aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorRaghav Gururajan <rg@raghavgururajan.name>2021-03-11 06:39:29 -0500
committerRaghav Gururajan <rg@raghavgururajan.name>2021-03-25 20:51:42 -0400
commit993de472ed3dfe90e1c4110b6b910c1f74d243ff (patch)
tree1cbbe213d783fc69ea9e9c4b4f9e9e25ee35c31c /gnu/packages/patches
parentc2366b948167c4d378404771b1aa86369add4175 (diff)
downloadguix-993de472ed3dfe90e1c4110b6b910c1f74d243ff.tar.gz
guix-993de472ed3dfe90e1c4110b6b910c1f74d243ff.zip
gnu: glib: Make some cosmetic changes.
* gnu/packages/patches/glib-CVE-2021-27218.patch gnu/packages/patches/glib-CVE-2021-27219-01.patch gnu/packages/patches/glib-CVE-2021-27219-02.patch gnu/packages/patches/glib-CVE-2021-27219-03.patch gnu/packages/patches/glib-CVE-2021-27219-04.patch gnu/packages/patches/glib-CVE-2021-27219-05.patch gnu/packages/patches/glib-CVE-2021-27219-06.patch gnu/packages/patches/glib-CVE-2021-27219-07.patch gnu/packages/patches/glib-CVE-2021-27219-08.patch gnu/packages/patches/glib-CVE-2021-27219-09.patch gnu/packages/patches/glib-CVE-2021-27219-10.patch gnu/packages/patches/glib-CVE-2021-27219-11.patch gnu/packages/patches/glib-CVE-2021-27219-12.patch gnu/packages/patches/glib-CVE-2021-27219-13.patch gnu/packages/patches/glib-CVE-2021-27219-14.patch gnu/packages/patches/glib-CVE-2021-27219-15.patch gnu/packages/patches/glib-CVE-2021-27219-16.patch gnu/packages/patches/glib-CVE-2021-27219-17.patch gnu/packages/patches/glib-CVE-2021-27219-18.patch gnu/packages/patches/glib-CVE-2021-28153.patch: Remove patches. * gnu/local.mk (dist_patch_DATA): Unregister them. * gnu/packages/glib.scm (glib): Make some cosmetic changes. [replacement]: Remove. (glib/fixed): Remove. Signed-off-by: Léo Le Bouter <lle-bout@zaclys.net>
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27218.patch132
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-01.patch176
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-02.patch264
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-03.patch136
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-04.patch308
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-05.patch47
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-06.patch94
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-07.patch118
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-08.patch94
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-09.patch98
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-10.patch52
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-11.patch57
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-12.patch30
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-13.patch32
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-14.patch32
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-15.patch95
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-16.patch43
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-17.patch37
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-18.patch232
-rw-r--r--gnu/packages/patches/glib-CVE-2021-28153.patch283
20 files changed, 0 insertions, 2360 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27218.patch b/gnu/packages/patches/glib-CVE-2021-27218.patch
deleted file mode 100644
index 00fa5ebf79..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27218.patch
+++ /dev/null
@@ -1,132 +0,0 @@
-Backport of:
-
-From 0f384c88a241bbbd884487b1c40b7b75f1e638d3 Mon Sep 17 00:00:00 2001
-From: Krzesimir Nowak <qdlacz@gmail.com>
-Date: Wed, 10 Feb 2021 23:51:07 +0100
-Subject: [PATCH] gbytearray: Do not accept too large byte arrays
-
-GByteArray uses guint for storing the length of the byte array, but it
-also has a constructor (g_byte_array_new_take) that takes length as a
-gsize. gsize may be larger than guint (64 bits for gsize vs 32 bits
-for guint). It is possible to call the function with a value greater
-than G_MAXUINT, which will result in silent length truncation. This
-may happen as a result of unreffing GBytes into GByteArray, so rather
-be loud about it.
-
-(Test case tweaked by Philip Withnall.)
-
-(Backport 2.66: Add #include gstrfuncsprivate.h in the test case for
-`g_memdup2()`.)
----
- glib/garray.c | 6 ++++++
- glib/gbytes.c | 4 ++++
- glib/tests/bytes.c | 35 ++++++++++++++++++++++++++++++++++-
- 3 files changed, 44 insertions(+), 1 deletion(-)
-
-diff --git a/glib/garray.c b/glib/garray.c
-index 942e74c9f..fb1a42aaf 100644
---- a/glib/garray.c
-+++ b/glib/garray.c
-@@ -2013,6 +2013,10 @@ g_byte_array_new (void)
- * Create byte array containing the data. The data will be owned by the array
- * and will be freed with g_free(), i.e. it could be allocated using g_strdup().
- *
-+ * Do not use it if @len is greater than %G_MAXUINT. #GByteArray
-+ * stores the length of its data in #guint, which may be shorter than
-+ * #gsize.
-+ *
- * Since: 2.32
- *
- * Returns: (transfer full): a new #GByteArray
-@@ -2024,6 +2028,8 @@ g_byte_array_new_take (guint8 *data,
- GByteArray *array;
- GRealArray *real;
-
-+ g_return_val_if_fail (len <= G_MAXUINT, NULL);
-+
- array = g_byte_array_new ();
- real = (GRealArray *)array;
- g_assert (real->data == NULL);
-diff --git a/glib/gbytes.c b/glib/gbytes.c
-index 7b72886e5..d56abe6c3 100644
---- a/glib/gbytes.c
-+++ b/glib/gbytes.c
-@@ -519,6 +519,10 @@ g_bytes_unref_to_data (GBytes *bytes,
- * g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes(). In all
- * other cases the data is copied.
- *
-+ * Do not use it if @bytes contains more than %G_MAXUINT
-+ * bytes. #GByteArray stores the length of its data in #guint, which
-+ * may be shorter than #gsize, that @bytes is using.
-+ *
- * Returns: (transfer full): a new mutable #GByteArray containing the same byte data
- *
- * Since: 2.32
-diff --git a/glib/tests/bytes.c b/glib/tests/bytes.c
-index 5ea5c2b35..15a6aaad6 100644
---- a/glib/tests/bytes.c
-+++ b/glib/tests/bytes.c
-@@ -10,12 +10,12 @@
- */
-
- #undef G_DISABLE_ASSERT
--#undef G_LOG_DOMAIN
-
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include "glib.h"
-+#include "glib/gstrfuncsprivate.h"
-
- /* Keep in sync with glib/gbytes.c */
- struct _GBytes
-@@ -333,6 +333,38 @@ test_to_array_transferred (void)
- g_byte_array_unref (array);
- }
-
-+static void
-+test_to_array_transferred_oversize (void)
-+{
-+ g_test_message ("g_bytes_unref_to_array() can only take GBytes up to "
-+ "G_MAXUINT in length; test that longer ones are rejected");
-+
-+ if (sizeof (guint) >= sizeof (gsize))
-+ {
-+ g_test_skip ("Skipping test as guint is not smaller than gsize");
-+ }
-+ else if (g_test_undefined ())
-+ {
-+ GByteArray *array = NULL;
-+ GBytes *bytes = NULL;
-+ gpointer data = g_memdup2 (NYAN, N_NYAN);
-+ gsize len = ((gsize) G_MAXUINT) + 1;
-+
-+ bytes = g_bytes_new_take (data, len);
-+ g_test_expect_message (G_LOG_DOMAIN, G_LOG_LEVEL_CRITICAL,
-+ "g_byte_array_new_take: assertion 'len <= G_MAXUINT' failed");
-+ array = g_bytes_unref_to_array (g_steal_pointer (&bytes));
-+ g_test_assert_expected_messages ();
-+ g_assert_null (array);
-+
-+ g_free (data);
-+ }
-+ else
-+ {
-+ g_test_skip ("Skipping test as testing undefined behaviour is disabled");
-+ }
-+}
-+
- static void
- test_to_array_two_refs (void)
- {
-@@ -410,6 +442,7 @@ main (int argc, char *argv[])
- g_test_add_func ("/bytes/to-array/transfered", test_to_array_transferred);
- g_test_add_func ("/bytes/to-array/two-refs", test_to_array_two_refs);
- g_test_add_func ("/bytes/to-array/non-malloc", test_to_array_non_malloc);
-+ g_test_add_func ("/bytes/to-array/transferred/oversize", test_to_array_transferred_oversize);
- g_test_add_func ("/bytes/null", test_null);
-
- return g_test_run ();
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-01.patch b/gnu/packages/patches/glib-CVE-2021-27219-01.patch
deleted file mode 100644
index 5db360d468..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-01.patch
+++ /dev/null
@@ -1,176 +0,0 @@
-Backport of:
-
-From 5e5f75a77e399c638be66d74e5daa8caeb433e00 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:30:52 +0000
-Subject: [PATCH 01/11] gstrfuncs: Add internal g_memdup2() function
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This will replace the existing `g_memdup()` function for use within
-GLib. It has an unavoidable security flaw of taking its `byte_size`
-argument as a `guint` rather than as a `gsize`. Most callers will
-expect it to be a `gsize`, and may pass in large values which could
-silently be truncated, resulting in an undersize allocation compared
-to what the caller expects.
-
-This could lead to a classic buffer overflow vulnerability for many
-callers of `g_memdup()`.
-
-`g_memdup2()`, in comparison, takes its `byte_size` as a `gsize`.
-
-Spotted by Kevin Backhouse of GHSL.
-
-In GLib 2.68, `g_memdup2()` will be a new public API. In this version
-for backport to older stable releases, it’s a new `static inline` API
-in a private header, so that use of `g_memdup()` within GLib can be
-fixed without adding a new API in a stable release series.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: GHSL-2021-045
-Helps: #2319
----
- docs/reference/glib/meson.build | 1 +
- glib/gstrfuncsprivate.h | 55 +++++++++++++++++++++++++++++++++
- glib/meson.build | 1 +
- glib/tests/strfuncs.c | 23 ++++++++++++++
- 4 files changed, 80 insertions(+)
- create mode 100644 glib/gstrfuncsprivate.h
-
-diff --git a/docs/reference/glib/meson.build b/docs/reference/glib/meson.build
-index bba7649f0..ee39f6d04 100644
---- a/docs/reference/glib/meson.build
-+++ b/docs/reference/glib/meson.build
-@@ -22,6 +22,7 @@ if get_option('gtk_doc')
- 'gprintfint.h',
- 'gmirroringtable.h',
- 'gscripttable.h',
-+ 'gstrfuncsprivate.h',
- 'glib-mirroring-tab',
- 'gnulib',
- 'pcre',
-diff --git a/glib/gstrfuncsprivate.h b/glib/gstrfuncsprivate.h
-new file mode 100644
-index 000000000..85c88328a
---- /dev/null
-+++ b/glib/gstrfuncsprivate.h
-@@ -0,0 +1,55 @@
-+/* GLIB - Library of useful routines for C programming
-+ * Copyright (C) 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald
-+ *
-+ * This library is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU Lesser General Public
-+ * License as published by the Free Software Foundation; either
-+ * version 2.1 of the License, or (at your option) any later version.
-+ *
-+ * This library is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ * Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public
-+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
-+ */
-+
-+#include <glib.h>
-+#include <string.h>
-+
-+/*
-+ * g_memdup2:
-+ * @mem: (nullable): the memory to copy.
-+ * @byte_size: the number of bytes to copy.
-+ *
-+ * Allocates @byte_size bytes of memory, and copies @byte_size bytes into it
-+ * from @mem. If @mem is %NULL it returns %NULL.
-+ *
-+ * This replaces g_memdup(), which was prone to integer overflows when
-+ * converting the argument from a #gsize to a #guint.
