diff options
| author | Peter Bloomfield <PeterBloomfield@bellsouth.net> | 2020-04-25 17:26:22 -0400 |
|---|---|---|
| committer | Peter Bloomfield <PeterBloomfield@bellsouth.net> | 2020-04-26 16:47:23 -0400 |
| commit | d85f02a994d759dc314bf1b972fc6a2de39b47ab (patch) | |
| tree | bea34928b04e7a42dffb29fff9cb27e27e2f4a36 /gtk/gtkfilesystemmodel.c | |
| parent | 7da995da1d1b0d6180db145e34abebbb402d4d8b (diff) | |
| download | gtk+-d85f02a994d759dc314bf1b972fc6a2de39b47ab.tar.gz | |
file-system-model: Avoid use-after free
This is a possible fix for https://gitlab.gnome.org/GNOME/gtk/-/issues/2657
Use a NULL return from g_file_query_info_finish() to detect cancellation
of the query, and avoid derferencing a stale pointer.
Diffstat (limited to 'gtk/gtkfilesystemmodel.c')
| -rw-r--r-- | gtk/gtkfilesystemmodel.c | 45 |
1 files changed, 32 insertions, 13 deletions
diff --git a/gtk/gtkfilesystemmodel.c b/gtk/gtkfilesystemmodel.c index eeab450301..9de81a4f89 100644 --- a/gtk/gtkfilesystemmodel.c +++ b/gtk/gtkfilesystemmodel.c @@ -1202,26 +1202,36 @@ gtk_file_system_model_got_files (GObject *object, GAsyncResult *res, gpointer da } } +/* Helper for gtk_file_system_model_query_done and + * gtk_file_system_model_one_query_done */ +static void +query_done_helper (GtkFileSystemModel *model, + GFile *file, + GFileInfo *info) +{ + guint id; + + _gtk_file_system_model_update_file (model, file, info); + + id = node_get_for_file (model, file); + gtk_file_system_model_sort_node (model, id); +} + static void gtk_file_system_model_query_done (GObject * object, GAsyncResult *res, gpointer data) { - GtkFileSystemModel *model = data; /* only a valid pointer if not cancelled */ GFile *file = G_FILE (object); GFileInfo *info; - guint id; info = g_file_query_info_finish (file, res, NULL); - if (info == NULL) - return; - - _gtk_file_system_model_update_file (model, file, info); - id = node_get_for_file (model, file); - gtk_file_system_model_sort_node (model, id); - - g_object_unref (info); + if (info != NULL) + { + query_done_helper (GTK_FILE_SYSTEM_MODEL (data), file, info); + g_object_unref (info); + } } static void @@ -2140,10 +2150,19 @@ gtk_file_system_model_one_query_done (GObject * object, GAsyncResult *res, gpointer data) { - GtkFileSystemModel *model = data; /* only a valid pointer if not cancelled */ + GFile *file = G_FILE (object); + GFileInfo *info; - gtk_file_system_model_query_done (object, res, data); - thaw_updates (model); + info = g_file_query_info_finish (file, res, NULL); + + if (info != NULL) + { + GtkFileSystemModel *model = GTK_FILE_SYSTEM_MODEL (data); + + query_done_helper (model, file, info); + g_object_unref (info); + thaw_updates (model); + } } void |