467] [PATCH gnome-team v3 12/15] gnu: librsvg: Fix build Liliana Marie Prikler
2023-03-28 19:34 ` [bug#62467] [PATCH gnome-team v2 11/12] " Liliana Marie Prikler
2023-04-08 19:49 ` Maxim Cournoyer
2023-04-08 20:03 ` Liliana Marie Prikler
2023-04-09 5:07 ` Maxim Cournoyer
2023-04-10 12:51 ` Liliana Marie Prikler
2023-04-11 1:49 ` Maxim Cournoyer
2023-03-30 4:28 ` [bug#62467] [PATCH gnome-team v2 10/12] gnu: gtk+: Update to 3.24.37 Liliana Marie Prikler
2023-04-08 19:34 ` Maxim Cournoyer
2023-03-30 4:28 ` [bug#62467] [PATCH gnome-team v3 11/15] " Liliana Marie Prikler
2023-03-30 18:41 ` [bug#62467] [PATCH gnome-team v3 10/15] gnu: gtk+-2: Fix build by hardening list store Liliana Marie Prikler
2023-03-30 18:41 ` [bug#62467] [PATCH gnome-team v2 09/12] " Liliana Marie Prikler
2023-04-08 19:47 ` Maxim Cournoyer [this message]
2023-04-08 20:00 ` Liliana Marie Prikler
2023-04-09 5:06 ` Maxim Cournoyer
2023-03-31 18:54 ` [bug#62467] [PATCH gnome-team v2 12/12] gnu: inkscape: Update stable version to 1.2.1 Liliana Marie Prikler
2023-04-08 19:51 ` Maxim Cournoyer
2023-03-31 18:54 ` [bug#62467] [PATCH gnome-team v3 13/15] " Liliana Marie Prikler
2023-03-31 21:43 ` [bug#62467] [PATCH gnome-team v2 00/12] Update fundamental packages Liliana Marie Prikler
2023-04-02 17:27 ` Raghav Gururajan via Guix-patches via
2023-04-02 18:20 ` Liliana Marie Prikler
2023-04-03 16:37 ` [bug#62467] [PATCH gnome-team v3 01/15] gnu: librsvg-2.40: Fix test failure with Pango 1.50 Kaelyn Takata
2023-04-11 20:52 ` Maxim Cournoyer
2023-04-10 7:08 ` [bug#62467] [PATCH gnome-team v3 14/15] gnu: inkscape: Use new package style Liliana Marie Prikler
2023-04-10 16:12 ` [bug#62467] [PATCH gnome-team v3 15/15] gnu: Remove lib2geom 1.1 Liliana Marie Prikler
2023-04-11 20:57 ` Maxim Cournoyer
2023-04-12 5:33 ` Liliana Marie Prikler
2023-04-13 2:33 ` Maxim Cournoyer
2023-04-13 5:12 ` bug#62467: " Liliana Marie Prikler
2023-04-11 7:06 ` [bug#62467] [PATCH gnome-team v3 00/15] Update glib to 2.76.1 Liliana Marie Prikler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fs9aqhqc.fsf@gmail.com \
--to=maxim.cournoyer@gmail.com \
--cc=62467@debbugs.gnu.org \
--cc=liliana.prikler@gmail.com \
--cc=rg@raghavgururajan.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).