| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The gsf-office-thumbnailer expects a local file path to be passed, but
instead of treating one of expand_thumbnailing_elem()'s arguments as a
local path (which it is), we treated it as a URI and tried to convert it
to a URI.
That obviously failed, and the thumbnailer wasn't even launched.
https://bugzilla.gnome.org/show_bug.cgi?id=787249
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=787249
|
|
|
|
|
|
|
|
|
| |
And loads of other non-thumbnailable files in a regression introduced in
3b298f60. To answer _can_thumbnail() correctly, we need to check whether
a thumbnailer exists for the mime-type in question, not simply assume it
to be available.
https://bugzilla.gnome.org/show_bug.cgi?id=785404
|
|
|
|
| |
Was not supposed to be in the commit.
|
| |
|
|
|
|
|
|
| |
Rather than display an image in a GTK+ window, behave like stand-alone
thumbnailers and generate an output file. This makes it easier to
compare stand-alone thumbnailers with ones wrapped in gnome-desktop.
|
|
|
|
| |
The variable is set to a function return 2 lines below.
|
|
|
|
| |
Pass G_MESSAGES_DEBUG=all to thumbnailers if the debug is enabled.
|
|
|
|
|
| |
No need to attempt connecting to gvfs inside the sandbox, it will not be
accessible.
|
| |
|
|
|
|
|
| |
The release was wrongly numbered with a "sub" number of 1. Modify the
NEWS file to match the version number actually used.
|
| |
|
|
|
|
|
| |
So that it's not missed, repeatedly, by whoever updates the
configure.ac.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When running sandboxed, we could make use "--tmpfs /tmp" to make
/tmp disappear along with the thumbnailer, but that would just paper
over the fact that those same discarded temporary files would be left in
/tmp (RAM if tmpfs) when not sandboxed.
So warn about badly behaved thumbnailers.
https://bugzilla.gnome.org/show_bug.cgi?id=785238
|
|
|
|
|
|
|
|
| |
The fd that bwrap copies from the --file argument needs to be cleaned up
as well, otherwise the temporary file as well as the directory
containing it will be left on disk.
https://bugzilla.gnome.org/show_bug.cgi?id=786584
|
|
|
|
|
|
|
|
| |
Instead of copying whole files to the sandbox, bind mount the _file_.
This is especially important when dealing with huge files when only a
tiny portion of the file will actually be read.
https://bugzilla.gnome.org/show_bug.cgi?id=786586
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=786355
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=783849
|
| |
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=785963
|
|
|
|
|
|
| |
Makes it easier to debug.
https://bugzilla.gnome.org/show_bug.cgi?id=785963
|
|
|
|
|
|
|
|
| |
script_exec_new() can fail in certain cases, and we should not crash
when trying to expand the script command later if the initial setup
failed.
https://bugzilla.gnome.org/show_bug.cgi?id=785963
|
| |
|
|
|
|
|
|
|
| |
Flatpak drops privileges very early in the sandbox setup
phase which means that we don't have enough permissions to
setup seccomp. It would be nice if we could still use seccomp
to restrict even further, but that's not the case as of yet.
|
|
|
|
|
|
|
|
|
| |
Debian's gnome-control-center can crash when show-all-sources is
enabled. When parse_end_element in gnome-xkb-info.c encounters
duplicate layouts, it will free the memory for the first layout while it
is still in a hash table.
https://bugzilla.gnome.org/show_bug.cgi?id=785320
|
| |
|
|
|
|
|
|
|
| |
Use seccomp code from flatpak to limit the system calls thumbnailers can
make, reducing the attach surface.
https://bugzilla.gnome.org/show_bug.cgi?id=785197
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Linux systems, bubblewrap is now required to launch thumbnailers in a
restricted environment.
- Only /usr and the compilation ${prefix} of the gnome-desktop library
will be available to the thumbnailer as read-only
- The network is disabled
- The filename of the file to thumbnail is hidden
- Bubblewrap is not used if the application is already sandboxed in
Flatpak as all privileges to create a new namespace are dropped when
the initial one is created.
https://bugzilla.gnome.org/show_bug.cgi?id=774497
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move most of the script command generation to a separate file, making
the function return a GBytes from a successful thumbnailer run, so as to
avoid having to clean up temporary files from the thumbnailer run.
Note that it changes a few subtle things which shouldn't be a problem in
practice, but, as a corner case, might have been used by applications:
- Thumbnailers must output PNG images. pixbuf_new_from_bytes() could
have been made more complicated to handle all images, and then we would
restrict the thumbnailer output format separately, but it makes no sense
to write complicated code to remove it in the next commit.
- URIs which have no backing path are not supported. This will likely
cause problems for thumbnailing remote shares on OSes which lack
gvfsd-fuse. Support could be re-added in the future.
https://bugzilla.gnome.org/show_bug.cgi?id=774497
|
|
|
|
|
|
| |
It's really not that useful. If the thumbnailer definition is
installed, then we expect the thumbnailer to be installed and
functional.
|
|
|
|
|
| |
Instead of a shell-quoted string, to make it easier to add new elements
to this command-line.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pixbuf to be written as a placeholder thumbnail was never
initialised to be empty, so might contain random data from the stack.
Use gdk_pixbuf_fill() to solve this problem.
Use of uninitialised value of size 8
at 0x9A8ED44: crc32_little (crc32.c:287)
by 0x9A8ED44: crc32_z (crc32.c:220)
by 0x8A617FB: png_calculate_crc (png.c:153)
by 0x8A7FACF: png_write_complete_chunk (pngwutil.c:187)
by 0x8A801B1: png_compress_IDAT (pngwutil.c:1047)
by 0x8A81F8E: png_write_filtered_row (pngwutil.c:2743)
by 0x8A81F8E: png_write_find_filter (pngwutil.c:2713)
by 0x8A7CF21: png_write_row (pngwrite.c:888)
by 0x8A7D20E: png_write_rows (pngwrite.c:582)
by 0x8263A08: real_save_png (io-png.c:1139)
by 0x8263B0A: gdk_pixbuf__png_image_save (io-png.c:1166)
by 0x8250FF8: gdk_pixbuf_real_save (gdk-pixbuf-io.c:2180)
by 0x8251820: gdk_pixbuf_savev (gdk-pixbuf-io.c:2479)
by 0x8251534: gdk_pixbuf_save (gdk-pixbuf-io.c:2418)
by 0x5342324: save_thumbnail (gnome-desktop-thumbnail.c:1224)
by 0x53424DD: gnome_desktop_thumbnail_factory_create_failed_thumbnail (gnome-desktop-thumbnail.c:1313)
by 0x4E89B6A: eog_thumbnail_load (eog-thumbnail.c:518)
by 0x4E6BA39: eog_job_thumbnail_run (eog-jobs.c:1270)
by 0x4E69796: eog_job_run (eog-jobs.c:271)
by 0x4E689A2: eog_job_process (eog-job-scheduler.c:153)
by 0x4E688AA: eog_job_scheduler (eog-job-scheduler.c:128)
by 0x97E4004: g_thread_proxy (gthread.c:784)
by 0x9CAA36C: start_thread (in /usr/lib64/libpthread-2.25.so)
by 0x9FD2E9E: clone (in /usr/lib64/libc-2.25.so)
Uninitialised value was created by a stack allocation
at 0x8262D5E: real_save_png (io-png.c:871)
https://bugzilla.gnome.org/show_bug.cgi?id=784915
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=784653
|