From f6906b8272635a0f2f4620675813ff538cde0c73 Mon Sep 17 00:00:00 2001 From: Matthias Clasen Date: Wed, 18 May 2005 14:46:14 +0000 Subject: [PATCH] Warn if length overflows. (#161520, Ian Wienand) 2005-05-18 Matthias Clasen * gdk/x11/gdkproperty-x11.c (gdk_property_get): Warn if length overflows. (#161520, Ian Wienand) --- ChangeLog | 3 +++ ChangeLog.pre-2-10 | 3 +++ ChangeLog.pre-2-8 | 3 +++ docs/reference/ChangeLog | 2 ++ docs/reference/gdk/tmpl/properties.sgml | 34 +++++++++++++++---------- gdk/x11/gdkproperty-x11.c | 24 ++++++++++++++++- 6 files changed, 55 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7bd3876c2f..f4defc31b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2005-05-18 Matthias Clasen + * gdk/x11/gdkproperty-x11.c (gdk_property_get): Warn if + length overflows. (#161520, Ian Wienand) + * gtk/gtktoolbutton.c (gtk_tool_button_set_icon_name): Fix parameter names to make gtk-doc happy. diff --git a/ChangeLog.pre-2-10 b/ChangeLog.pre-2-10 index 7bd3876c2f..f4defc31b5 100644 --- a/ChangeLog.pre-2-10 +++ b/ChangeLog.pre-2-10 @@ -1,5 +1,8 @@ 2005-05-18 Matthias Clasen + * gdk/x11/gdkproperty-x11.c (gdk_property_get): Warn if + length overflows. (#161520, Ian Wienand) + * gtk/gtktoolbutton.c (gtk_tool_button_set_icon_name): Fix parameter names to make gtk-doc happy. diff --git a/ChangeLog.pre-2-8 b/ChangeLog.pre-2-8 index 7bd3876c2f..f4defc31b5 100644 --- a/ChangeLog.pre-2-8 +++ b/ChangeLog.pre-2-8 @@ -1,5 +1,8 @@ 2005-05-18 Matthias Clasen + * gdk/x11/gdkproperty-x11.c (gdk_property_get): Warn if + length overflows. (#161520, Ian Wienand) + * gtk/gtktoolbutton.c (gtk_tool_button_set_icon_name): Fix parameter names to make gtk-doc happy. diff --git a/docs/reference/ChangeLog b/docs/reference/ChangeLog index 1eff73708b..386145b789 100644 --- a/docs/reference/ChangeLog +++ b/docs/reference/ChangeLog @@ -1,5 +1,7 @@ 2005-05-18 Matthias Clasen + * gdk/tmpl/properties.sgml: Updates. + * gtk/migrating-checklist.sgml: Add a section about named icons. diff --git a/docs/reference/gdk/tmpl/properties.sgml b/docs/reference/gdk/tmpl/properties.sgml index dd8ba68dd3..dc63c5ac59 100644 --- a/docs/reference/gdk/tmpl/properties.sgml +++ b/docs/reference/gdk/tmpl/properties.sgml @@ -42,6 +42,9 @@ data commonly stored in X window properties. + + + An opaque type representing a string as an index into a table @@ -252,15 +255,14 @@ and %GDK_NONE will be stored in @actual_property_type. -The XGetWindowProperty() -function that gdk_property_get() -uses has a very confusing and complicated set of semantics. +The XGetWindowProperty() function that gdk_property_get() +uses has a very confusing and complicated set of semantics. Unfortunately, gdk_property_get() makes the situation worse instead of better (the semantics should be considered undefined), and also prints warnings to stderr in cases where it should return a useful error to the program. You are advised to use -XGetWindowProperty() -directly until a replacement function for gdk_property_get() +XGetWindowProperty() directly until a replacement function for +gdk_property_get() is provided. @@ -273,18 +275,24 @@ is provided. be filled in, a warning will be printed to stderr and no data will be returned. @offset: the offset into the property at which to begin - retrieving data. (in 4 byte units!) -@length: the length of the data to delete. (in bytes, but - the actual retrieved length will be the next - integer multiple multiple of four greater than - this!) + retrieving data, in 4 byte units. +@length: the length of the data to retrieve in bytes. Data is + considered to be retrieved in 4 byte chunks, so @length + will be rounded up to the next highest 4 byte boundary + (so be careful not to pass a value that might overflow + when rounded up). @pdelete: if %TRUE, delete the property after retrieving the data. @actual_property_type: location to store the actual type of the property. -@actual_format: location to store the actual format of the data. -@actual_length: location to store the length of the retrieved - data, in bytes. +@actual_format: location to store the actual return format of the + data; either 8, 16 or 32 bits. +@actual_length: location to store the length of the retrieved data, in + bytes. Data returned in the 32 bit format is stored + in a long variable, so the actual number of 32 bit + elements should be be calculated via + @actual_length/sizeof(glong) to ensure portability to + 64 bit systems. @data: location to store a pointer to the data. The retrieved data should be freed with g_free() when you are finished using it. diff --git a/gdk/x11/gdkproperty-x11.c b/gdk/x11/gdkproperty-x11.c index 4069e018a7..e1f5d77f0d 100644 --- a/gdk/x11/gdkproperty-x11.c +++ b/gdk/x11/gdkproperty-x11.c @@ -493,6 +493,7 @@ gdk_property_get (GdkWindow *window, gint ret_format; gulong ret_nitems; gulong ret_bytes_after; + gulong get_length; gulong ret_length; guchar *ret_data; Atom xproperty; @@ -521,9 +522,30 @@ gdk_property_get (GdkWindow *window, ret_data = NULL; + /* + * Round up length to next 4 byte value. Some code is in the (bad?) + * habit of passing G_MAXLONG as the length argument, causing an + * overflow to negative on the add. In this case, we clamp the + * value to G_MAXLONG. + */ + get_length = length + 3; + if (get_length > G_MAXLONG) + { + g_warning ("gdk_property_get(): length value has wrapped in calculation " + "(did you pass G_MAXLONG?)"); + get_length = G_MAXLONG; + } + /* To fail, either the user passed 0 or G_MAXULONG */ + get_length = get_length / 4; + if (get_length == 0) + { + g_warning ("gdk_propery-get(): invalid length 0"); + return FALSE; + } + res = XGetWindowProperty (GDK_DISPLAY_XDISPLAY (display), GDK_WINDOW_XWINDOW (window), xproperty, - offset, (length + 3) / 4, pdelete, + offset, get_length, pdelete, xtype, &ret_prop_type, &ret_format, &ret_nitems, &ret_bytes_after, &ret_data);