From 075cb4320d84ea6c5ffc09bf7318d8086d64539a Mon Sep 17 00:00:00 2001 From: Tim Janik Date: Tue, 12 May 1998 00:34:28 +0000 Subject: [PATCH] [security audit by Alan Cox] Tue May 12 02:31:57 1998 Tim Janik [security audit by Alan Cox] * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not exceed maximum assumed size. * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does not exceed maximum assumed size. (gtk_menu_factory_remove): likewise. (gtk_menu_factory_find_recurse): likewise. --- ChangeLog | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-0 | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-10 | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-2 | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-4 | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-6 | 52 +++++++++++++++++++++++++++----------------- ChangeLog.pre-2-8 | 52 +++++++++++++++++++++++++++----------------- gtk/gtkmenufactory.c | 25 +++++++++++++++++++-- gtk/gtkobject.c | 12 +++++++++- 9 files changed, 258 insertions(+), 143 deletions(-) diff --git a/ChangeLog b/ChangeLog index 59517dee73..42720f2580 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-0 b/ChangeLog.pre-2-0 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-0 +++ b/ChangeLog.pre-2-0 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-10 b/ChangeLog.pre-2-10 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-10 +++ b/ChangeLog.pre-2-10 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-2 b/ChangeLog.pre-2-2 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-2 +++ b/ChangeLog.pre-2-2 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-4 b/ChangeLog.pre-2-4 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-4 +++ b/ChangeLog.pre-2-4 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-6 b/ChangeLog.pre-2-6 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-6 +++ b/ChangeLog.pre-2-6 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/ChangeLog.pre-2-8 b/ChangeLog.pre-2-8 index 59517dee73..42720f2580 100644 --- a/ChangeLog.pre-2-8 +++ b/ChangeLog.pre-2-8 @@ -1,16 +1,28 @@ +Tue May 12 02:31:57 1998 Tim Janik + + [security audit by Alan Cox] + + * gtk/gtkobject.c (gtk_object_get_arg_type): check for arg_name to not + exceed maximum assumed size. + + * gtk/gtkmenufactory.c (gtk_menu_factory_create): check that `path' does + not exceed maximum assumed size. + (gtk_menu_factory_remove): likewise. + (gtk_menu_factory_find_recurse): likewise. + Mon May 11 23:53:38 1998 Tim Janik * gtk/gtkwidget.c (gtk_widget_queue_resize): queue the idle_sizer with GTK_PRIORITY_INTERNAL - 1, so widgets get first resized and then - redrawn if that is still neccessary. don't allow queueing of already + redrawn if that is still neccessary. don't allow queueing of already destructed objects. (gtk_widget_idle_sizer): proccess the resize queue in a save manner, so widgets which are in the queue can be destroyed savely, handle - requeueing properly. + requeueing properly. (gtk_widget_idle_draw): proccess the redraw queue in a save manner, so widgets which are in the queue can be destroyed/unrealized savely. -Mon May 11 17:54:44 BST 1998 Tony Gale +Mon May 11 17:54:44 BST 1998 Tony Gale * gtkfaq.sgml: add question on multi-threading, minor URL cleanups. @@ -19,24 +31,24 @@ Mon May 11 09:56:45 1998 Tim Janik * configure.in (cflags_set): preserve automake CFLAGS. - * Makefile.am: fully rename the created libraries to libgtk-1.1.la + * Makefile.am: fully rename the created libraries to libgtk-1.1.la and libgdk-1.1.la. this means we need to change certain portions of - the Makefile.am on major/minor version bumps. + the Makefile.am on major/minor version bumps. * ltmain.sh: the -release option is not required anymore. - * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type - of the first argument to be of type GtkObject. unconditionally compile - this function. removed __GNUC__ dependancy of the gtk_object_ref and - gtk_object_unref macro wrappers for this function. + * gtk/gtkobject.h (gtk_trace_referencing): compile time check the type + of the first argument to be of type GtkObject. unconditionally compile + this function. removed __GNUC__ dependancy of the gtk_object_ref and + gtk_object_unref macro wrappers for this function. Mon May 11 02:31:19 1998 Tim Janik * gtk/gtkobject.h: * gtk/gtkobject.c: (gtk_object_data_try_key): - (gtk_object_data_force_id): these are now macros substituting the old - functions. we just use the corresponding g_dataset_* functions for + (gtk_object_data_force_id): these are now macros substituting the old + functions. we just use the corresponding g_dataset_* functions for key->id associations. (this is to assure unique key<->id associations). 