-+ *
-+ * This static inline version is a backport of the new public API from
-+ * GLib 2.68, kept internal to GLib for backport to older stable releases.
-+ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2319.
-+ *
-+ * Returns: (nullable): a pointer to the newly-allocated copy of the memory,
-+ * or %NULL if @mem is %NULL.
-+ * Since: 2.68
-+ */
-+static inline gpointer
-+g_memdup2 (gconstpointer mem,
-+ gsize byte_size)
-+{
-+ gpointer new_mem;
-+
-+ if (mem && byte_size != 0)
-+ {
-+ new_mem = g_malloc (byte_size);
-+ memcpy (new_mem, mem, byte_size);
-+ }
-+ else
-+ new_mem = NULL;
-+
-+ return new_mem;
-+}
-diff --git a/glib/meson.build b/glib/meson.build
-index aaf5f00f5..5a6eea397 100644
---- a/glib/meson.build
-+++ b/glib/meson.build
-@@ -268,6 +268,7 @@ glib_sources = files(
- 'gslist.c',
- 'gstdio.c',
- 'gstrfuncs.c',
-+ 'gstrfuncsprivate.h',
- 'gstring.c',
- 'gstringchunk.c',
- 'gtestutils.c',
-diff --git a/glib/tests/strfuncs.c b/glib/tests/strfuncs.c
-index e1f9619c7..d968afff9 100644
---- a/glib/tests/strfuncs.c
-+++ b/glib/tests/strfuncs.c
-@@ -32,6 +32,8 @@
- #include <string.h>
- #include "glib.h"
-
-+#include "gstrfuncsprivate.h"
-+
- #if defined (_MSC_VER) && (_MSC_VER <= 1800)
- #define isnan(x) _isnan(x)
-
-@@ -219,6 +221,26 @@ test_memdup (void)
- g_free (str_dup);
- }
-
-+/* Testing g_memdup2() function with various positive and negative cases */
-+static void
-+test_memdup2 (void)
-+{
-+ gchar *str_dup = NULL;
-+ const gchar *str = "The quick brown fox jumps over the lazy dog";
-+
-+ /* Testing negative cases */
-+ g_assert_null (g_memdup2 (NULL, 1024));
-+ g_assert_null (g_memdup2 (str, 0));
-+ g_assert_null (g_memdup2 (NULL, 0));
-+
-+ /* Testing normal usage cases */
-+ str_dup = g_memdup2 (str, strlen (str) + 1);
-+ g_assert_nonnull (str_dup);
-+ g_assert_cmpstr (str, ==, str_dup);
-+
-+ g_free (str_dup);
-+}
-+
- /* Testing g_strpcpy() function with various positive and negative cases */
- static void
- test_stpcpy (void)
-@@ -2523,6 +2545,7 @@ main (int argc,
- g_test_add_func ("/strfuncs/has-prefix", test_has_prefix);
- g_test_add_func ("/strfuncs/has-suffix", test_has_suffix);
- g_test_add_func ("/strfuncs/memdup", test_memdup);
-+ g_test_add_func ("/strfuncs/memdup2", test_memdup2);
- g_test_add_func ("/strfuncs/stpcpy", test_stpcpy);
- g_test_add_func ("/strfuncs/str_match_string", test_str_match_string);
- g_test_add_func ("/strfuncs/str_tokenize_and_fold", test_str_tokenize_and_fold);
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-02.patch b/gnu/packages/patches/glib-CVE-2021-27219-02.patch
deleted file mode 100644
index 431959fa8f..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-02.patch
+++ /dev/null
@@ -1,264 +0,0 @@
-Backport of:
-
-From be8834340a2d928ece82025463ae23dee2c333d0 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:37:56 +0000
-Subject: [PATCH 02/11] gio: Use g_memdup2() instead of g_memdup() in obvious
- places
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Convert all the call sites which use `g_memdup()`’s length argument
-trivially (for example, by passing a `sizeof()`), so that they use
-`g_memdup2()` instead.
-
-In almost all of these cases the use of `g_memdup()` would not have
-caused problems, but it will soon be deprecated, so best port away from
-it.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gdbusconnection.c | 5 +++--
- gio/gdbusinterfaceskeleton.c | 3 ++-
- gio/gfile.c | 7 ++++---
- gio/gsettingsschema.c | 5 +++--
- gio/gwin32registrykey.c | 8 +++++---
- gio/tests/async-close-output-stream.c | 6 ++++--
- gio/tests/gdbus-export.c | 5 +++--
- gio/win32/gwinhttpfile.c | 9 +++++----
- 8 files changed, 29 insertions(+), 19 deletions(-)
-
-diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c
-index f1f0921d4..d56453486 100644
---- a/gio/gdbusconnection.c
-+++ b/gio/gdbusconnection.c
-@@ -110,6 +110,7 @@
- #include "gasyncinitable.h"
- #include "giostream.h"
- #include "gasyncresult.h"
-+#include "gstrfuncsprivate.h"
- #include "gtask.h"
- #include "gmarshal-internal.h"
-
-@@ -3997,7 +3998,7 @@ _g_dbus_interface_vtable_copy (const GDBusInterfaceVTable *vtable)
- /* Don't waste memory by copying padding - remember to update this
- * when changing struct _GDBusInterfaceVTable in gdbusconnection.h
- */
-- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
-+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
- }
-
- static void
-@@ -4014,7 +4015,7 @@ _g_dbus_subtree_vtable_copy (const GDBusSubtreeVTable *vtable)
- /* Don't waste memory by copying padding - remember to update this
- * when changing struct _GDBusSubtreeVTable in gdbusconnection.h
- */
-- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
-+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
- }
-
- static void
-diff --git a/gio/gdbusinterfaceskeleton.c b/gio/gdbusinterfaceskeleton.c
-index 4a06516c1..4a4b719a5 100644
---- a/gio/gdbusinterfaceskeleton.c
-+++ b/gio/gdbusinterfaceskeleton.c
-@@ -28,6 +28,7 @@
- #include "gdbusmethodinvocation.h"
- #include "gdbusconnection.h"
- #include "gmarshal-internal.h"
-+#include "gstrfuncsprivate.h"
- #include "gtask.h"
- #include "gioerror.h"
-
-@@ -701,7 +702,7 @@ add_connection_locked (GDBusInterfaceSkeleton *interface_,
- * properly before building the hooked_vtable, so we create it
- * once at the last minute.
- */
-- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
-+ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
- interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call;
- }
-
-diff --git a/gio/gfile.c b/gio/gfile.c
-index ba93f7c75..88b341e7d 100644
---- a/gio/gfile.c
-+++ b/gio/gfile.c
-@@ -60,6 +60,7 @@
- #include "gasyncresult.h"
- #include "gioerror.h"
- #include "glibintl.h"
-+#include "gstrfuncsprivate.h"
-
-
- /**
-@@ -7884,7 +7885,7 @@ measure_disk_usage_progress (gboolean reporting,
- g_main_context_invoke_full (g_task_get_context (task),
- g_task_get_priority (task),
- measure_disk_usage_invoke_progress,
-- g_memdup (&progress, sizeof progress),
-+ g_memdup2 (&progress, sizeof progress),
- g_free);
- }
-
-@@ -7902,7 +7903,7 @@ measure_disk_usage_thread (GTask *task,
- data->progress_callback ? measure_disk_usage_progress : NULL, task,
- &result.disk_usage, &result.num_dirs, &result.num_files,
- &error))
-- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free);
-+ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free);
- else
- g_task_return_error (task, error);
- }
-@@ -7926,7 +7927,7 @@ g_file_real_measure_disk_usage_async (GFile *file,
-
- task = g_task_new (file, cancellable, callback, user_data);
- g_task_set_source_tag (task, g_file_real_measure_disk_usage_async);
-- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free);
-+ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free);
- g_task_set_priority (task, io_priority);
-
- g_task_run_in_thread (task, measure_disk_usage_thread);
-diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c
-index 3a60b8c64..dded9b1ca 100644
---- a/gio/gsettingsschema.c
-+++ b/gio/gsettingsschema.c
-@@ -20,6 +20,7 @@
-
- #include "gsettingsschema-internal.h"
- #include "gsettings.h"
-+#include "gstrfuncsprivate.h"
-
- #include "gvdb/gvdb-reader.h"
- #include "strinfo.c"
-@@ -1058,9 +1059,9 @@ g_settings_schema_list_children (GSettingsSchema *schema)
-
- if (g_str_has_suffix (key, "/"))
- {
-- gint length = strlen (key);
-+ gsize length = strlen (key);
-
-- strv[j] = g_memdup (key, length);
-+ strv[j] = g_memdup2 (key, length);
- strv[j][length - 1] = '\0';
- j++;
- }
-diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c
-index c19fede4e..619fd48af 100644
---- a/gio/gwin32registrykey.c
-+++ b/gio/gwin32registrykey.c
-@@ -28,6 +28,8 @@
- #include <ntstatus.h>
- #include <winternl.h>
-
-+#include "gstrfuncsprivate.h"
-+
- #ifndef _WDMDDK_
- typedef enum _KEY_INFORMATION_CLASS {
- KeyBasicInformation,
-@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter)
- new_iter->value_name_size = iter->value_name_size;
-
- if (iter->value_data != NULL)
-- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size);
-+ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size);
-
- new_iter->value_data_size = iter->value_data_size;
-
-@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const GWin32RegistryValueIter *iter)
- new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize;
-
- if (iter->value_data_expanded_u8 != NULL)
-- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8,
-- iter->value_data_expanded_charsize);
-+ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8,
-+ iter->value_data_expanded_charsize);
-
- new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize;
-
-diff --git a/gio/tests/async-close-output-stream.c b/gio/tests/async-close-output-stream.c
-index 5f6620275..d3f97a119 100644
---- a/gio/tests/async-close-output-stream.c
-+++ b/gio/tests/async-close-output-stream.c
-@@ -24,6 +24,8 @@
- #include <stdlib.h>
- #include <string.h>
-
-+#include "gstrfuncsprivate.h"
-+
- #define DATA_TO_WRITE "Hello world\n"
-
- typedef struct
-@@ -147,9 +149,9 @@ prepare_data (SetupData *data,
-
- data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream));
-
-- g_assert_cmpint (data->expected_size, >, 0);
-+ g_assert_cmpuint (data->expected_size, >, 0);
-
-- data->expected_output = g_memdup (written, (guint)data->expected_size);
-+ data->expected_output = g_memdup2 (written, data->expected_size);
-
- /* then recreate the streams and prepare them for the asynchronous close */
- destroy_streams (data);
-diff --git a/gio/tests/gdbus-export.c b/gio/tests/gdbus-export.c
-index 506c7458a..5513306f8 100644
---- a/gio/tests/gdbus-export.c
-+++ b/gio/tests/gdbus-export.c
-@@ -23,6 +23,7 @@
- #include <string.h>
-
- #include "gdbus-tests.h"
-+#include "gstrfuncsprivate.h"
-
- /* all tests rely on a shared mainloop */
- static GMainLoop *loop = NULL;
-@@ -671,7 +672,7 @@ subtree_introspect (GDBusConnection *connection,
- g_assert_not_reached ();
- }
-
-- return g_memdup (interfaces, 2 * sizeof (void *));
-+ return g_memdup2 (interfaces, 2 * sizeof (void *));
- }
-
- static const GDBusInterfaceVTable *
-@@ -727,7 +728,7 @@ dynamic_subtree_introspect (GDBusConnection *connection,
- {
- const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL };
-
-- return g_memdup (interfaces, 2 * sizeof (void *));
-+ return g_memdup2 (interfaces, 2 * sizeof (void *));
- }
-
- static const GDBusInterfaceVTable *
-diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c
-index cf5eed31d..040ee8564 100644
---- a/gio/win32/gwinhttpfile.c
-+++ b/gio/win32/gwinhttpfile.c
-@@ -29,6 +29,7 @@
- #include "gio/gfile.h"
- #include "gio/gfileattribute.h"
- #include "gio/gfileinfo.h"
-+#include "gstrfuncsprivate.h"
- #include "gwinhttpfile.h"
- #include "gwinhttpfileinputstream.h"
- #include "gwinhttpfileoutputstream.h"
-@@ -393,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file,
- child = g_object_new (G_TYPE_WINHTTP_FILE, NULL);
- child->vfs = winhttp_file->vfs;
- child->url = winhttp_file->url;
-- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
-- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
-- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
-- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
-+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
-+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
-+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
-+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
- child->url.lpszUrlPath = wnew_path;
- child->url.dwUrlPathLength = wcslen (wnew_path);
- child->url.lpszExtraInfo = NULL;
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-03.patch b/gnu/packages/patches/glib-CVE-2021-27219-03.patch
deleted file mode 100644
index 99e849c43c..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-03.patch
+++ /dev/null
@@ -1,136 +0,0 @@
-From 6110caea45b235420b98cd41d845cc92238f6781 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:39:25 +0000
-Subject: [PATCH 03/11] gobject: Use g_memdup2() instead of g_memdup() in
- obvious places
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Convert all the call sites which use `g_memdup()`’s length argument
-trivially (for example, by passing a `sizeof()`), so that they use
-`g_memdup2()` instead.
