Branch data Line data Source code
1 : : /*
2 : : * Copyright © 2007, 2008 Ryan Lortie
3 : : * Copyright © 2010 Codethink Limited
4 : : * Copyright © 2022 Endless OS Foundation, LLC
5 : : *
6 : : * SPDX-License-Identifier: LGPL-2.1-or-later
7 : : *
8 : : * This library is free software; you can redistribute it and/or
9 : : * modify it under the terms of the GNU Lesser General Public
10 : : * License as published by the Free Software Foundation; either
11 : : * version 2.1 of the License, or (at your option) any later version.
12 : : *
13 : : * This library is distributed in the hope that it will be useful,
14 : : * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 : : * Lesser General Public License for more details.
17 : : *
18 : : * You should have received a copy of the GNU Lesser General Public
19 : : * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 : : */
21 : :
22 : : #include "config.h"
23 : :
24 : : #include <glib/gvariant-core.h>
25 : :
26 : : #include <glib/gvariant-internal.h>
27 : : #include <glib/gvariant-serialiser.h>
28 : : #include <glib/gtestutils.h>
29 : : #include <glib/gbitlock.h>
30 : : #include <glib/gatomic.h>
31 : : #include <glib/gbytes.h>
32 : : #include <glib/gslice.h>
33 : : #include <glib/gmem.h>
34 : : #include <glib/grefcount.h>
35 : : #include <string.h>
36 : :
37 : : #include "glib_trace.h"
38 : :
39 : : /*
40 : : * This file includes the structure definition for GVariant and a small
41 : : * set of functions that are allowed to access the structure directly.
42 : : *
43 : : * This minimises the amount of code that can possibly touch a GVariant
44 : : * structure directly to a few simple fundamental operations. These few
45 : : * operations are written to be completely threadsafe with respect to
46 : : * all possible outside access. This means that we only need to be
47 : : * concerned about thread safety issues in this one small file.
48 : : *
49 : : * Most GVariant API functions are in gvariant.c.
50 : : */
51 : :
52 : : struct _GVariant
53 : : /* see below for field member documentation */
54 : : {
55 : : GVariantTypeInfo *type_info;
56 : : gsize size;
57 : :
58 : : union
59 : : {
60 : : struct
61 : : {
62 : : GBytes *bytes;
63 : : gconstpointer data;
64 : : gsize ordered_offsets_up_to;
65 : : gsize checked_offsets_up_to;
66 : : } serialised;
67 : :
68 : : struct
69 : : {
70 : : GVariant **children;
71 : : gsize n_children;
72 : : } tree;
73 : : } contents;
74 : :
75 : : gint state;
76 : : gatomicrefcount ref_count;
77 : : gsize depth;
78 : : };
79 : :
80 : : /* struct GVariant:
81 : : *
82 : : * There are two primary forms of GVariant instances: "serialized form"
83 : : * and "tree form".
84 : : *
85 : : * "serialized form": A serialized GVariant instance stores its value in
86 : : * the GVariant serialization format. All
87 : : * basic-typed instances (ie: non-containers) are in
88 : : * serialized format, as are some containers.
89 : : *
90 : : * "tree form": Some containers are in "tree form". In this case,
91 : : * instead of containing the serialized data for the
92 : : * container, the instance contains an array of pointers to
93 : : * the child values of the container (thus forming a tree).
94 : : *
95 : : * It is possible for an instance to transition from tree form to
96 : : * serialized form. This happens, implicitly, if the serialized data is
97 : : * requested (eg: via g_variant_get_data()). Serialized form instances
98 : : * never transition into tree form.
99 : : *
100 : : *
101 : : * The fields of the structure are documented here:
102 : : *
103 : : * type_info: this is a reference to a GVariantTypeInfo describing the
104 : : * type of the instance. When the instance is freed, this
105 : : * reference must be released with g_variant_type_info_unref().
106 : : *
107 : : * The type_info field never changes during the life of the
108 : : * instance, so it can be accessed without a lock.
109 : : *
110 : : * size: this is the size of the serialized form for the instance, if it
111 : : * is known. If the instance is in serialized form then it is, by
112 : : * definition, known. If the instance is in tree form then it may
113 : : * be unknown (in which case it is -1). It is possible for the
114 : : * size to be known when in tree form if, for example, the user
115 : : * has called g_variant_get_size() without calling
116 : : * g_variant_get_data(). Additionally, even when the user calls
117 : : * g_variant_get_data() the size of the data must first be
118 : : * determined so that a large enough buffer can be allocated for
119 : : * the data.
120 : : *
121 : : * Once the size is known, it can never become unknown again.
