diff --git a/0001-props-fix-the-max-lengths-for-set_name-description-s.patch b/0001-props-fix-the-max-lengths-for-set_name-description-s.patch new file mode 100644 index 0000000..79b747a --- /dev/null +++ b/0001-props-fix-the-max-lengths-for-set_name-description-s.patch @@ -0,0 +1,47 @@ +From 0610dc493702929f8376687249b5ba98180198f3 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Mon, 22 Jan 2024 10:40:42 +1000 +Subject: [PATCH 1/3] props: fix the max lengths for + set_name/description/short_description + +All three had the wrong copy/pasta applied to them, so if this function +was ever called, our description was limited to e.g. 32 bytes. +I'm assuming this function has never been used before. +--- + libxklavier/xklavier_props.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/libxklavier/xklavier_props.c b/libxklavier/xklavier_props.c +index 95f38e2..73996d6 100644 +--- a/libxklavier/xklavier_props.c ++++ b/libxklavier/xklavier_props.c +@@ -65,7 +65,7 @@ xkl_config_item_set_name(XklConfigItem * item, + const gchar * name) + { + if (name != NULL) +- strncpy (item->name, name, XKL_MAX_CI_SHORT_DESC_LENGTH-1); ++ strncpy (item->name, name, XKL_MAX_CI_NAME_LENGTH-1); + else + item->name[0] = '\0'; + } +@@ -81,7 +81,7 @@ xkl_config_item_set_short_description(XklConfigItem * item, + const gchar * short_description) + { + if (short_description != NULL) +- strncpy (item->short_description, short_description, XKL_MAX_CI_DESC_LENGTH-1); ++ strncpy (item->short_description, short_description, XKL_MAX_CI_SHORT_DESC_LENGTH-1); + else + item->short_description[0] = '\0'; + } +@@ -97,7 +97,7 @@ xkl_config_item_set_description(XklConfigItem * item, + const gchar * description) + { + if (description != NULL) +- strncpy (item->description, description, XKL_MAX_CI_NAME_LENGTH-1); ++ strncpy (item->description, description, XKL_MAX_CI_DESC_LENGTH-1); + else + item->description[0] = '\0'; + } +-- +2.43.0 + diff --git a/0002-config-use-our-name-description-setter-functions.patch b/0002-config-use-our-name-description-setter-functions.patch new file mode 100644 index 0000000..0de23c6 --- /dev/null +++ b/0002-config-use-our-name-description-setter-functions.patch @@ -0,0 +1,50 @@ +From be4a42c9638768777f9db6746676519e06e12425 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Mon, 22 Jan 2024 10:53:49 +1000 +Subject: [PATCH 2/3] config: use our name/description setter functions + +The direct strncat into the struct is probably the reason no-one noticed +the wrong #defines being used in those setters (see previous commit). +We have the setters, let's use them. +--- + libxklavier/xklavier_config.c | 14 +++++--------- + 1 file changed, 5 insertions(+), 9 deletions(-) + +diff --git a/libxklavier/xklavier_config.c b/libxklavier/xklavier_config.c +index ac34a20..c6c9bc1 100644 +--- a/libxklavier/xklavier_config.c ++++ b/libxklavier/xklavier_config.c +@@ -191,16 +191,13 @@ xkl_read_config_item(XklConfigRegistry * config, gint doc_index, + vendor_element = xkl_find_element(ptr, XML_TAG_VENDOR); + + if (name_element != NULL && name_element->children != NULL) +- strncat(item->name, +- (char *) name_element->children->content, +- XKL_MAX_CI_NAME_LENGTH - 1); ++ xkl_config_item_set_name(item, (char *) name_element->children->content); + + if (short_desc_element != NULL + && short_desc_element->children != NULL) { +- strncat(item->short_description, +- dgettext(XKB_DOMAIN, (const char *) +- short_desc_element->children->content), +- XKL_MAX_CI_SHORT_DESC_LENGTH - 1); ++ xkl_config_item_set_short_description(item, ++ dgettext(XKB_DOMAIN, (const char *) ++ short_desc_element->children->content)); + } + + if (desc_element != NULL && desc_element->children != NULL) { +@@ -238,8 +235,7 @@ xkl_read_config_item(XklConfigRegistry * config, gint doc_index, + g_free(translated); + translated = unescaped; + } +- strncat(item->description, +- translated, XKL_MAX_CI_DESC_LENGTH - 1); ++ xkl_config_item_set_description(item, translated); + g_free(translated); + } + +-- +2.43.0 + diff --git a/0003-props-validate-name-and-descriptions-for-valid-UTF-8.patch b/0003-props-validate-name-and-descriptions-for-valid-UTF-8.patch new file mode 100644 