-
-In almost all of these cases the use of `g_memdup()` would not have
-caused problems, but it will soon be deprecated, so best port away from
-it.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gobject/gsignal.c | 3 ++-
- gobject/gtype.c | 9 +++++----
- gobject/gtypemodule.c | 3 ++-
- gobject/tests/param.c | 4 +++-
- 4 files changed, 12 insertions(+), 7 deletions(-)
-
-diff --git a/gobject/gsignal.c b/gobject/gsignal.c
-index 77d8f211e..41c54ab57 100644
---- a/gobject/gsignal.c
-+++ b/gobject/gsignal.c
-@@ -28,6 +28,7 @@
- #include <signal.h>
-
- #include "gsignal.h"
-+#include "gstrfuncsprivate.h"
- #include "gtype-private.h"
- #include "gbsearcharray.h"
- #include "gvaluecollector.h"
-@@ -1730,7 +1731,7 @@ g_signal_newv (const gchar *signal_name,
- node->single_va_closure_is_valid = FALSE;
- node->flags = signal_flags & G_SIGNAL_FLAGS_MASK;
- node->n_params = n_params;
-- node->param_types = g_memdup (param_types, sizeof (GType) * n_params);
-+ node->param_types = g_memdup2 (param_types, sizeof (GType) * n_params);
- node->return_type = return_type;
- node->class_closure_bsa = NULL;
- if (accumulator)
-diff --git a/gobject/gtype.c b/gobject/gtype.c
-index 7d3789400..8441b90e9 100644
---- a/gobject/gtype.c
-+++ b/gobject/gtype.c
-@@ -33,6 +33,7 @@
-
- #include "glib-private.h"
- #include "gconstructor.h"
-+#include "gstrfuncsprivate.h"
-
- #ifdef G_OS_WIN32
- #include <windows.h>
-@@ -1470,7 +1471,7 @@ type_add_interface_Wm (TypeNode *node,
- iholder->next = iface_node_get_holders_L (iface);
- iface_node_set_holders_W (iface, iholder);
- iholder->instance_type = NODE_TYPE (node);
-- iholder->info = info ? g_memdup (info, sizeof (*info)) : NULL;
-+ iholder->info = info ? g_memdup2 (info, sizeof (*info)) : NULL;
- iholder->plugin = plugin;
-
- /* create an iface entry for this type */
-@@ -1731,7 +1732,7 @@ type_iface_retrieve_holder_info_Wm (TypeNode *iface,
- INVALID_RECURSION ("g_type_plugin_*", iholder->plugin, NODE_NAME (iface));
-
- check_interface_info_I (iface, instance_type, &tmp_info);
-- iholder->info = g_memdup (&tmp_info, sizeof (tmp_info));
-+ iholder->info = g_memdup2 (&tmp_info, sizeof (tmp_info));
- }
-
- return iholder; /* we don't modify write lock upon returning NULL */
-@@ -2016,10 +2017,10 @@ type_iface_vtable_base_init_Wm (TypeNode *iface,
- IFaceEntry *pentry = type_lookup_iface_entry_L (pnode, iface);
-
- if (pentry)
-- vtable = g_memdup (pentry->vtable, iface->data->iface.vtable_size);
-+ vtable = g_memdup2 (pentry->vtable, iface->data->iface.vtable_size);
- }
- if (!vtable)
-- vtable = g_memdup (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size);
-+ vtable = g_memdup2 (iface->data->iface.dflt_vtable, iface->data->iface.vtable_size);
- entry->vtable = vtable;
- vtable->g_type = NODE_TYPE (iface);
- vtable->g_instance_type = NODE_TYPE (node);
-diff --git a/gobject/gtypemodule.c b/gobject/gtypemodule.c
-index 4ecaf8c88..20911fafd 100644
---- a/gobject/gtypemodule.c
-+++ b/gobject/gtypemodule.c
-@@ -19,6 +19,7 @@
-
- #include <stdlib.h>
-
-+#include "gstrfuncsprivate.h"
- #include "gtypeplugin.h"
- #include "gtypemodule.h"
-
-@@ -436,7 +437,7 @@ g_type_module_register_type (GTypeModule *module,
- module_type_info->loaded = TRUE;
- module_type_info->info = *type_info;
- if (type_info->value_table)
-- module_type_info->info.value_table = g_memdup (type_info->value_table,
-+ module_type_info->info.value_table = g_memdup2 (type_info->value_table,
- sizeof (GTypeValueTable));
-
- return module_type_info->type;
-diff --git a/gobject/tests/param.c b/gobject/tests/param.c
-index 758289bf8..971cff162 100644
---- a/gobject/tests/param.c
-+++ b/gobject/tests/param.c
-@@ -2,6 +2,8 @@
- #include <glib-object.h>
- #include <stdlib.h>
-
-+#include "gstrfuncsprivate.h"
-+
- static void
- test_param_value (void)
- {
-@@ -851,7 +853,7 @@ main (int argc, char *argv[])
- test_path = g_strdup_printf ("/param/implement/subprocess/%d-%d-%d-%d",
- data.change_this_flag, data.change_this_type,
- data.use_this_flag, data.use_this_type);
-- test_data = g_memdup (&data, sizeof (TestParamImplementData));
-+ test_data = g_memdup2 (&data, sizeof (TestParamImplementData));
- g_test_add_data_func_full (test_path, test_data, test_param_implement_child, g_free);
- g_free (test_path);
- }
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-04.patch b/gnu/packages/patches/glib-CVE-2021-27219-04.patch
deleted file mode 100644
index 3ae01f34b1..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-04.patch
+++ /dev/null
@@ -1,308 +0,0 @@
-Backport of:
-
-From 0736b7c1e7cf4232c5d7eb2b0fbfe9be81bd3baa Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:41:21 +0000
-Subject: [PATCH 04/11] glib: Use g_memdup2() instead of g_memdup() in obvious
- places
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Convert all the call sites which use `g_memdup()`’s length argument
-trivially (for example, by passing a `sizeof()` or an existing `gsize`
-variable), so that they use `g_memdup2()` instead.
-
-In almost all of these cases the use of `g_memdup()` would not have
-caused problems, but it will soon be deprecated, so best port away from
-it
-
-In particular, this fixes an overflow within `g_bytes_new()`, identified
-as GHSL-2021-045 by GHSL team member Kevin Backhouse.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Fixes: GHSL-2021-045
-Helps: #2319
----
- glib/gbytes.c | 6 ++++--
- glib/gdir.c | 3 ++-
- glib/ghash.c | 7 ++++---
- glib/giochannel.c | 3 ++-
- glib/gslice.c | 3 ++-
- glib/gtestutils.c | 3 ++-
- glib/gvariant.c | 7 ++++---
- glib/gvarianttype.c | 3 ++-
- glib/tests/array-test.c | 4 +++-
- glib/tests/option-context.c | 6 ++++--
- 10 files changed, 29 insertions(+), 16 deletions(-)
-
-diff --git a/glib/gbytes.c b/glib/gbytes.c
-index d56abe6c3..dee494820 100644
---- a/glib/gbytes.c
-+++ b/glib/gbytes.c
-@@ -34,6 +34,8 @@
-
- #include <string.h>
-
-+#include "gstrfuncsprivate.h"
-+
- /**
- * GBytes:
- *
-@@ -95,7 +97,7 @@ g_bytes_new (gconstpointer data,
- {
- g_return_val_if_fail (data != NULL || size == 0, NULL);
-
-- return g_bytes_new_take (g_memdup (data, size), size);
-+ return g_bytes_new_take (g_memdup2 (data, size), size);
- }
-
- /**
-@@ -499,7 +501,7 @@ g_bytes_unref_to_data (GBytes *bytes,
- * Copy: Non g_malloc (or compatible) allocator, or static memory,
- * so we have to copy, and then unref.
