Now that we have _DBUS_STRING_INIT_INVALID, we can initialize
parser.data to a value that is safe for _dbus_string_free(), which
means we can put all the cleanup through a single code path that
definitely frees everything.
(This is just refactoring, not a correctness fix.)
Signed-off-by: Simon McVittie <smcv@collabora.com>
Previously, we were waiting a few seconds for the dbus-daemon to stop
listening, then trying to connect again and asserting that it failed,
then immediately asserting that the socket had actually been deleted.
However, there is a race here: the dbus-daemon stops listening on the
socket, and then deletes it. If the test client wins the race by
probing to see whether the socket is present after the dbus-daemon
has stopped listening but before the dbus-daemon has deleted it, then
the test will fail.
This intermittently happens on Gitlab-CI, most recently in
<https://gitlab.freedesktop.org/smcv/dbus/-/jobs/45694>.
Signed-off-by: Simon McVittie <smcv@collabora.com>
When we're doing bitwise operations, addition with wraparound and
large left-shifts, it seems safer to use unsigned integers, where
the effect of overflow is well-defined (it wraps around). Signed
integer overflow is undefined behaviour, so compilers are free to
optimize by assuming that it cannot happen.
Detected by the undefined behaviour sanitizer (UBSan).
Signed-off-by: Simon McVittie <smcv@collabora.com>
If we have a variable "Type value;" then casting &value to (Type *) is
not useful, because it has that type already; it can only hide errors.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Detected with UndefinedBehaviourSanitizer, which will warn on
about 50% of calls to this function, when s[3] is 128 or more,
because id is signed, so 128 << 24 is undefined signed overflow.
All we want here is a random non-negative signed int (in the range 0
to 2**31-1, with 31 bits varying). The intention seemed to be to
generate a random unsigned int, cast it to signed, and then negate it
if negative, but it seems simpler and more obviously correct to just
make sure the most significant byte fits in the non-negative range.
Signed-off-by: Simon McVittie <smcv@collabora.com>
BusDesktopFile has a strange convention in which the various parser
helper functions (parse_section_start(), etc.) free the parser on error.
However, this particular error case happens outside the helper functions
and so will leak.
Signed-off-by: Simon McVittie <smcv@collabora.com>
va_copy() is a C99 feature, and should be widely supported by now.
gcc in strict C89 mode implements an equivalent __va_copy() instead.
MSVC 2013 implements va_copy(), but at the moment we still aim to support
MSVC 2010 and 2012, which don't have it. However, we know that in
Windows ABIs, va_list is a pointer, so we can use
_DBUS_VA_COPY_ASSIGN. We do not support MSVC for Autotools builds, only
CMake, due to its non-Unixish command-line interface.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We don't know that _DBUS_VA_COPY_ASSIGN is always the right choice.
However, we do know that it's OK on MSVC versions too old to support
va_copy().
Signed-off-by: Simon McVittie <smcv@collabora.com>
If we already have ISO C va_copy() or its non-standard counterpart
__va_copy(), then there's no need to do an AC_RUN_IFELSE or its
CMake equivalent to detect whether "args2 = args1" or "*args2 = *args1"
works. AC_RUN_IFELSE is problematic during cross-compilation, where the
program cannot be run (you have to know in advance that the test program
will be run and what its result will be), so we want to avoid it whenever
possible.
Signed-off-by: Simon McVittie <smcv@collabora.com>
When running tests under "make check" or similar to take advantage
of facilities like AM_TESTS_ENVIRONMENT and AX_VALGRIND_CHECK, it's
more straightforward to set an environment variable than to pass a
command-line option.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://gitlab.freedesktop.org/dbus/dbus/issues/218
We have considerable anecdotal evidence that every relevant compiler
supports at least the small part of ISO varargs syntax that we need
here, because tools/tool-common.h has contained
#define VERBOSE(...) do {} while (0)
since dbus 1.9.2 (2014) and nobody has complained yet. With that in
mind, let's simplify.
Signed-off-by: Simon McVittie <smcv@collabora.com>
For test case execution, CheckCSourceCompiles is now used instead
of try_compile and the determination of DBUS_VA_AS_ARRAY is
performed with a separate test instead of evaluating the result
of HAVE_VA_COPY and HAVE___VA_COPY.
The tests are performed for all supported compilers. Since older
MSVC compilers (< 2013) do not support va_copy(), the macro
_DBUS_VA_ASSIGN(a1,a2) with the implementation { a1 = a2; } is used
as a fallback.
Stop using avc_init() which is deprecated and use avc_open() instead. Also, use SELINUX_CB_POLICYLOAD instead of AVC_CALLBACK_RESET callback.
See merge request dbus/dbus!31
Reviewed-by: smcv
Stop using avc_init() and use avc_open() instead. With this commit
dbus-daemon will stop using a thread to monitor the avc netlink and will
poll it instead.
https://gitlab.freedesktop.org/dbus/dbus/issues/134
If in a .pc variable a path is created from another
variable, such as exec_prefix=${prefix}/lib, prefix
must not contain a trailing slash to avoid double
slashes in the generated path.
If a function returns boolean for success/error, and returns a
DBusError, then it should set the DBusError if and only if it
returns FALSE.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This is a wrapper for g_test_incomplete(), which works around bugs in
that function prior to GLib 2.57.3. I originally wrote it for librsvg.
Signed-off-by: Simon McVittie <smcv@collabora.com>