index 0000000..cd34d4b --- /dev/null +++ b/0003-props-validate-name-and-descriptions-for-valid-UTF-8.patch @@ -0,0 +1,96 @@ +From c95e5dd9c041bc7e41fb40df96076200458fc19e Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Mon, 22 Jan 2024 09:39:41 +1000 +Subject: [PATCH 3/3] props: validate name and descriptions for valid UTF-8 + +All three are truncated to a fixed max length, potentially leading to +invalid UTF-8 sequences. Ensure that can't happen by chopping off any +invalid sequences. + +See +https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config/-/issues/435 +--- + libxklavier/xklavier_props.c | 33 +++++++++++++++++++++++++++------ + 1 file changed, 27 insertions(+), 6 deletions(-) + +diff --git a/libxklavier/xklavier_props.c b/libxklavier/xklavier_props.c +index 73996d6..8929de7 100644 +--- a/libxklavier/xklavier_props.c ++++ b/libxklavier/xklavier_props.c +@@ -21,6 +21,8 @@ + #include + #include + ++#include ++ + #include + #include + +@@ -30,6 +32,19 @@ + + #include "xklavier_private.h" + ++/* Truncate the given null-terminated string (within an allocation ++ * of sz bytes) to the longest continuously valid UTF-8 sequence */ ++static void ++utf8_truncate(gchar string[], size_t sz) ++{ ++ const char *end; ++ ++ if (!g_utf8_validate (string, -1, &end)) { ++ ptrdiff_t valid = end - (const gchar *)string; ++ memset (&string[valid], 0, sz - valid); ++ } ++} ++ + static GObjectClass *parent_class = NULL; + + static void xkl_config_rec_destroy(XklConfigRec * data); +@@ -64,10 +79,12 @@ void + xkl_config_item_set_name(XklConfigItem * item, + const gchar * name) + { +- if (name != NULL) ++ if (name != NULL) { + strncpy (item->name, name, XKL_MAX_CI_NAME_LENGTH-1); +- else ++ utf8_truncate (item->name, sizeof (item->name)); ++ } else { + item->name[0] = '\0'; ++ } + } + + const gchar * +@@ -80,10 +97,12 @@ void + xkl_config_item_set_short_description(XklConfigItem * item, + const gchar * short_description) + { +- if (short_description != NULL) ++ if (short_description != NULL) { + strncpy (item->short_description, short_description, XKL_MAX_CI_SHORT_DESC_LENGTH-1); +- else ++ utf8_truncate (item->short_description, sizeof (item->short_description)); ++ } else { + item->short_description[0] = '\0'; ++ } + } + + const gchar * +@@ -96,10 +115,12 @@ void + xkl_config_item_set_description(XklConfigItem * item, + const gchar * description) + { +- if (description != NULL) ++ if (description != NULL) { + strncpy (item->description, description, XKL_MAX_CI_DESC_LENGTH-1); +- else ++ utf8_truncate (item->description, sizeof (item->description)); ++ } else { + item->description[0] = '\0'; ++ } + } + + G_DEFINE_TYPE(XklConfigRec, xkl_config_rec, G_TYPE_OBJECT) +-- +2.43.0 + diff --git a/libxklavier.spec b/libxklavier.spec index 8ad6719..9d8a37f 100644 --- a/libxklavier.spec +++ b/libxklavier.spec @@ -1,7 +1,7 @@ Summary: High-level API for X Keyboard Extension Name: libxklavier Version: 5.4 -Release: 24%{?dist} +Release: 25%{?dist} License: LGPL-2.0-or-later URL: http://www.freedesktop.org/wiki/Software/LibXklavier BuildRequires: make @@ -17,6 +17,10 @@ Requires: iso-codes #Source: http://download.gnome.org/sources/libxklavier/5.3/%{name}-%{version}.tar.xz Source: http://people.freedesktop.org/~svu/libxklavier-5.4.tar.bz2 +Patch01: 0001-props-fix-the-max-lengths-for-set_name-description-s.patch +Patch02: 0002-config-use-our-name-description-setter-functions.patch +Patch03: 0003-props-validate-name-and-descriptions-for-valid-UTF-8.patch + %description libxklavier is a library providing a high-level API for the X Keyboard Extension (XKB). This library is intended to support XFree86 and other @@ -33,7 +37,7 @@ This package contains libraries, header files and developer documentation needed to develop libxklavier applications. %prep -%setup -q +%autosetup -p1 %build %configure \ @@ -68,6 +72,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.{a,la} %{_datadir}/gir-1.0/Xkl-1.0.gir %changelog +* Mon Jan 22 2024 Peter Hutterer - 5.4-25 +- Fix invalid UTF-8 truncations in XKB descriptions and names + * Sun Jan 21 2024 Fedora Release Engineering - 5.4-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild