Bug 629709 - Empty variants

Fix some GVariant bugs uncovered by calling g_variant_new_from_data with
invalid data (which it should be immune to).

diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
index 35f7e9a..6f01930 100644 (file)
--- a/glib/gvariant-core.c
+++ b/glib/gvariant-core.c
@@ -503,11 +503,33 @@ g_variant_new_from_buffer (const GVariantType *type,
                            gboolean            trusted)
 {
   GVariant *value;
+  guint alignment;
+  gsize size;
 
   value = g_variant_alloc (type, TRUE, trusted);
+
   value->contents.serialised.buffer = g_buffer_ref (buffer);
-  value->contents.serialised.data = buffer->data;
-  value->size = buffer->size;
+
+  g_variant_type_info_query (value->type_info,
+                             &alignment, &size);
+
+  if (size && buffer->size != size)
+    {
+      /* Creating a fixed-sized GVariant with a buffer of the wrong
+       * size.
+       *
+       * We should do the equivalent of pulling a fixed-sized child out
+       * of a brozen container (ie: data is NULL size is equal to the correct
+       * fixed size).
+       */
+      value->contents.serialised.data = NULL;
+      value->size = size;
+    }
+  else
+    {
+      value->contents.serialised.data = buffer->data;
+      value->size = buffer->size;
+    }
 
   return value;
 }

diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
index d6d626e..68128e2 100644 (file)
--- a/glib/gvariant-serialiser.c
+++ b/glib/gvariant-serialiser.c
@@ -1544,6 +1544,9 @@ g_variant_serialised_is_normal (GVariantSerialised serialised)
 
                  )
 
+  if (serialised.data == NULL)
+    return FALSE;
+
   /* some hard-coded terminal cases */
   switch (g_variant_type_info_get_type_char (serialised.type_info))
     {