gnu: gtk+-2: Fix build by hardening list store.

* gnu/packages/patches/gtk2-harden-list-store.patch: New file. * gnu/packages/gtk.scm (gtk+-2)[patches]: Add it here. * gnu/local.mk (dist_patch_DATA): Register it here.
2023-03-30 20:41:59 +02:00 · 2023-03-30 20:41:59 +02:00 · 289f7a47de
parent 2a911cd34c
commit 289f7a47de
3 changed files with 44 additions and 0 deletions
--- a/gnu/local.mk
+++ b/gnu/local.mk
@ -1312,6 +1312,7 @@ dist_patch_DATA =						\
  %D%/packages/patches/guile-rsvg-pkgconfig.patch		\
  %D%/packages/patches/guile-emacs-fix-configure.patch		\
  %D%/packages/patches/gtk2-fix-builder-test.patch		\
+  %D%/packages/patches/gtk2-harden-list-store.patch		\
  %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch	\
  %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \
  %D%/packages/patches/gtk2-theme-paths.patch			\
--- a/gnu/packages/gtk.scm
+++ b/gnu/packages/gtk.scm
@ -897,6 +897,7 @@ (define-public gtk+-2
                "1nn6kks1zyvb5xikr9y2k7r9bwjy1g4b0m0s66532bclymbwfamc"))
              (patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"
                                       "gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch"
+                                       "gtk2-harden-list-store.patch"
                                       "gtk2-theme-paths.patch"
                                       "gtk2-fix-builder-test.patch"))))
    (build-system gnu-build-system)
--- a/gnu/packages/patches/gtk2-harden-list-store.patch
+++ b/gnu/packages/patches/gtk2-harden-list-store.patch
@ -0,0 +1,42 @@
+Backport the implementation of gtk_list_store_iter_is_valid from gtk+-3.
+
+Index: gtk+-2.24.33/gtk/gtkliststore.c
+===================================================================
+--- gtk+-2.24.33.orig/gtk/gtkliststore.c
+++ gtk+-2.24.33/gtk/gtkliststore.c
+@@ -1195,16 +1195,31 @@ gboolean
+ gtk_list_store_iter_is_valid (GtkListStore *list_store,
+                               GtkTreeIter  *iter)
+ {
+  GSequenceIter *seq_iter;
+
+   g_return_val_if_fail (GTK_IS_LIST_STORE (list_store), FALSE);
+   g_return_val_if_fail (iter != NULL, FALSE);
+ 
+-  if (!VALID_ITER (iter, list_store))
+-    return FALSE;
+  /* can't use VALID_ITER() here, because iter might point
+   * to random memory.
+   *
+   * We MUST NOT dereference it.
+   */
+ 
+-  if (g_sequence_iter_get_sequence (iter->user_data) != list_store->seq)
+  if (iter == NULL ||
+      iter->user_data == NULL ||
+      list_store->stamp != iter->stamp)
+     return FALSE;
+ 
+-  return TRUE;
+  for (seq_iter = g_sequence_get_begin_iter (list_store->seq);
+       !g_sequence_iter_is_end (seq_iter);
+       seq_iter = g_sequence_iter_next (seq_iter))
+    {
+      if (seq_iter == iter->user_data)
+        return TRUE;
+    }
+
+  return FALSE;
+ }
+ 
+ static gboolean real_gtk_list_store_row_draggable (GtkTreeDragSource *drag_source,