- */
-- result = g_memdup (bytes->data, bytes->size);
-+ result = g_memdup2 (bytes->data, bytes->size);
- *size = bytes->size;
- g_bytes_unref (bytes);
- }
-diff --git a/glib/gdir.c b/glib/gdir.c
-index 6b85e99c8..6747a8c6f 100644
---- a/glib/gdir.c
-+++ b/glib/gdir.c
-@@ -37,6 +37,7 @@
- #include "gconvert.h"
- #include "gfileutils.h"
- #include "gstrfuncs.h"
-+#include "gstrfuncsprivate.h"
- #include "gtestutils.h"
- #include "glibintl.h"
-
-@@ -112,7 +113,7 @@ g_dir_open_with_errno (const gchar *path,
- return NULL;
- #endif
-
-- return g_memdup (&dir, sizeof dir);
-+ return g_memdup2 (&dir, sizeof dir);
- }
-
- /**
-diff --git a/glib/ghash.c b/glib/ghash.c
-index e61b03788..26f26062b 100644
---- a/glib/ghash.c
-+++ b/glib/ghash.c
-@@ -34,6 +34,7 @@
- #include "gmacros.h"
- #include "glib-private.h"
- #include "gstrfuncs.h"
-+#include "gstrfuncsprivate.h"
- #include "gatomic.h"
- #include "gtestutils.h"
- #include "gslice.h"
-@@ -964,7 +965,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
- if (hash_table->have_big_keys)
- {
- if (key != value)
-- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size);
-+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size);
- /* Keys and values are both big now, so no need for further checks */
- return;
- }
-@@ -972,7 +973,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
- {
- if (key != value)
- {
-- hash_table->values = g_memdup (hash_table->keys, sizeof (guint) * hash_table->size);
-+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (guint) * hash_table->size);
- is_a_set = FALSE;
- }
- }
-@@ -1000,7 +1001,7 @@ g_hash_table_ensure_keyval_fits (GHashTable *hash_table, gpointer key, gpointer
-
- /* Just split if necessary */
- if (is_a_set && key != value)
-- hash_table->values = g_memdup (hash_table->keys, sizeof (gpointer) * hash_table->size);
-+ hash_table->values = g_memdup2 (hash_table->keys, sizeof (gpointer) * hash_table->size);
-
- #endif
- }
-diff --git a/glib/giochannel.c b/glib/giochannel.c
-index 1956e9dc6..15927c391 100644
---- a/glib/giochannel.c
-+++ b/glib/giochannel.c
-@@ -37,6 +37,7 @@
- #include "giochannel.h"
-
- #include "gstrfuncs.h"
-+#include "gstrfuncsprivate.h"
- #include "gtestutils.h"
- #include "glibintl.h"
-
-@@ -892,7 +893,7 @@ g_io_channel_set_line_term (GIOChannel *channel,
- length = strlen (line_term);
-
- g_free (channel->line_term);
-- channel->line_term = line_term ? g_memdup (line_term, length) : NULL;
-+ channel->line_term = line_term ? g_memdup2 (line_term, length) : NULL;
- channel->line_term_len = length;
- }
-
-diff --git a/glib/gslice.c b/glib/gslice.c
-index 4c758c3be..bcdbb8853 100644
---- a/glib/gslice.c
-+++ b/glib/gslice.c
-@@ -41,6 +41,7 @@
- #include "gmain.h"
- #include "gmem.h" /* gslice.h */
- #include "gstrfuncs.h"
-+#include "gstrfuncsprivate.h"
- #include "gutils.h"
- #include "gtrashstack.h"
- #include "gtestutils.h"
-@@ -350,7 +351,7 @@ g_slice_get_config_state (GSliceConfig ckey,
- array[i++] = allocator->contention_counters[address];
- array[i++] = allocator_get_magazine_threshold (allocator, address);
- *n_values = i;
-- return g_memdup (array, sizeof (array[0]) * *n_values);
-+ return g_memdup2 (array, sizeof (array[0]) * *n_values);
- default:
- return NULL;
- }
-diff --git a/glib/gtestutils.c b/glib/gtestutils.c
-index dd789482f..5887ecc36 100644
---- a/glib/gtestutils.c
-+++ b/glib/gtestutils.c
-@@ -49,6 +49,7 @@
- #include "gpattern.h"
- #include "grand.h"
- #include "gstrfuncs.h"
-+#include "gstrfuncsprivate.h"
- #include "gtimer.h"
- #include "gslice.h"
- #include "gspawn.h"
-@@ -3798,7 +3799,7 @@ g_test_log_extract (GTestLogBuffer *tbuffer)
- if (p <= tbuffer->data->str + mlength)
- {
- g_string_erase (tbuffer->data, 0, mlength);
-- tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup (&msg, sizeof (msg)));
-+ tbuffer->msgs = g_slist_prepend (tbuffer->msgs, g_memdup2 (&msg, sizeof (msg)));
- return TRUE;
- }
-
-diff --git a/glib/gvariant.c b/glib/gvariant.c
-index b61bf7278..d6f68a9ea 100644
---- a/glib/gvariant.c
-+++ b/glib/gvariant.c
-@@ -33,6 +33,7 @@
-
- #include <string.h>
-
-+#include "gstrfuncsprivate.h"
-
- /**
- * SECTION:gvariant
-@@ -725,7 +726,7 @@ g_variant_new_variant (GVariant *value)
- g_variant_ref_sink (value);
-
- return g_variant_new_from_children (G_VARIANT_TYPE_VARIANT,
-- g_memdup (&value, sizeof value),
-+ g_memdup2 (&value, sizeof value),
- 1, g_variant_is_trusted (value));
- }
-
-@@ -1229,7 +1230,7 @@ g_variant_new_fixed_array (const GVariantType *element_type,
- return NULL;
- }
-
-- data = g_memdup (elements, n_elements * element_size);
-+ data = g_memdup2 (elements, n_elements * element_size);
- value = g_variant_new_from_data (array_type, data,
- n_elements * element_size,
- FALSE, g_free, data);
-@@ -1908,7 +1909,7 @@ g_variant_dup_bytestring (GVariant *value,
- if (length)
- *length = size;
-
-- return g_memdup (original, size + 1);
-+ return g_memdup2 (original, size + 1);
- }
-
- /**
-diff --git a/glib/gvarianttype.c b/glib/gvarianttype.c
-index 1a228f73b..07659ff12 100644
---- a/glib/gvarianttype.c
-+++ b/glib/gvarianttype.c
-@@ -28,6 +28,7 @@
-
- #include <string.h>
-
-+#include "gstrfuncsprivate.h"
-
- /**
- * SECTION:gvarianttype
-@@ -1181,7 +1182,7 @@ g_variant_type_new_tuple (const GVariantType * const *items,
- g_assert (offset < sizeof buffer);
- buffer[offset++] = ')';
-
-- return (GVariantType *) g_memdup (buffer, offset);
-+ return (GVariantType *) g_memdup2 (buffer, offset);
- }
-
- /**
-diff --git a/glib/tests/array-test.c b/glib/tests/array-test.c
-index 3fcf1136a..11982f822 100644
---- a/glib/tests/array-test.c
-+++ b/glib/tests/array-test.c
-@@ -29,6 +29,8 @@
- #include <string.h>
- #include "glib.h"
-
-+#include "gstrfuncsprivate.h"
-+
- /* Test data to be passed to any function which calls g_array_new(), providing
- * the parameters for that call. Most #GArray tests should be repeated for all
- * possible values of #ArrayTestData. */
-@@ -1642,7 +1644,7 @@ byte_array_new_take (void)
- GByteArray *gbarray;
- guint8 *data;
-
-- data = g_memdup ("woooweeewow", 11);
-+ data = g_memdup2 ("woooweeewow", 11);
- gbarray = g_byte_array_new_take (data, 11);
- g_assert (gbarray->data == data);
- g_assert_cmpuint (gbarray->len, ==, 11);
-diff --git a/glib/tests/option-context.c b/glib/tests/option-context.c
-index 149d22353..88d2b80d1 100644
---- a/glib/tests/option-context.c
-+++ b/glib/tests/option-context.c
-@@ -27,6 +27,8 @@
- #include <string.h>
- #include <locale.h>
-
-+#include "gstrfuncsprivate.h"
-+
- static GOptionEntry main_entries[] = {
- { "main-switch", 0, 0,
- G_OPTION_ARG_NONE, NULL,
-@@ -256,7 +258,7 @@ join_stringv (int argc, char **argv)
- static char **
- copy_stringv (char **argv, int argc)
- {
-- return g_memdup (argv, sizeof (char *) * (argc + 1));
-+ return g_memdup2 (argv, sizeof (char *) * (argc + 1));
- }
-
- static void
-@@ -2323,7 +2325,7 @@ test_group_parse (void)
- g_option_context_add_group (context, group);
-
- argv = split_string ("program --test arg1 -f arg2 --group-test arg3 --frob arg4 -z arg5", &argc);
-- orig_argv = g_memdup (argv, (argc + 1) * sizeof (char *));
-+ orig_argv = g_memdup2 (argv, (argc + 1) * sizeof (char *));
-
- retval = g_option_context_parse (context, &argc, &argv, &error);
-
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-05.patch b/gnu/packages/patches/glib-CVE-2021-27219-05.patch
deleted file mode 100644
index 62bce1b188..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-05.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 0cbad673215ec8a049b7fe2ff44b0beed31b376e Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 16:12:24 +0000
-Subject: [PATCH 05/11] gwinhttpfile: Avoid arithmetic overflow when
- calculating a size
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e.
-32-bit unsigned integers. Adding to and multiplying them may cause them
-to overflow the unsigned integer bounds, even if the result is passed to
-`g_memdup2()` which accepts a `gsize`.
-
-Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the
-arithmetic is done in terms of `gsize`s rather than unsigned integers.
-
-Spotted by Sebastian Dröge.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/win32/gwinhttpfile.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c
-index 040ee8564..246ec0578 100644
---- a/gio/win32/gwinhttpfile.c
-+++ b/gio/win32/gwinhttpfile.c
-@@ -394,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file,
- child = g_object_new (G_TYPE_WINHTTP_FILE, NULL);
- child->vfs = winhttp_file->vfs;
- child->url = winhttp_file->url;
-- child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
-- child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
-- child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
-- child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
-+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, ((gsize) winhttp_file->url.dwSchemeLength + 1) * 2);
-+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, ((gsize) winhttp_file->url.dwHostNameLength + 1) * 2);
-+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, ((gsize) winhttp_file->url.dwUserNameLength + 1) * 2);
-+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, ((gsize) winhttp_file->url.dwPasswordLength + 1) * 2);
- child->url.lpszUrlPath = wnew_path;
- child->url.dwUrlPathLength = wcslen (wnew_path);
- child->url.lpszExtraInfo = NULL;
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-06.patch b/gnu/packages/patches/glib-CVE-2021-27219-06.patch
deleted file mode 100644
index 4e2435f5fd..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-06.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-From f9ee2275cbc312c0b4cdbc338a4fbb76eb36fb9a Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:49:00 +0000
-Subject: [PATCH 06/11] gdatainputstream: Handle stop_chars_len internally as
- gsize
-
-Previously it was handled as a `gssize`, which meant that if the
-`stop_chars` string was longer than `G_MAXSSIZE` there would be an
-overflow.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gdatainputstream.c | 25 +++++++++++++++++--------
- 1 file changed, 17 insertions(+), 8 deletions(-)
-
-diff --git a/gio/gdatainputstream.c b/gio/gdatainputstream.c
-index 2e7750cb5..2cdcbda19 100644
---- a/gio/gdatainputstream.c
-+++ b/gio/gdatainputstream.c
-@@ -27,6 +27,7 @@
- #include "gioenumtypes.h"
- #include "gioerror.h"
- #include "glibintl.h"
-+#include "gstrfuncsprivate.h"
-
- #include <string.h>
-
-@@ -856,7 +857,7 @@ static gssize
- scan_for_chars (GDataInputStream *stream,
- gsize *checked_out,
- const char *stop_chars,
-- gssize stop_chars_len)
-+ gsize stop_chars_len)
- {
- GBufferedInputStream *bstream;
- const char *buffer;
-@@ -952,7 +953,7 @@ typedef struct
- gsize checked;
-
- gchar *stop_chars;
-- gssize stop_chars_len;
-+ gsize stop_chars_len;
- gsize length;
- } GDataInputStreamReadData;
-
-@@ -1078,12 +1079,17 @@ g_data_input_stream_read_async (GDataInputStream *stream,
- {
- GDataInputStreamReadData *data;
- GTask *task;
-+ gsize stop_chars_len_unsigned;
-
- data = g_slice_new0 (GDataInputStreamReadData);
-- if (stop_chars_len == -1)
-- stop_chars_len = strlen (stop_chars);
-- data->stop_chars = g_memdup (stop_chars, stop_chars_len);
-- data->stop_chars_len = stop_chars_len;
-+
-+ if (stop_chars_len < 0)
-+ stop_chars_len_unsigned = strlen (stop_chars);
-+ else
-+ stop_chars_len_unsigned = (gsize) stop_chars_len;
-+
-+ data->stop_chars = g_memdup2 (stop_chars, stop_chars_len_unsigned);
-+ data->stop_chars_len = stop_chars_len_unsigned;
- data->last_saw_cr = FALSE;
-
- task = g_task_new (stream, cancellable, callback, user_data);
-@@ -1338,17 +1344,20 @@ g_data_input_stream_read_upto (GDataInputStream *stream,
- gssize found_pos;
- gssize res;
- char *data_until;
-+ gsize stop_chars_len_unsigned;
-
- g_return_val_if_fail (G_IS_DATA_INPUT_STREAM (stream), NULL);
-
- if (stop_chars_len < 0)
-- stop_chars_len = strlen (stop_chars);
-+ stop_chars_len_unsigned = strlen (stop_chars);
-+ else
-+ stop_chars_len_unsigned = (gsize) stop_chars_len;
-
- bstream = G_BUFFERED_INPUT_STREAM (stream);
-
- checked = 0;
-
-- while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len)) == -1)
-+ while ((found_pos = scan_for_chars (stream, &checked, stop_chars, stop_chars_len_unsigned)) == -1)
- {
- if (g_buffered_input_stream_get_available (bstream) ==
- g_buffered_input_stream_get_buffer_size (bstream))
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-07.patch b/gnu/packages/patches/glib-CVE-2021-27219-07.patch
deleted file mode 100644
index dad3d285f4..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-07.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-Backport of:
-
-From 2aaf593a9eb96d84fe3be740aca2810a97d95592 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:50:37 +0000
-Subject: [PATCH 07/11] gwin32: Use gsize internally in g_wcsdup()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This allows it to handle strings up to length `G_MAXSIZE` — previously
-it would overflow with such strings.
