Bug 695376 – GDBusMethodInvocation leak and potential crash

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 695376 - GDBusMethodInvocation leak and potential crash


Summary:	GDBusMethodInvocation leak and potential crash


Status:	RESOLVED FIXED

Product:	glib
Classification:	Platform
Component:	gdbus
Version:	unspecified
Hardware:	Other Linux

Importance:	Normal normal
Target Milestone:	---
Assigned To:	David Zeuthen (not reading bugmail)
QA Contact:	gtkdev

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2013-03-07 17:44 UTC by Patrick Ohly
Modified:	2013-03-18 02:46 UTC

See Also:
GNOME target:	---
GNOME version:	---

Attachments
fix ref and add unref (2.29 KB, patch) 2013-03-07 17:47 UTC, Patrick Ohly	none	Details \| Review

Description Patrick Ohly 2013-03-07 17:44:24 UTC

_g_dbus_method_invocation_new is said to allow method_info == NULL, but will crash inside g_dbus_method_info_ref when the method_info really is NULL, because g_dbus_method_info_ref does not allow NULL as parameter. Found while looking for a leak.

The leak itself happens because _g_dbus_method_invocation_new stores a new reference to the method_info without also unreferencing it. Found in SyncEvolution, which creates GDBusMethodInfo instances dynamically.

I'll attach a patch.

FWIW, the whole concept of reference counting for GDBusMethodInfo and GDBusSignalInfo is pretty pointless because in GDBusInterfaceInfo one has to store plain pointers in a class which does not support reference counting for these pointers.

Comment 1 Patrick Ohly 2013-03-07 17:47:26 UTC

Created attachment 238326 [details] [review]
fix ref and add unref