1998-05-10 Stefan Jeske @@ -46,27 +58,27 @@ Mon May 11 02:31:19 1998 Tim Janik * docs/gtk.texi (GtkCTree): Started documentation of GtkCTree. -Sat May 9 20:11:20 1998 Owen Taylor +Sat May 9 20:11:20 1998 Owen Taylor * configure.in (LIBS): Try to figure out if this is Digital Unix and we need -std1 to get the right prototypes. -Sat May 9 16:30:33 BST 1998 Tony Gale +Sat May 9 16:30:33 BST 1998 Tony Gale * docs/gtk_tut_it.sgml: update of Italian tutorial translation from Daniele Canazza -Sat May 9 02:34:41 1998 Tim Janik +Sat May 9 02:34:41 1998 Tim Janik * gtk/gtkfeatures.h.in: new file used as template for * gtk/gtkfeatures.h: new file to define macros indicating newly - introduced features, such as GTK_HAVE_SIGNAL_INIT. + introduced features, such as GTK_HAVE_SIGNAL_INIT. * gtk/gtksignal.c: - (gtk_signal_emitv_by_name): + (gtk_signal_emitv_by_name): (gtk_signal_emitv): - new functions to emit signals with an already provided parameter set. + new functions to emit signals with an already provided parameter set. (provided by Kenneth Albanowski ). (gtk_signal_real_emit): prototype changes, so this functions always gets its parameters and signal structure as arguments. @@ -74,12 +86,12 @@ Sat May 9 02:34:41 1998 Tim Janik gtk_signal_real_emit. (gtk_signal_emit_by_name): likewise. -Sat May 9 00:03:12 1998 Tim Janik +Sat May 9 00:03:12 1998 Tim Janik * gtk/gtksignal.c (gtk_signal_handler_unref): reflect the presence of - signal connections through unsetting GTK_CONNECTED. + signal connections through unsetting GTK_CONNECTED. (gtk_signal_handler_insert): reflect the presence of signal connections - through setting GTK_CONNECTED. + through setting GTK_CONNECTED. (gtk_signal_real_emit): only check for handler emissions if the object has the GTK_CONNECTED flag set. (gtk_signal_handler_pending): don't check for pending handlers if the diff --git a/gtk/gtkmenufactory.c b/gtk/gtkmenufactory.c index a2045e6cd3..2ed91d3d69 100644 --- a/gtk/gtkmenufactory.c +++ b/gtk/gtkmenufactory.c @@ -216,6 +216,13 @@ gtk_menu_factory_create (GtkMenuFactory *factory, */ if (!path || path[0] == '\0') return; + else if (strlen (path) >= 250) + { + /* security audit + */ + g_warning ("gtk_menu_factory_create(): argument `path' exceeds maximum size."); + return; + } /* Strip off the next part of the path. */ @@ -329,7 +336,14 @@ gtk_menu_factory_remove (GtkMenuFactory *factory, if (!path || path[0] == '\0') return; - + else if (strlen (path) >= 250) + { + /* security audit + */ + g_warning ("gtk_menu_factory_remove(): argument `path' exceeds maximum size."); + return; + } + p = strchr (path, '/'); if (!p) @@ -468,7 +482,14 @@ gtk_menu_factory_find_recurse (GtkMenuFactory *factory, if (!path || path[0] == '\0') return NULL; - + else if (strlen (path) >= 250) + { + /* security audit + */ + g_warning ("gtk_menu_factory_find_recurse(): argument `path' exceeds maximum size."); + return NULL; + } + p = strchr (path, '/'); if (!p) diff --git a/gtk/gtkobject.c b/gtk/gtkobject.c index 08f9c3460c..b5525c5c4f 100644 --- a/gtk/gtkobject.c +++ b/gtk/gtkobject.c @@ -935,9 +935,19 @@ gtk_object_get_arg_type (const gchar *arg_name) gchar buffer[1024]; gchar *t; + g_return_val_if_fail (arg_name != NULL, 0); + if (!arg_info_ht) return GTK_TYPE_INVALID; + if (!arg_name || strlen (arg_name) > 1000) + { + /* security audit + */ + g_warning ("gtk_object_get_arg_type(): argument `arg_name' exceeds maximum size."); + return 0; + } + t = strchr (arg_name, ':'); if (!t || (t[0] != ':') || (t[1] != ':')) { @@ -1535,7 +1545,7 @@ gtk_trace_referencing (GtkObject *object, #ifdef G_ENABLE_DEBUG exists = g_hash_table_lookup (living_objs_ht, object) != NULL; -#endif /* !G_ENABLE_DEBUG */ +#endif /* G_ENABLE_DEBUG */ if (exists && (object == gtk_trace_object ||