-
-Update the several copies of it identically.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gwin32appinfo.c | 33 ++++++++++++++++++++++++++-------
- gio/gwin32registrykey.c | 34 ++++++++++++++++++++++++++--------
- 2 files changed, 52 insertions(+), 15 deletions(-)
-
-diff --git a/gio/gwin32appinfo.c b/gio/gwin32appinfo.c
-index 9f335b370..dd7a96a4a 100644
---- a/gio/gwin32appinfo.c
-+++ b/gio/gwin32appinfo.c
-@@ -464,15 +464,34 @@ static GWin32RegistryKey *applications_key;
- /* Watch this key */
- static GWin32RegistryKey *classes_root_key;
-
-+static gsize
-+g_utf16_len (const gunichar2 *str)
-+{
-+ gsize result;
-+
-+ for (result = 0; str[0] != 0; str++, result++)
-+ ;
-+
-+ return result;
-+}
-+
- static gunichar2 *
--g_wcsdup (const gunichar2 *str, gssize str_size)
-+g_wcsdup (const gunichar2 *str, gssize str_len)
- {
-- if (str_size == -1)
-- {
-- str_size = wcslen (str) + 1;
-- str_size *= sizeof (gunichar2);
-- }
-- return g_memdup (str, str_size);
-+ gsize str_len_unsigned;
-+ gsize str_size;
-+
-+ g_return_val_if_fail (str != NULL, NULL);
-+
-+ if (str_len < 0)
-+ str_len_unsigned = g_utf16_len (str);
-+ else
-+ str_len_unsigned = (gsize) str_len;
-+
-+ g_assert (str_len_unsigned <= G_MAXSIZE / sizeof (gunichar2) - 1);
-+ str_size = (str_len_unsigned + 1) * sizeof (gunichar2);
-+
-+ return g_memdup2 (str, str_size);
- }
-
- #define URL_ASSOCIATIONS L"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\Shell\\Associations\\UrlAssociations\\"
-diff --git a/gio/gwin32registrykey.c b/gio/gwin32registrykey.c
-index 619fd48af..fbd65311a 100644
---- a/gio/gwin32registrykey.c
-+++ b/gio/gwin32registrykey.c
-@@ -127,16 +127,34 @@ typedef enum
- G_WIN32_REGISTRY_UPDATED_PATH = 1,
- } GWin32RegistryKeyUpdateFlag;
-
-+static gsize
-+g_utf16_len (const gunichar2 *str)
-+{
-+ gsize result;
-+
-+ for (result = 0; str[0] != 0; str++, result++)
-+ ;
-+
-+ return result;
-+}
-+
- static gunichar2 *
--g_wcsdup (const gunichar2 *str,
-- gssize str_size)
-+g_wcsdup (const gunichar2 *str, gssize str_len)
- {
-- if (str_size == -1)
-- {
-- str_size = wcslen (str) + 1;
-- str_size *= sizeof (gunichar2);
-- }
-- return g_memdup (str, str_size);
-+ gsize str_len_unsigned;
-+ gsize str_size;
-+
-+ g_return_val_if_fail (str != NULL, NULL);
-+
-+ if (str_len < 0)
-+ str_len_unsigned = g_utf16_len (str);
-+ else
-+ str_len_unsigned = (gsize) str_len;
-+
-+ g_assert (str_len_unsigned <= G_MAXSIZE / sizeof (gunichar2) - 1);
-+ str_size = (str_len_unsigned + 1) * sizeof (gunichar2);
-+
-+ return g_memdup2 (str, str_size);
- }
-
- /**
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-08.patch b/gnu/packages/patches/glib-CVE-2021-27219-08.patch
deleted file mode 100644
index 2c021ad317..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-08.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-From ba8ca443051f93a74c0d03d62e70402036f967a5 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 13:58:32 +0000
-Subject: [PATCH 08/11] gkeyfilesettingsbackend: Handle long keys when
- converting paths
-
-Previously, the code in `convert_path()` could not handle keys longer
-than `G_MAXINT`, and would overflow if that was exceeded.
-
-Convert the code to use `gsize` and `g_memdup2()` throughout, and
-change from identifying the position of the final slash in the string
-using a signed offset `i`, to using a pointer to the character (and
-`strrchr()`). This allows the slash to be at any position in a
-`G_MAXSIZE`-long string, without sacrificing a bit of the offset for
-indicating whether a slash was found.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gkeyfilesettingsbackend.c | 21 ++++++++++-----------
- 1 file changed, 10 insertions(+), 11 deletions(-)
-
-diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c
-index cd5765afd..25b057672 100644
---- a/gio/gkeyfilesettingsbackend.c
-+++ b/gio/gkeyfilesettingsbackend.c
-@@ -33,6 +33,7 @@
- #include "gfilemonitor.h"
- #include "gsimplepermission.h"
- #include "gsettingsbackendinternal.h"
-+#include "gstrfuncsprivate.h"
- #include "giomodule-priv.h"
- #include "gportalsupport.h"
-
-@@ -145,8 +146,8 @@ convert_path (GKeyfileSettingsBackend *kfsb,
- gchar **group,
- gchar **basename)
- {
-- gint key_len = strlen (key);
-- gint i;
-+ gsize key_len = strlen (key);
-+ const gchar *last_slash;
-
- if (key_len < kfsb->prefix_len ||
- memcmp (key, kfsb->prefix, kfsb->prefix_len) != 0)
-@@ -155,38 +156,36 @@ convert_path (GKeyfileSettingsBackend *kfsb,
- key_len -= kfsb->prefix_len;
- key += kfsb->prefix_len;
-
-- for (i = key_len; i >= 0; i--)
-- if (key[i] == '/')
-- break;
-+ last_slash = strrchr (key, '/');
-
- if (kfsb->root_group)
- {
- /* if a root_group was specified, make sure the user hasn't given
- * a path that ghosts that group name
- */
-- if (i == kfsb->root_group_len && memcmp (key, kfsb->root_group, i) == 0)
-+ if (last_slash != NULL && (last_slash - key) == kfsb->root_group_len && memcmp (key, kfsb->root_group, last_slash - key) == 0)
- return FALSE;
- }
- else
- {
- /* if no root_group was given, ensure that the user gave a path */
-- if (i == -1)
-+ if (last_slash == NULL)
- return FALSE;
- }
-
- if (group)
- {
-- if (i >= 0)
-+ if (last_slash != NULL)
- {
-- *group = g_memdup (key, i + 1);
-- (*group)[i] = '\0';
-+ *group = g_memdup2 (key, (last_slash - key) + 1);
-+ (*group)[(last_slash - key)] = '\0';
- }
- else
- *group = g_strdup (kfsb->root_group);
- }
-
- if (basename)
-- *basename = g_memdup (key + i + 1, key_len - i);
-+ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key));
-
- return TRUE;
- }
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-09.patch b/gnu/packages/patches/glib-CVE-2021-27219-09.patch
deleted file mode 100644
index 4de0c1b349..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-09.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 65ec7f4d6e8832c481f6e00e2eb007b9a60024ce Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 14:00:53 +0000
-Subject: [PATCH 09/11] gsocket: Use gsize to track native sockaddr's size
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Don’t use an `int`, that’s potentially too small. In practical terms,
-this is not a problem, since no socket address is going to be that big.
-
-By making these changes we can use `g_memdup2()` without warnings,
-though. Fewer warnings is good.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gsocket.c | 16 ++++++++++------
- 1 file changed, 10 insertions(+), 6 deletions(-)
-
-diff --git a/gio/gsocket.c b/gio/gsocket.c
-index 66073af83..a3af149e8 100644
---- a/gio/gsocket.c
-+++ b/gio/gsocket.c
-@@ -75,6 +75,7 @@
- #include "gcredentialsprivate.h"
- #include "glibintl.h"
- #include "gioprivate.h"
-+#include "gstrfuncsprivate.h"
-
- #ifdef G_OS_WIN32
- /* For Windows XP runtime compatibility, but use the system's if_nametoindex() if available */
-@@ -174,7 +175,7 @@ static gboolean g_socket_datagram_based_condition_wait (GDatagramBased
- GError **error);
-
- static GSocketAddress *
--cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len);
-+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len);
-
- static gssize
- g_socket_receive_message_with_timeout (GSocket *socket,
-@@ -260,7 +261,7 @@ struct _GSocketPrivate
- struct {
- GSocketAddress *addr;
- struct sockaddr *native;
-- gint native_len;
-+ gsize native_len;
- guint64 last_used;
- } recv_addr_cache[RECV_ADDR_CACHE_SIZE];
- };
-@@ -5211,14 +5212,14 @@ g_socket_send_messages_with_timeout (GSocket *socket,
- }
-
- static GSocketAddress *
--cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len)
-+cache_recv_address (GSocket *socket, struct sockaddr *native, size_t native_len)
- {
- GSocketAddress *saddr;
- gint i;
- guint64 oldest_time = G_MAXUINT64;
- gint oldest_index = 0;
-
-- if (native_len <= 0)
-+ if (native_len == 0)
- return NULL;
-
- saddr = NULL;
-@@ -5226,7 +5227,7 @@ cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len)
- {
- GSocketAddress *tmp = socket->priv->recv_addr_cache[i].addr;
- gpointer tmp_native = socket->priv->recv_addr_cache[i].native;
-- gint tmp_native_len = socket->priv->recv_addr_cache[i].native_len;
-+ gsize tmp_native_len = socket->priv->recv_addr_cache[i].native_len;
-
- if (!tmp)
- continue;
-@@ -5256,7 +5257,7 @@ cache_recv_address (GSocket *socket, struct sockaddr *native, int native_len)
- g_free (socket->priv->recv_addr_cache[oldest_index].native);
- }
-
-- socket->priv->recv_addr_cache[oldest_index].native = g_memdup (native, native_len);
-+ socket->priv->recv_addr_cache[oldest_index].native = g_memdup2 (native, native_len);
- socket->priv->recv_addr_cache[oldest_index].native_len = native_len;
- socket->priv->recv_addr_cache[oldest_index].addr = g_object_ref (saddr);
- socket->priv->recv_addr_cache[oldest_index].last_used = g_get_monotonic_time ();
-@@ -5404,6 +5405,9 @@ g_socket_receive_message_with_timeout (GSocket *socket,
- /* do it */
- while (1)
- {
-+ /* addrlen has to be of type int because that’s how WSARecvFrom() is defined */
-+ G_STATIC_ASSERT (sizeof addr <= G_MAXINT);
-+
- addrlen = sizeof addr;
- if (address)
- result = WSARecvFrom (socket->priv->fd,
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-10.patch b/gnu/packages/patches/glib-CVE-2021-27219-10.patch
deleted file mode 100644
index 36198b8eef..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-10.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 777b95a88f006d39d9fe6d3321db17e7b0d4b9a4 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 14:07:39 +0000
-Subject: [PATCH 10/11] gtlspassword: Forbid very long TLS passwords
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The public API `g_tls_password_set_value_full()` (and the vfunc it
-invokes) can only accept a `gssize` length. Ensure that nul-terminated
-strings passed to `g_tls_password_set_value()` can’t exceed that length.
