diff options
| author | Tobias Mueller <tobiasmue@gnome.org> | 2010-04-12 18:22:43 +0100 |
|---|---|---|
| committer | Jürg Billeter <j@bitron.ch> | 2010-05-27 22:40:43 +0200 |
| commit | 368d71448acad0546efbb203c08a093ec43611a4 (patch) | |
| tree | 12b41ae18c69a5f02e5ff6c16a05e41a01f811ec /gobject-introspection | |
| parent | 61e938df208635f2beb13cbe4532907d8ad95fae (diff) | |
| download | vala-368d71448acad0546efbb203c08a093ec43611a4.tar.gz | |
gobject-introspection: Free allocated memory and fix format strings
g_markup_printf_escaped allocates memory which now is free()d. Also,
move from g_string_append_printf to g_string_append because it has a
clearer and easier semantic and is less error prone. In fact, this fixes
potential format string vulnerabilties.
Fixes bug 615552.
Diffstat (limited to 'gobject-introspection')
| -rw-r--r-- | gobject-introspection/gidlwriter.c | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/gobject-introspection/gidlwriter.c b/gobject-introspection/gidlwriter.c index cd6cbad2a..2c0cbaa5c 100644 --- a/gobject-introspection/gidlwriter.c +++ b/gobject-introspection/gidlwriter.c @@ -138,12 +138,14 @@ function_generate (GIdlWriter * writer, GIdlNodeFunction * node) "%s name=\"%s\"", tag_name, node->node.name); - if (node->node.type != G_IDL_NODE_CALLBACK) - g_string_append_printf (markup_s, - g_markup_printf_escaped (" symbol=\"%s\"", node->symbol)); + if (node->node.type != G_IDL_NODE_CALLBACK) { + gchar *tmp = g_markup_printf_escaped (" symbol=\"%s\"", node->symbol); + markup_s = g_string_append (markup_s, tmp); + g_free (tmp); + } if (node->deprecated) - g_string_append_printf (markup_s, " deprecated=\"1\""); + markup_s = g_string_append (markup_s, " deprecated=\"1\""); g_string_append (markup_s, ">\n"); @@ -388,18 +390,21 @@ enum_generate (GIdlWriter * writer, GIdlNodeEnum * node) "%s name=\"%s\"", tag_name, node->node.name); - if (node->gtype_name != NULL) - g_string_append_printf (markup_s, - g_markup_printf_escaped (" type-name=\"%s\"", node->gtype_name)); - - if (node->gtype_init != NULL) - g_string_append_printf (markup_s, - g_markup_printf_escaped (" get-type=\"%s\"", node->gtype_init)); + if (node->gtype_name != NULL) { + gchar *tmp = g_markup_printf_escaped (" type-name=\"%s\"", node->gtype_name); + markup_s = g_string_append (markup_s, tmp); + g_free (tmp); + } + if (node->gtype_init != NULL) { + gchar *tmp = g_markup_printf_escaped (" get-type=\"%s\"", node->gtype_init); + markup_s = g_string_append (markup_s, tmp); + g_free(tmp); + } if (node->deprecated) - g_string_append_printf (markup_s, " deprecated=\"1\""); + markup_s = g_string_append (markup_s, " deprecated=\"1\""); - g_string_append (markup_s, ">\n"); + markup_s = g_string_append (markup_s, ">\n"); g_writer_write_indent (writer, markup_s->str); g_string_free (markup_s, TRUE); |