After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 794731 - Vala doesn't ensure the array passed to gtk_application_set_accels_for_action is null terminated
Vala doesn't ensure the array passed to gtk_application_set_accels_for_action...
Status: RESOLVED OBSOLETE
Product: vala
Classification: Core
Component: Code Generator: GObject
0.40.x
Other FreeBSD
: Normal major
: 0.42
Assigned To: Vala maintainers
Vala maintainers
Depends on:
Blocks:
 
 
Reported: 2018-03-27 15:27 UTC by Greg V
Modified: 2018-05-22 16:02 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Greg V 2018-03-27 15:27:05 UTC
A common (at least in the elementary OS world) idiom for setting GTK accelerators seems to be using a Gee.HashMultiMap's to_array like this:

https://github.com/Alecaddd/sequeler/blob/03b81b482567fdfc39aed460ef89ff647e4adcf9/src/Services/ActionManager.vala#L36-L69

The GTK vapi marks that argument as null terminated:

public void set_accels_for_action (string detailed_action_name, [CCode (array_length = false, array_null_terminated = true)] string[] accels);

But the generated C code does not make it null terminated:

https://github.com/Alecaddd/sequeler/issues/96#issuecomment-375301139

So GTK starts reading garbage, which results in funny messages like

(Sequeler:50044): Gtk-WARNING **: 16:01:05.864: Unable to parse accelerator '\u0008\x8dn\u000b\u0008': ignored request to install 501 accelerators

(501 accelerators!) and much worse, SEGFAULTS!

(Apart from Sequeler, this happens in Geary when clicking "reply".)


I'm not sure where exactly should this be fixed — should Vala codegen ensure null-termination when passing to an array_null_terminated argument? Should libgee null-terminate in to_array? Should consumers construct new arrays instead of this (rather silly IMO) multimap trick?

And I'm extremely not sure how this wasn't discovered on Linux?! Was some unintended magic making them null terminated?
Comment 1 GNOME Infrastructure Team 2018-05-22 16:02:19 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to GNOME's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/vala/issues/626.