From: Ryan Lortie <desrt@desrt.ca>
Date: Mon, 9 Jul 2012 16:43:50 +0000 (-0400)
Subject: GVariant: fix string validation
X-Git-Tag: 2.33.4~21
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5a85fe0e37504cea13fe8a587691f72373b18830;p=platform%2Fupstream%2Fglib.git

GVariant: fix string validation

String validation was done by checking if the string was valid utf8 and
ensuring that the first non-utf8 character was the last character (ie:
the nul terminator).

No check was actually done to make sure that this byte actually
contained a nul, however, so it was possible that you could have a
string like "hello\xff" with length 6 that would correctly validate.

Fix that, and test it.
---

diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
index d4b668b..4ee6c72 100644
--- a/glib/gvariant-serialiser.c
+++ b/glib/gvariant-serialiser.c
@@ -1593,11 +1593,20 @@ gboolean
 g_variant_serialiser_is_string (gconstpointer data,
                                 gsize         size)
 {
+  const gchar *expected_end;
   const gchar *end;
 
+  if (size == 0)
+    return FALSE;
+
+  expected_end = ((gchar *) data) + size - 1;
+
+  if (*expected_end != '\0')
+    return FALSE;
+
   g_utf8_validate (data, size, &end);
 
-  return data == end - (size - 1);
+  return end == expected_end;
 }
 
 /* < private >
diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
index d3d8aa2..a6bef23 100644
--- a/glib/tests/gvariant.c
+++ b/glib/tests/gvariant.c
@@ -1821,6 +1821,7 @@ test_strings (void)
     { is_nval,     13, "hello world\0" },
     { is_nval,     13, "hello\0world!" },
     { is_nval,     12, "hello world!" },
+    { is_nval,     13, "hello world!\xff" },
 
     { is_objpath,   2, "/" },
     { is_objpath,   3, "/a" },