From 5a85fe0e37504cea13fe8a587691f72373b18830 Mon Sep 17 00:00:00 2001 From: Ryan Lortie Date: Mon, 9 Jul 2012 12:43:50 -0400 Subject: [PATCH] GVariant: fix string validation String validation was done by checking if the string was valid utf8 and ensuring that the first non-utf8 character was the last character (ie: the nul terminator). No check was actually done to make sure that this byte actually contained a nul, however, so it was possible that you could have a string like "hello\xff" with length 6 that would correctly validate. Fix that, and test it. --- glib/gvariant-serialiser.c | 11 ++++++++++- glib/tests/gvariant.c | 1 + 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c index d4b668b..4ee6c72 100644 --- a/glib/gvariant-serialiser.c +++ b/glib/gvariant-serialiser.c @@ -1593,11 +1593,20 @@ gboolean g_variant_serialiser_is_string (gconstpointer data, gsize size) { + const gchar *expected_end; const gchar *end; + if (size == 0) + return FALSE; + + expected_end = ((gchar *) data) + size - 1; + + if (*expected_end != '\0') + return FALSE; + g_utf8_validate (data, size, &end); - return data == end - (size - 1); + return end == expected_end; } /* < private > diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c index d3d8aa2..a6bef23 100644 --- a/glib/tests/gvariant.c +++ b/glib/tests/gvariant.c @@ -1821,6 +1821,7 @@ test_strings (void) { is_nval, 13, "hello world\0" }, { is_nval, 13, "hello\0world!" }, { is_nval, 12, "hello world!" }, + { is_nval, 13, "hello world!\xff" }, { is_objpath, 2, "/" }, { is_objpath, 3, "/a" }, -- 2.7.4