aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/gtk2-harden-list-store.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/gtk2-harden-list-store.patch')
-rw-r--r--gnu/packages/patches/gtk2-harden-list-store.patch42
1 files changed, 42 insertions, 0 deletions
diff --git a/gnu/packages/patches/gtk2-harden-list-store.patch b/gnu/packages/patches/gtk2-harden-list-store.patch
new file mode 100644
index 0000000000..f49dc3bc77
--- /dev/null
+++ b/gnu/packages/patches/gtk2-harden-list-store.patch
@@ -0,0 +1,42 @@
+Backport the implementation of gtk_list_store_iter_is_valid from gtk+-3.
+
+Index: gtk+-2.24.33/gtk/gtkliststore.c
+===================================================================
+--- gtk+-2.24.33.orig/gtk/gtkliststore.c
++++ gtk+-2.24.33/gtk/gtkliststore.c
+@@ -1195,16 +1195,31 @@ gboolean
+ gtk_list_store_iter_is_valid (GtkListStore *list_store,
+ GtkTreeIter *iter)
+ {
++ GSequenceIter *seq_iter;
++
+ g_return_val_if_fail (GTK_IS_LIST_STORE (list_store), FALSE);
+ g_return_val_if_fail (iter != NULL, FALSE);
+
+- if (!VALID_ITER (iter, list_store))
+- return FALSE;
++ /* can't use VALID_ITER() here, because iter might point
++ * to random memory.
++ *
++ * We MUST NOT dereference it.
++ */
+
+- if (g_sequence_iter_get_sequence (iter->user_data) != list_store->seq)
++ if (iter == NULL ||
++ iter->user_data == NULL ||
++ list_store->stamp != iter->stamp)
+ return FALSE;
+
+- return TRUE;
++ for (seq_iter = g_sequence_get_begin_iter (list_store->seq);
++ !g_sequence_iter_is_end (seq_iter);
++ seq_iter = g_sequence_iter_next (seq_iter))
++ {
++ if (seq_iter == iter->user_data)
++ return TRUE;
++ }
++
++ return FALSE;
+ }
+
+ static gboolean real_gtk_list_store_row_draggable (GtkTreeDragSource *drag_source,
generated by cgit v1.2.3 (git 2.25.4) at 2024-06-07 18:26:57 +0000