-Use `g_memdup2()` to avoid an overflow if they’re longer than
-`G_MAXUINT` similarly.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- gio/gtlspassword.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c
-index 1e437a7b6..dbcec41a8 100644
---- a/gio/gtlspassword.c
-+++ b/gio/gtlspassword.c
-@@ -23,6 +23,7 @@
- #include "glibintl.h"
-
- #include "gioenumtypes.h"
-+#include "gstrfuncsprivate.h"
- #include "gtlspassword.h"
-
- #include <string.h>
-@@ -287,9 +288,14 @@ g_tls_password_set_value (GTlsPassword *password,
- g_return_if_fail (G_IS_TLS_PASSWORD (password));
-
- if (length < 0)
-- length = strlen ((gchar *)value);
-+ {
-+ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */
-+ gsize length_unsigned = strlen ((gchar *) value);
-+ g_return_if_fail (length_unsigned > G_MAXSSIZE);
-+ length = (gssize) length_unsigned;
-+ }
-
-- g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free);
-+ g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free);
- }
-
- /**
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-11.patch b/gnu/packages/patches/glib-CVE-2021-27219-11.patch
deleted file mode 100644
index 4413cb9827..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-11.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From ecdf91400e9a538695a0895b95ad7e8abcdf1749 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Thu, 4 Feb 2021 14:09:40 +0000
-Subject: [PATCH 11/11] giochannel: Forbid very long line terminator strings
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The public API `GIOChannel.line_term_len` is only a `guint`. Ensure that
-nul-terminated strings passed to `g_io_channel_set_line_term()` can’t
-exceed that length. Use `g_memdup2()` to avoid a warning (`g_memdup()`
-is due to be deprecated), but not to avoid a bug, since it’s also
-limited to `G_MAXUINT`.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-Helps: #2319
----
- glib/giochannel.c | 17 +++++++++++++----
- 1 file changed, 13 insertions(+), 4 deletions(-)
-
-diff --git a/glib/giochannel.c b/glib/giochannel.c
-index 15927c391..66c6591f0 100644
---- a/glib/giochannel.c
-+++ b/glib/giochannel.c
-@@ -884,16 +884,25 @@ g_io_channel_set_line_term (GIOChannel *channel,
- const gchar *line_term,
- gint length)
- {
-+ guint length_unsigned;
-+
- g_return_if_fail (channel != NULL);
- g_return_if_fail (line_term == NULL || length != 0); /* Disallow "" */
-
- if (line_term == NULL)
-- length = 0;
-- else if (length < 0)
-- length = strlen (line_term);
-+ length_unsigned = 0;
-+ else if (length >= 0)
-+ length_unsigned = (guint) length;
-+ else
-+ {
-+ /* FIXME: We’re constrained by line_term_len being a guint here */
-+ gsize length_size = strlen (line_term);
-+ g_return_if_fail (length_size > G_MAXUINT);
-+ length_unsigned = (guint) length_size;
-+ }
-
- g_free (channel->line_term);
-- channel->line_term = line_term ? g_memdup2 (line_term, length) : NULL;
-+ channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL;
- channel->line_term_len = length;
- }
-
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-12.patch b/gnu/packages/patches/glib-CVE-2021-27219-12.patch
deleted file mode 100644
index 4fdbb81750..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-12.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From f8273b9aded135fe07094faebd527e43851aaf6e Mon Sep 17 00:00:00 2001
-From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
-Date: Sun, 7 Feb 2021 23:32:40 +0100
-Subject: [PATCH 1/5] giochannel: Fix length_size bounds check
-
-The inverted condition is an obvious error introduced by ecdf91400e9a.
-
-Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2323
-
-(cherry picked from commit a149bf2f9030168051942124536e303af8ba6176)
----
- glib/giochannel.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/glib/giochannel.c b/glib/giochannel.c
-index 66c6591f0..0d9d5f223 100644
---- a/glib/giochannel.c
-+++ b/glib/giochannel.c
-@@ -897,7 +897,7 @@ g_io_channel_set_line_term (GIOChannel *channel,
- {
- /* FIXME: We’re constrained by line_term_len being a guint here */
- gsize length_size = strlen (line_term);
-- g_return_if_fail (length_size > G_MAXUINT);
-+ g_return_if_fail (length_size <= G_MAXUINT);
- length_unsigned = (guint) length_size;
- }
-
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-13.patch b/gnu/packages/patches/glib-CVE-2021-27219-13.patch
deleted file mode 100644
index 6a287cc3a2..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-13.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From e069c50467712e6d607822afd6b6c15c2c343dff Mon Sep 17 00:00:00 2001
-From: Simon McVittie <smcv@collabora.com>
-Date: Mon, 8 Feb 2021 10:34:50 +0000
-Subject: [PATCH 2/5] giochannel: Don't store negative line_term_len in
- GIOChannel struct
-
-Adding test coverage indicated that this was another bug in 0cc11f74.
-
-Fixes: 0cc11f74 "giochannel: Forbid very long line terminator strings"
-Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/2323
-Signed-off-by: Simon McVittie <smcv@collabora.com>
-(cherry picked from commit 5dc8b0014c03e7491d93b90275ab442e888a9628)
----
- glib/giochannel.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/glib/giochannel.c b/glib/giochannel.c
-index 0d9d5f223..4c39b9dc0 100644
---- a/glib/giochannel.c
-+++ b/glib/giochannel.c
-@@ -903,7 +903,7 @@ g_io_channel_set_line_term (GIOChannel *channel,
-
- g_free (channel->line_term);
- channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL;
-- channel->line_term_len = length;
-+ channel->line_term_len = length_unsigned;
- }
-
- /**
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-14.patch b/gnu/packages/patches/glib-CVE-2021-27219-14.patch
deleted file mode 100644
index 78de2846da..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-14.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 4506d1859a863087598c8d122740bae25b65b099 Mon Sep 17 00:00:00 2001
-From: Simon McVittie <smcv@collabora.com>
-Date: Mon, 8 Feb 2021 10:04:48 +0000
-Subject: [PATCH 4/5] gtlspassword: Fix inverted assertion
-
-The intention here was to assert that the length of the password fits
-in a gssize. Passwords more than half the size of virtual memory are
-probably excessive.
-
-Fixes: a8b204ff "gtlspassword: Forbid very long TLS passwords"
-Signed-off-by: Simon McVittie <smcv@collabora.com>
-(cherry picked from commit 61bb52ec42de1082bfb06ce1c737fc295bfe60b8)
----
- gio/gtlspassword.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c
-index dbcec41a8..bd86a6dfe 100644
---- a/gio/gtlspassword.c
-+++ b/gio/gtlspassword.c
-@@ -291,7 +291,7 @@ g_tls_password_set_value (GTlsPassword *password,
- {
- /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */
- gsize length_unsigned = strlen ((gchar *) value);
-- g_return_if_fail (length_unsigned > G_MAXSSIZE);
-+ g_return_if_fail (length_unsigned <= G_MAXSSIZE);
- length = (gssize) length_unsigned;
- }
-
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-15.patch b/gnu/packages/patches/glib-CVE-2021-27219-15.patch
deleted file mode 100644
index 37ef85b4fa..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-15.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-From 3d1550354c3c6a8491c39881752d51cb7515f2c2 Mon Sep 17 00:00:00 2001
-From: Simon McVittie <smcv@collabora.com>
-Date: Mon, 8 Feb 2021 10:22:39 +0000
-Subject: [PATCH 5/5] tls-interaction: Add test coverage for various ways to
- set the password
-
-Signed-off-by: Simon McVittie <smcv@collabora.com>
-(cherry picked from commit df4501316ca3903072400504a5ea76498db19538)
----
- gio/tests/tls-interaction.c | 55 +++++++++++++++++++++++++++++++++++++
- 1 file changed, 55 insertions(+)
-
-diff --git a/gio/tests/tls-interaction.c b/gio/tests/tls-interaction.c
-index 4f0737d7e..5661e8e0d 100644
---- a/gio/tests/tls-interaction.c
-+++ b/gio/tests/tls-interaction.c
-@@ -174,6 +174,38 @@ test_interaction_ask_password_finish_failure (GTlsInteraction *interaction,
- }
-
-
-+/* Return a copy of @str that is allocated in a silly way, to exercise
-+ * custom free-functions. The returned pointer points to a copy of @str
-+ * in a buffer of the form "BEFORE \0 str \0 AFTER". */
-+static guchar *
-+special_dup (const char *str)
-+{
-+ GString *buf = g_string_new ("BEFORE");
-+ guchar *ret;
-+
-+ g_string_append_c (buf, '\0');
-+ g_string_append (buf, str);
-+ g_string_append_c (buf, '\0');
-+ g_string_append (buf, "AFTER");
-+ ret = (guchar *) g_string_free (buf, FALSE);
-+ return ret + strlen ("BEFORE") + 1;
-+}
-+
-+
-+/* Free a copy of @str that was made with special_dup(), after asserting
-+ * that it has not been corrupted. */
-+static void
-+special_free (gpointer p)
-+{
-+ gchar *s = p;
-+ gchar *buf = s - strlen ("BEFORE") - 1;
-+
-+ g_assert_cmpstr (buf, ==, "BEFORE");
-+ g_assert_cmpstr (s + strlen (s) + 1, ==, "AFTER");
-+ g_free (buf);
-+}
-+
-+
- static GTlsInteractionResult
- test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
- GTlsPassword *password,
-@@ -181,6 +213,8 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
- GError **error)
- {
- TestInteraction *self;
-+ const guchar *value;
-+ gsize len;
-
- g_assert (TEST_IS_INTERACTION (interaction));
- self = TEST_INTERACTION (interaction);
-@@ -192,6 +226,27 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
- g_assert (error != NULL);
- g_assert (*error == NULL);
-
-+ /* Exercise different ways to set the value */
-+ g_tls_password_set_value (password, (const guchar *) "foo", 4);
-+ len = 0;
-+ value = g_tls_password_get_value (password, &len);
-+ g_assert_cmpmem (value, len, "foo", 4);
-+
-+ g_tls_password_set_value (password, (const guchar *) "bar", -1);
-+ len = 0;
-+ value = g_tls_password_get_value (password, &len);
-+ g_assert_cmpmem (value, len, "bar", 3);
-+
-+ g_tls_password_set_value_full (password, special_dup ("baa"), 4, special_free);
-+ len = 0;
-+ value = g_tls_password_get_value (password, &len);
-+ g_assert_cmpmem (value, len, "baa", 4);
-+
-+ g_tls_password_set_value_full (password, special_dup ("baz"), -1, special_free);
-+ len = 0;
-+ value = g_tls_password_get_value (password, &len);
-+ g_assert_cmpmem (value, len, "baz", 3);
-+
- /* Don't do this in real life. Include a null terminator for testing */
- g_tls_password_set_value (password, (const guchar *)"the password", 13);
- return G_TLS_INTERACTION_HANDLED;
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-16.patch b/gnu/packages/patches/glib-CVE-2021-27219-16.patch
deleted file mode 100644
index 43635e72ed..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-16.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From cb9ee701ef46c1819eed4e2a4dc181682bdfc176 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Wed, 10 Feb 2021 21:16:39 +0000
-Subject: [PATCH 1/3] gkeyfilesettingsbackend: Fix basename handling when group
- is unset
-
-Fix an effective regression in commit
-7781a9cbd2fd0aa84bee0f4eee88470640ff6706, which happens when
-`convert_path()` is called with a `key` which contains no slashes. In
-that case, the `key` is entirely the `basename`.
