Google Git
Sign in
fuchsia / third_party / github.com / GNOME / glib / refs/heads/upstream/wip/smcv/bug3418-newlocale-clear-errno
commit730f10fddf5d59bbf2c75c6efbebe3ba98f7a342[log] [tgz]
authorSimon McVittie <smcv@collabora.com>Fri Jul 26 12:42:22 2024 +0100
committerSimon McVittie <smcv@collabora.com>Fri Jul 26 13:06:08 2024 +0100
tree6a7b05ebd7efe8953f2098467b2e061a04bbe7a6
parent3aee3c4e46999bc728d4eb9102ecf75ca58171d0 [diff]
strfuncs: Always initialize errno to 0 after get_C_locale()

Some callers of `g_ascii_strtoull()` and similar functions assume that
they can use this pattern, similar to what they might do for
Standard C `strtoull()`:

    errno = 0;
    result = g_ascii_strtoull (nptr, endptr, base);
    saved_errno = errno;

    if (saved_errno != 0)
      g_printerr ("error parsing %s\n", nptr);

This is based on the fact that it is non-trivial to tell whether
`strtoull()` and related functions succeeded (in which case the value
of `errno` is unspecified) or failed (in which case `errno` is valid).
For example, POSIX `strtoul(3)` suggests this pattern:

> Since 0, `ULONG_MAX`, and `ULLONG_MAX` are returned on error and are
> also valid returns on success, an application wishing to check for
> error situations should set `errno` to 0, then call `strtoul()` or
> `strtoull()`, then check `errno`.

However, `g_ascii_strtoull()` does not *only* call a function resembling
`strtoull()` (`strtoull_l()` or its reimplementation
`g_parse_long_long()`): it also calls `get_C_locale()`, which wraps
`newlocale()`. Even if `newlocale()` succeeds (which in practice we
expect and assume that it will), it is valid for it to clobber `errno`.
For example, it might attempt to open a file that only conditionally
exists, which would leave `errno` set to `ENOENT`.

This is difficult to reproduce in practice: I encountered what I
believe to be this bug when compiling GLib-based software for i386 in a
Debian 12 derivative via an Open Build Service instance, but I could
not reproduce the bug in a similar chroot environment locally, and I
also could not reproduce the bug when compiling for x86_64 or for a
Debian 10, 11 or 13 derivative on the same Open Build Service instance.
It also cannot be reproduced via the GTest framework, because
`g_test_init()` indirectly calls `g_ascii_strtoull()`, resulting in
the call to `newlocale()` already having happened by the time we enter
test code.

Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/3418
Signed-off-by: Simon McVittie <smcv@collabora.com>
1 file changed
tree: 6a7b05ebd7efe8953f2098467b2e061a04bbe7a6
  1. .gitlab-ci/
  2. .reuse/
  3. docs/
  4. fuzzing/
  5. gio/
  6. girepository/
  7. glib/
  8. gmodule/
  9. gobject/
  10. gthread/
  11. LICENSES/
  12. m4macros/
  13. po/
  14. subprojects/
  15. tests/
  16. tools/
  17. COPYINGLICENSES/LGPL-2.1-or-later.txt
  18. .clang-format
  19. .dir-locals.el
  20. .editorconfig
  21. .gitignore
  22. .gitlab-ci.yml
  23. .gitmodules
  24. .lcovrc
  25. CODE_OF_CONDUCT.md
  26. CONTRIBUTING.md
  27. glib.doap
  28. INSTALL.md
  29. meson.build
  30. meson.options
  31. NEWS
  32. README.md
  33. SECURITY.md
README.md

GLib

GLib is the low-level core library that forms the basis for projects such as GTK and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.

The official download locations are: https://download.gnome.org/sources/glib

The official web site is: https://www.gtk.org/

Installation

See the file ‘INSTALL.md’. There is separate and more in-depth documentation for building GLib on Windows.

Supported versions

Upstream GLib only supports the most recent stable release series, the previous stable release series, and the current development release series. All older versions are not supported upstream and may contain bugs, some of which may be exploitable security vulnerabilities.

See SECURITY.md for more details.

Documentation

API documentation is available online for GLib for the:

Discussion

If you have a question about how to use GLib, seek help on GNOME’s Discourse instance. Alternatively, ask a question on StackOverflow and tag it glib.

Reporting bugs

Bugs should be reported to the GNOME issue tracking system. You will need to create an account for yourself. You may also submit bugs by e-mail (without an account) by e-mailing incoming+gnome-glib-658-issue-@gitlab.gnome.org, but this will give you a degraded experience.

Bugs are for reporting problems in GLib itself, not for asking questions about how to use it. To ask questions, use one of our discussion forums.

In bug reports please include:

  • Information about your system. For instance:
    • What operating system and version
    • For Linux, what version of the C library
    • And anything else you think is relevant.
  • How to reproduce the bug.
    • If you can reproduce it with one of the test programs that are built in the tests/ subdirectory, that will be most convenient. Otherwise, please include a short test program that exhibits the behavior. As a last resort, you can also provide a pointer to a larger piece of software that can be downloaded.
  • If the bug was a crash, the exact text that was printed out when the crash occurred.
  • Further information such as stack traces may be useful, but is not necessary.

Contributing to GLib

Please follow the contribution guide to know how to start contributing to GLib.

Patches should be submitted as merge requests to gitlab.gnome.org. If the patch fixes an existing issue, please refer to the issue in your commit message with the following notation (for issue 123):

Closes: #123

Otherwise, create a new merge request that introduces the change. Filing a separate issue is not required.