GNOME Bugzilla – Bug 721678
Make sure that gjs_string_to_utf8 is safe
Last modified: 2018-01-27 11:55:07 UTC
This is something interesting that Sam Spilsbury brought up in https://bugzilla.gnome.org/show_bug.cgi?id=721246#c27 . Basically, gjs_string_to_utf8 was changed to use JS_EncodeStringToUTF8, which uses SpiderMonkey's allocator to allocate memory for the returned UTF-8 string. This was changed in https://git.gnome.org/browse/gjs/commit/gjs/jsapi-util-string.cpp?id=5b41c10f64e32fe461d7b797c00acda4f9301514 -- before then, we used JS_EncodeStringToBuffer on a buffer we allocated ourselves with g_malloc. Existing callers were never updated to properly call JS_free, so right now the code is assuming that g_malloc == malloc == JS_malloc. If compiled with jemalloc or similar, the our code would probably crash badly. I'm unsure what to do here. The fact that nothing has crashed so far means that we probably shouldn't fret too much, and I'd really not want to take a copy.
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gjs/issues/79.