-
-Prior to commit 7781a9cb, the code worked through a fluke of `i == -1`
-cancelling out with the various additions in the `g_memdup()` call, and
-effectively resulting in `g_strdup (key)`.
-
-Spotted by Guido Berhoerster.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
----
- gio/gkeyfilesettingsbackend.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c
-index 25b057672..861c3a661 100644
---- a/gio/gkeyfilesettingsbackend.c
-+++ b/gio/gkeyfilesettingsbackend.c
-@@ -185,7 +185,12 @@ convert_path (GKeyfileSettingsBackend *kfsb,
- }
-
- if (basename)
-- *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key));
-+ {
-+ if (last_slash != NULL)
-+ *basename = g_memdup2 (last_slash + 1, key_len - (last_slash - key));
-+ else
-+ *basename = g_strdup (key);
-+ }
-
- return TRUE;
- }
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-17.patch b/gnu/packages/patches/glib-CVE-2021-27219-17.patch
deleted file mode 100644
index 3153979071..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-17.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 31e0d403ba635dbbacbfbff74295e5db02558d76 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Wed, 10 Feb 2021 21:19:30 +0000
-Subject: [PATCH 2/3] gkeyfilesettingsbackend: Disallow empty key or group
- names
-
-These should never have been allowed; they will result in precondition
-failures from the `GKeyFile` later on in the code.
-
-A test will be added for this shortly.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
----
- gio/gkeyfilesettingsbackend.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/gio/gkeyfilesettingsbackend.c b/gio/gkeyfilesettingsbackend.c
-index 861c3a661..de216e615 100644
---- a/gio/gkeyfilesettingsbackend.c
-+++ b/gio/gkeyfilesettingsbackend.c
-@@ -158,6 +158,13 @@ convert_path (GKeyfileSettingsBackend *kfsb,
-
- last_slash = strrchr (key, '/');
-
-+ /* Disallow empty group names or key names */
-+ if (key_len == 0 ||
-+ (last_slash != NULL &&
-+ (*(last_slash + 1) == '\0' ||
-+ last_slash == key)))
-+ return FALSE;
-+
- if (kfsb->root_group)
- {
- /* if a root_group was specified, make sure the user hasn't given
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-18.patch b/gnu/packages/patches/glib-CVE-2021-27219-18.patch
deleted file mode 100644
index c18d44ddeb..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-27219-18.patch
+++ /dev/null
@@ -1,232 +0,0 @@
-Backport of:
-
-From 221c26685354dea2b2732df94404e8e5e77a1591 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Wed, 10 Feb 2021 21:21:36 +0000
-Subject: [PATCH 3/3] tests: Add tests for key name handling in the keyfile
- backend
-
-This tests the two recent commits.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
----
- gio/tests/gsettings.c | 171 +++++++++++++++++++++++++++++++++++++++++-
- 1 file changed, 170 insertions(+), 1 deletion(-)
-
-diff --git a/gio/tests/gsettings.c b/gio/tests/gsettings.c
-index baadca8f5..afe594a23 100644
---- a/gio/tests/gsettings.c
-+++ b/gio/tests/gsettings.c
-@@ -1,3 +1,4 @@
-+#include <errno.h>
- #include <stdlib.h>
- #include <locale.h>
- #include <libintl.h>
-@@ -1740,6 +1741,14 @@ key_changed_cb (GSettings *settings, const gchar *key, gpointer data)
- (*b) = TRUE;
- }
-
-+typedef struct
-+{
-+ const gchar *path;
-+ const gchar *root_group;
-+ const gchar *keyfile_group;
-+ const gchar *root_path;
-+} KeyfileTestData;
-+
- /*
- * Test that using a keyfile works
- */
-@@ -1834,7 +1843,11 @@ test_keyfile (Fixture *fixture,
- g_free (str);
-
- g_settings_set (settings, "farewell", "s", "cheerio");
--
-+
-+ /* Check that empty keys/groups are not allowed. */
-+ g_assert_false (g_settings_is_writable (settings, ""));
-+ g_assert_false (g_settings_is_writable (settings, "/"));
-+
- /* When executing as root, changing the mode of the keyfile will have
- * no effect on the writability of the settings.
- */
-@@ -1866,6 +1879,149 @@ test_keyfile (Fixture *fixture,
- g_free (keyfile_path);
- }
-
-+/*
-+ * Test that using a keyfile works with a schema with no path set.
-+ */
-+static void
-+test_keyfile_no_path (Fixture *fixture,
-+ gconstpointer user_data)
-+{
-+ const KeyfileTestData *test_data = user_data;
-+ GSettingsBackend *kf_backend;
-+ GSettings *settings;
-+ GKeyFile *keyfile;
-+ gboolean writable;
-+ gchar *key = NULL;
-+ GError *error = NULL;
-+ gchar *keyfile_path = NULL, *store_path = NULL;
-+
-+ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL);
-+ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL);
-+ kf_backend = g_keyfile_settings_backend_new (store_path, test_data->root_path, test_data->root_group);
-+ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, test_data->path);
-+ g_object_unref (kf_backend);
-+
-+ g_settings_reset (settings, "test-boolean");
-+ g_assert_true (g_settings_get_boolean (settings, "test-boolean"));
-+
-+ writable = g_settings_is_writable (settings, "test-boolean");
-+ g_assert_true (writable);
-+ g_settings_set (settings, "test-boolean", "b", FALSE);
-+
-+ g_assert_false (g_settings_get_boolean (settings, "test-boolean"));
-+
-+ g_settings_delay (settings);
-+ g_settings_set (settings, "test-boolean", "b", TRUE);
-+ g_settings_apply (settings);
-+
-+ keyfile = g_key_file_new ();
-+ g_assert_true (g_key_file_load_from_file (keyfile, store_path, 0, NULL));
-+
-+ g_assert_true (g_key_file_get_boolean (keyfile, test_data->keyfile_group, "test-boolean", NULL));
-+
-+ g_key_file_free (keyfile);
-+
-+ g_settings_reset (settings, "test-boolean");
-+ g_settings_apply (settings);
-+ keyfile = g_key_file_new ();
-+ g_assert_true (g_key_file_load_from_file (keyfile, store_path, 0, NULL));
-+
-+ g_assert_false (g_key_file_get_string (keyfile, test_data->keyfile_group, "test-boolean", &error));
-+ g_assert_error (error, G_KEY_FILE_ERROR, G_KEY_FILE_ERROR_KEY_NOT_FOUND);
-+ g_clear_error (&error);
-+
-+ /* Check that empty keys/groups are not allowed. */
-+ g_assert_false (g_settings_is_writable (settings, ""));
-+ g_assert_false (g_settings_is_writable (settings, "/"));
-+
-+ /* Keys which ghost the root group name are not allowed. This can only be
-+ * tested when the path is `/` as otherwise it acts as a prefix and prevents
-+ * any ghosting. */
-+ if (g_str_equal (test_data->path, "/"))
-+ {
-+ key = g_strdup_printf ("%s/%s", test_data->root_group, "");
-+ g_assert_false (g_settings_is_writable (settings, key));
-+ g_free (key);
-+
-+ key = g_strdup_printf ("%s/%s", test_data->root_group, "/");
-+ g_assert_false (g_settings_is_writable (settings, key));
-+ g_free (key);
-+
-+ key = g_strdup_printf ("%s/%s", test_data->root_group, "test-boolean");
-+ g_assert_false (g_settings_is_writable (settings, key));
-+ g_free (key);
-+ }
-+
-+ g_key_file_free (keyfile);
-+ g_object_unref (settings);
-+
-+ /* Clean up the temporary directory. */
-+ g_assert_cmpint (g_chmod (keyfile_path, 0777) == 0 ? 0 : errno, ==, 0);
-+ g_assert_cmpint (g_remove (store_path) == 0 ? 0 : errno, ==, 0);
-+ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0);
-+ g_free (store_path);
-+ g_free (keyfile_path);
-+}
-+
-+/*
-+ * Test that a keyfile rejects writes to keys outside its root path.
-+ */
-+static void
-+test_keyfile_outside_root_path (Fixture *fixture,
-+ gconstpointer user_data)
-+{
-+ GSettingsBackend *kf_backend;
-+ GSettings *settings;
-+ gchar *keyfile_path = NULL, *store_path = NULL;
-+
-+ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL);
-+ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL);
-+ kf_backend = g_keyfile_settings_backend_new (store_path, "/tests/basic-types/", "root");
-+ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, "/tests/");
-+ g_object_unref (kf_backend);
-+
-+ g_assert_false (g_settings_is_writable (settings, "test-boolean"));
-+
-+ g_object_unref (settings);
-+
-+ /* Clean up the temporary directory. The keyfile probably doesn’t exist, so
-+ * don’t error on failure. */
-+ g_remove (store_path);
-+ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0);
-+ g_free (store_path);
-+ g_free (keyfile_path);
-+}
-+
-+/*
-+ * Test that a keyfile rejects writes to keys in the root if no root group is set.
-+ */
-+static void
-+test_keyfile_no_root_group (Fixture *fixture,
-+ gconstpointer user_data)
-+{
-+ GSettingsBackend *kf_backend;
-+ GSettings *settings;
-+ gchar *keyfile_path = NULL, *store_path = NULL;
-+
-+ keyfile_path = g_build_filename (fixture->tmp_dir, "keyfile", NULL);
-+ store_path = g_build_filename (keyfile_path, "gsettings.store", NULL);
-+ kf_backend = g_keyfile_settings_backend_new (store_path, "/", NULL);
-+ settings = g_settings_new_with_backend_and_path ("org.gtk.test.no-path", kf_backend, "/");
-+ g_object_unref (kf_backend);
-+
-+ g_assert_false (g_settings_is_writable (settings, "test-boolean"));
-+ g_assert_true (g_settings_is_writable (settings, "child/test-boolean"));
-+
-+ g_object_unref (settings);
-+
-+ /* Clean up the temporary directory. The keyfile probably doesn’t exist, so
-+ * don’t error on failure. */
-+ g_remove (store_path);
-+ g_assert_cmpint (g_rmdir (keyfile_path) == 0 ? 0 : errno, ==, 0);
-+ g_free (store_path);
-+ g_free (keyfile_path);
-+}
-+
- /* Test that getting child schemas works
- */
- static void
-@@ -2844,6 +3000,14 @@ main (int argc, char *argv[])
- gchar *override_text;
- gchar *enums;
- gint result;
-+ const KeyfileTestData keyfile_test_data_explicit_path = { "/tests/", "root", "tests", "/" };
-+ const KeyfileTestData keyfile_test_data_empty_path = { "/", "root", "root", "/" };
-+ const KeyfileTestData keyfile_test_data_long_path = {
-+ "/tests/path/is/very/long/and/this/makes/some/comparisons/take/a/different/branch/",
-+ "root",
-+ "tests/path/is/very/long/and/this/makes/some/comparisons/take/a/different/branch",
-+ "/"
-+ };
-
- /* Meson build sets this */
- #ifdef TEST_LOCALE_PATH
-@@ -2967,6 +3131,11 @@ main (int argc, char *argv[])
- }
-
- g_test_add ("/gsettings/keyfile", Fixture, NULL, setup, test_keyfile, teardown);
-+ g_test_add ("/gsettings/keyfile/explicit-path", Fixture, &keyfile_test_data_explicit_path, setup, test_keyfile_no_path, teardown);
-+ g_test_add ("/gsettings/keyfile/empty-path", Fixture, &keyfile_test_data_empty_path, setup, test_keyfile_no_path, teardown);
-+ g_test_add ("/gsettings/keyfile/long-path", Fixture, &keyfile_test_data_long_path, setup, test_keyfile_no_path, teardown);
-+ g_test_add ("/gsettings/keyfile/outside-root-path", Fixture, NULL, setup, test_keyfile_outside_root_path, teardown);
-+ g_test_add ("/gsettings/keyfile/no-root-group", Fixture, NULL, setup, test_keyfile_no_root_group, teardown);
- g_test_add_func ("/gsettings/child-schema", test_child_schema);
- g_test_add_func ("/gsettings/strinfo", test_strinfo);
- g_test_add_func ("/gsettings/enums", test_enums);
---
-2.30.1
-
diff --git a/gnu/packages/patches/glib-CVE-2021-28153.patch b/gnu/packages/patches/glib-CVE-2021-28153.patch
deleted file mode 100644
index 54443186d9..0000000000
--- a/gnu/packages/patches/glib-CVE-2021-28153.patch
+++ /dev/null
@@ -1,283 +0,0 @@
-Backport of:
-
-From 317b3b587058a05dca95d56dac26568c5b098d33 Mon Sep 17 00:00:00 2001
-From: Philip Withnall <pwithnall@endlessos.org>
-Date: Wed, 24 Feb 2021 17:35:40 +0000
-Subject: [PATCH] glocalfileoutputstream: Fix CREATE_REPLACE_DESTINATION
- with symlinks
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The `G_FILE_CREATE_REPLACE_DESTINATION` flag is equivalent to unlinking
-the destination file and re-creating it from scratch. That did
-previously work, but in the process the code would call `open(O_CREAT)`
-on the file. If the file was a dangling symlink, this would create the
-destination file (empty). That’s not an intended side-effect, and has
-security implications if the symlink is controlled by a lower-privileged
-process.
