GNU bug report logs -
#62467
[PATCH gnome-team 0/5] Update fundamental packages
Previous Next
Full log
View this message in rfc822 format
Hi,
Liliana Marie Prikler <liliana.prikler <at> gmail.com> writes:
> * gnu/packages/patches/gtk2-harden-list-store.patch: New file.
> * gnu/packages/gtk.scm (gtk+-2)[patches]: Add it here.
> * gnu/local.mk (dist_patch_DATA): Register it here.
> ---
> gnu/local.mk | 1 +
> gnu/packages/gtk.scm | 1 +
> .../patches/gtk2-harden-list-store.patch | 42 +++++++++++++++++++
> 3 files changed, 44 insertions(+)
> create mode 100644 gnu/packages/patches/gtk2-harden-list-store.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 3e94281ccf..31456c5be8 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -1303,6 +1303,7 @@ dist_patch_DATA = \
> %D%/packages/patches/guile-rsvg-pkgconfig.patch \
> %D%/packages/patches/guile-emacs-fix-configure.patch \
> %D%/packages/patches/gtk2-fix-builder-test.patch \
> + %D%/packages/patches/gtk2-harden-list-store.patch \
> %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \
> %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \
> %D%/packages/patches/gtk2-theme-paths.patch \
> diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm
> index c756f39e24..196d767160 100644
> --- a/gnu/packages/gtk.scm
> +++ b/gnu/packages/gtk.scm
> @@ -1014,6 +1014,7 @@ (define-public gtk+-2
> "1nn6kks1zyvb5xikr9y2k7r9bwjy1g4b0m0s66532bclymbwfamc"))
> (patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"
> "gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch"
> + "gtk2-harden-list-store.patch"
> "gtk2-theme-paths.patch"
> "gtk2-fix-builder-test.patch"))))
> (build-system gnu-build-system)
> diff --git a/gnu/packages/patches/gtk2-harden-list-store.patch b/gnu/packages/patches/gtk2-harden-list-store.patch
> new file mode 100644
> index 0000000000..b107ba2bcc
> --- /dev/null
> +++ b/gnu/packages/patches/gtk2-harden-list-store.patch
> @@ -0,0 +1,42 @@
> +Mimic the implemenetation in gtk+-3.
Typo: implementation.
I'd like to see a bit more metadata in this patch; is it original work,
or was it retrieved from another distribution such as Debian? It
probably exists elsewhere, if GTK2 can't be built anymore otherwise?
Does upstream still maintain GTK2, or is it completely abandoned?
> +
> +Index: gtk+-2.24.33/gtk/gtkliststore.c
> +===================================================================
> +--- gtk+-2.24.33.orig/gtk/gtkliststore.c
> ++++ gtk+-2.24.33/gtk/gtkliststore.c
> +@@ -1195,16 +1195,31 @@ gboolean
> + gtk_list_store_iter_is_valid (GtkListStore *list_store,
> + GtkTreeIter *iter)
> + {
> ++ GSequenceIter *seq_iter;
> ++
> + g_return_val_if_fail (GTK_IS_LIST_STORE (list_store), FALSE);
> + g_return_val_if_fail (iter != NULL, FALSE);
> +
> +- if (!VALID_ITER (iter, list_store))
> +- return FALSE;
> ++ /* can't use VALID_ITER() here, because iter might point
> ++ * to random memory.
> ++ *
> ++ * We MUST NOT dereference it.
> ++ */
> +
> +- if (g_sequence_iter_get_sequence (iter->user_data) != list_store->seq)
> ++ if (iter == NULL ||
> ++ iter->user_data == NULL ||
> ++ list_store->stamp != iter->stamp)
> + return FALSE;
> +
> +- return TRUE;
> ++ for (seq_iter = g_sequence_get_begin_iter (list_store->seq);
> ++ !g_sequence_iter_is_end (seq_iter);
> ++ seq_iter = g_sequence_iter_next (seq_iter))
> ++ {
> ++ if (seq_iter == iter->user_data)
> ++ return TRUE;
> ++ }
> ++
> ++ return FALSE;
> + }
> +
> + static gboolean real_gtk_list_store_row_draggable (GtkTreeDragSource *drag_source,
I don't know my way much in this code base, but the above looks
reasonable to me, especially if it was mostly copy-pasted from GTK 3.
--
Thanks,
Maxim
This bug report was last modified 2 years and 39 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.