-
-Fix that by not opening the destination file if it’s a symlink, and
-adjusting the rest of the code to cope with
- - the fact that `fd == -1` is not an error iff `is_symlink` is true,
- - and that `original_stat` will contain the `lstat()` results for the
- symlink now, rather than the `stat()` results for its target (again,
- iff `is_symlink` is true).
-
-This means that the target of the dangling symlink is no longer created,
-which was the bug. The symlink itself continues to be replaced (as
-before) with the new file — this is the intended behaviour of
-`g_file_replace()`.
-
-The behaviour for non-symlink cases, or cases where the symlink was not
-dangling, should be unchanged.
-
-Includes a unit test.
-
-Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
-
-Fixes: #2325
----
- gio/glocalfileoutputstream.c | 70 ++++++++++++++++-------
- gio/tests/file.c | 108 +++++++++++++++++++++++++++++++++++
- 2 files changed, 158 insertions(+), 20 deletions(-)
-
-diff --git a/gio/glocalfileoutputstream.c b/gio/glocalfileoutputstream.c
-index a3dd62172..553fcbbae 100644
---- a/gio/glocalfileoutputstream.c
-+++ b/gio/glocalfileoutputstream.c
-@@ -874,16 +874,22 @@ handle_overwrite_open (const char *filename,
- /* Could be a symlink, or it could be a regular ELOOP error,
- * but then the next open will fail too. */
- is_symlink = TRUE;
-- fd = g_open (filename, open_flags, mode);
-+ if (!(flags & G_FILE_CREATE_REPLACE_DESTINATION))
-+ fd = g_open (filename, open_flags, mode);
- }
--#else
-- fd = g_open (filename, open_flags, mode);
-- errsv = errno;
-+#else /* if !O_NOFOLLOW */
- /* This is racy, but we do it as soon as possible to minimize the race */
- is_symlink = g_file_test (filename, G_FILE_TEST_IS_SYMLINK);
-+
-+ if (!is_symlink || !(flags & G_FILE_CREATE_REPLACE_DESTINATION))
-+ {
-+ fd = g_open (filename, open_flags, mode);
-+ errsv = errno;
-+ }
- #endif
-
-- if (fd == -1)
-+ if (fd == -1 &&
-+ (!is_symlink || !(flags & G_FILE_CREATE_REPLACE_DESTINATION)))
- {
- char *display_name = g_filename_display_name (filename);
- g_set_error (error, G_IO_ERROR,
-@@ -893,13 +899,25 @@ handle_overwrite_open (const char *filename,
- g_free (display_name);
- return -1;
- }
--
-+
-+ if (!is_symlink)
-+ {
- #ifdef G_OS_WIN32
-- res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat);
-+ res = GLIB_PRIVATE_CALL (g_win32_fstat) (fd, &original_stat);
- #else
-- res = fstat (fd, &original_stat);
-+ res = fstat (fd, &original_stat);
- #endif
-- errsv = errno;
-+ errsv = errno;
-+ }
-+ else
-+ {
-+#ifdef G_OS_WIN32
-+ res = GLIB_PRIVATE_CALL (g_win32_lstat_utf8) (filename, &original_stat);
-+#else
-+ res = g_lstat (filename, &original_stat);
-+#endif
-+ errsv = errno;
-+ }
-
- if (res != 0)
- {
-@@ -916,16 +934,27 @@ handle_overwrite_open (const char *filename,
- if (!S_ISREG (original_stat.st_mode))
- {
- if (S_ISDIR (original_stat.st_mode))
-- g_set_error_literal (error,
-- G_IO_ERROR,
-- G_IO_ERROR_IS_DIRECTORY,
-- _("Target file is a directory"));
-- else
-- g_set_error_literal (error,
-- G_IO_ERROR,
-- G_IO_ERROR_NOT_REGULAR_FILE,
-- _("Target file is not a regular file"));
-- goto err_out;
-+ {
-+ g_set_error_literal (error,
-+ G_IO_ERROR,
-+ G_IO_ERROR_IS_DIRECTORY,
-+ _("Target file is a directory"));
-+ goto err_out;
-+ }
-+ else if (!is_symlink ||
-+#ifdef S_ISLNK
-+ !S_ISLNK (original_stat.st_mode)
-+#else
-+ FALSE
-+#endif
-+ )
-+ {
-+ g_set_error_literal (error,
-+ G_IO_ERROR,
-+ G_IO_ERROR_NOT_REGULAR_FILE,
-+ _("Target file is not a regular file"));
-+ goto err_out;
-+ }
- }
-
- if (etag != NULL)
-@@ -1006,7 +1035,8 @@ handle_overwrite_open (const char *filename,
- }
- }
-
-- g_close (fd, NULL);
-+ if (fd >= 0)
-+ g_close (fd, NULL);
- *temp_filename = tmp_filename;
- return tmpfd;
- }
-diff --git a/gio/tests/file.c b/gio/tests/file.c
-index efb2eaadd..bc55f3af4 100644
---- a/gio/tests/file.c
-+++ b/gio/tests/file.c
-@@ -804,6 +804,113 @@ test_replace_cancel (void)
- g_object_unref (tmpdir);
- }
-
-+static void
-+test_replace_symlink (void)
-+{
-+#ifdef G_OS_UNIX
-+ gchar *tmpdir_path = NULL;
-+ GFile *tmpdir = NULL, *source_file = NULL, *target_file = NULL;
-+ GFileOutputStream *stream = NULL;
-+ const gchar *new_contents = "this is a test message which should be written to source and not target";
-+ gsize n_written;
-+ GFileEnumerator *enumerator = NULL;
-+ GFileInfo *info = NULL;
-+ gchar *contents = NULL;
-+ gsize length = 0;
-+ GError *local_error = NULL;
-+
-+ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/2325");
-+ g_test_summary ("Test that G_FILE_CREATE_REPLACE_DESTINATION doesn’t follow symlinks");
-+
-+ /* Create a fresh, empty working directory. */
-+ tmpdir_path = g_dir_make_tmp ("g_file_replace_symlink_XXXXXX", &local_error);
-+ g_assert_no_error (local_error);
-+ tmpdir = g_file_new_for_path (tmpdir_path);
-+
-+ g_test_message ("Using temporary directory %s", tmpdir_path);
-+ g_free (tmpdir_path);
-+
-+ /* Create symlink `source` which points to `target`. */
-+ source_file = g_file_get_child (tmpdir, "source");
-+ target_file = g_file_get_child (tmpdir, "target");
-+ g_file_make_symbolic_link (source_file, "target", NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ /* Ensure that `target` doesn’t exist */
-+ g_assert_false (g_file_query_exists (target_file, NULL));
-+
-+ /* Replace the `source` symlink with a regular file using
-+ * %G_FILE_CREATE_REPLACE_DESTINATION, which should replace it *without*
-+ * following the symlink */
-+ stream = g_file_replace (source_file, NULL, FALSE /* no backup */,
-+ G_FILE_CREATE_REPLACE_DESTINATION, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ g_output_stream_write_all (G_OUTPUT_STREAM (stream), new_contents, strlen (new_contents),
-+ &n_written, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+ g_assert_cmpint (n_written, ==, strlen (new_contents));
-+
-+ g_output_stream_close (G_OUTPUT_STREAM (stream), NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ g_clear_object (&stream);
-+
-+ /* At this point, there should still only be one file: `source`. It should
-+ * now be a regular file. `target` should not exist. */
-+ enumerator = g_file_enumerate_children (tmpdir,
-+ G_FILE_ATTRIBUTE_STANDARD_NAME ","
-+ G_FILE_ATTRIBUTE_STANDARD_TYPE,
-+ G_FILE_QUERY_INFO_NOFOLLOW_SYMLINKS, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+ g_assert_nonnull (info);
-+
-+ g_assert_cmpstr (g_file_info_get_name (info), ==, "source");
-+ g_assert_cmpint (g_file_info_get_file_type (info), ==, G_FILE_TYPE_REGULAR);
-+
-+ g_clear_object (&info);
-+
-+ info = g_file_enumerator_next_file (enumerator, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+ g_assert_null (info);
-+
-+ g_file_enumerator_close (enumerator, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+ g_clear_object (&enumerator);
-+
-+ /* Double-check that `target` doesn’t exist */
-+ g_assert_false (g_file_query_exists (target_file, NULL));
-+
-+ /* Check the content of `source`. */
-+ g_file_load_contents (source_file,
-+ NULL,
-+ &contents,
-+ &length,
-+ NULL,
-+ &local_error);
-+ g_assert_no_error (local_error);
-+ g_assert_cmpstr (contents, ==, new_contents);
-+ g_assert_cmpuint (length, ==, strlen (new_contents));
-+ g_free (contents);
-+
-+ /* Tidy up. */
-+ g_file_delete (source_file, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ g_file_delete (tmpdir, NULL, &local_error);
-+ g_assert_no_error (local_error);
-+
-+ g_clear_object (&target_file);
-+ g_clear_object (&source_file);
-+ g_clear_object (&tmpdir);
-+#else /* if !G_OS_UNIX */
-+ g_test_skip ("Symlink replacement tests can only be run on Unix")
-+#endif
-+}
-+
- static void
- on_file_deleted (GObject *object,
- GAsyncResult *result,
-@@ -1754,6 +1861,7 @@ main (int argc, char *argv[])
- g_test_add_data_func ("/file/async-create-delete/4096", GINT_TO_POINTER (4096), test_create_delete);
- g_test_add_func ("/file/replace-load", test_replace_load);
- g_test_add_func ("/file/replace-cancel", test_replace_cancel);
-+ g_test_add_func ("/file/replace-symlink", test_replace_symlink);
- g_test_add_func ("/file/async-delete", test_async_delete);
- #ifdef G_OS_UNIX
- g_test_add_func ("/file/copy-preserve-mode", test_copy_preserve_mode);
---
-2.30.1
-