122 : : * g_variant_ensure_size() is used to ensure that the size is in
123 : : * the known state -- it calculates the size if needed. After
124 : : * that, the size field can be accessed without a lock.
125 : : *
126 : : * contents: a union containing either the information associated with
127 : : * holding a value in serialized form or holding a value in
128 : : * tree form.
129 : : *
130 : : * .serialised: Only valid when the instance is in serialized form.
131 : : *
132 : : * Since an instance can never transition away from
133 : : * serialized form, once these fields are set, they will
134 : : * never be changed. It is therefore valid to access
135 : : * them without holding a lock.
136 : : *
137 : : * .bytes: the #GBytes that contains the memory pointed to by
138 : : * .data, or %NULL if .data is %NULL. In the event that
139 : : * the instance was deserialized from another instance,
140 : : * then the bytes will be shared by both of them. When
141 : : * the instance is freed, this reference must be released
142 : : * with g_bytes_unref().
143 : : *
144 : : * .data: the serialized data (of size 'size') of the instance.
145 : : * This pointer should not be freed or modified in any way.
146 : : * #GBytes is responsible for memory management.
147 : : *
148 : : * This pointer may be %NULL in two cases:
149 : : *
150 : : * - if the serialized size of the instance is 0
151 : : *
152 : : * - if the instance is of a fixed-sized type and was
153 : : * deserialized out of a corrupted container such that
154 : : * the container contains too few bytes to point to the
155 : : * entire proper fixed-size of this instance. In this
156 : : * case, 'size' will still be equal to the proper fixed
157 : : * size, but this pointer will be %NULL. This is exactly
158 : : * the reason that g_variant_get_data() sometimes returns
159 : : * %NULL. For all other calls, the effect should be as
160 : : * if .data pointed to the appropriate number of nul
161 : : * bytes.
162 : : *
163 : : * .ordered_offsets_up_to: If ordered_offsets_up_to == n this means that all
164 : : * the frame offsets up to and including the frame
165 : : * offset determining the end of element n are in
166 : : * order. This guarantees that the bytes of element
167 : : * n don't overlap with any previous element.
168 : : *
169 : : * For trusted data this is set to G_MAXSIZE and we
170 : : * don't check that the frame offsets are in order.
171 : : *
172 : : * Note: This doesn't imply the offsets are good in
173 : : * any way apart from their ordering. In particular
174 : : * offsets may be out of bounds for this value or
175 : : * may imply that the data overlaps the frame
176 : : * offsets themselves.
177 : : *
178 : : * This field is only relevant for arrays of non
179 : : * fixed width types and for tuples.
180 : : *
181 : : * .checked_offsets_up_to: Similarly to .ordered_offsets_up_to, this stores
182 : : * the index of the highest element, n, whose frame
183 : : * offsets (and all the preceding frame offsets)
184 : : * have been checked for validity.
185 : : *
186 : : * It is always the case that
187 : : * .checked_offsets_up_to ≥ .ordered_offsets_up_to.
188 : : *
189 : : * If .checked_offsets_up_to == .ordered_offsets_up_to,
190 : : * then a bad offset has not been found so far.
191 : : *
192 : : * If .checked_offsets_up_to > .ordered_offsets_up_to,
193 : : * then a bad offset has been found at
194 : : * (.ordered_offsets_up_to + 1).
195 : : *
196 : : * This field is only relevant for arrays of non
197 : : * fixed width types and for tuples.
198 : : *
199 : : * .tree: Only valid when the instance is in tree form.
200 : : *
201 : : * Note that accesses from other threads could result in
202 : : * conversion of the instance from tree form to serialized form
203 : : * at any time. For this reason, the instance lock must always
204 : : * be held while performing any operations on 'contents.tree'.
205 : : *
206 : : * .children: the array of the child instances of this instance.
207 : : * When the instance is freed (or converted to serialized
208 : : * form) then each child must have g_variant_unref()
209 : : * called on it and the array must be freed using
210 : : * g_free().
211 : : *
212 : : * .n_children: the number of items in the .children array.
213 : : *
214 : : * state: a bitfield describing the state of the instance. It is a
215 : : * bitwise-or of the following STATE_* constants:
216 : : *
217 : : * STATE_LOCKED: the instance lock is held. This is the bit used by
218 : : * g_bit_lock().
219 : : *
220 : : * STATE_SERIALISED: the instance is in serialized form. If this
221 : : * flag is not set then the instance is in tree
222 : : * form.
223 : : *
224 : : * STATE_TRUSTED: for serialized form instances, this means that the
225 : : * serialized data is known to be in normal form (ie:
226 : : * not corrupted).
227 : : *
228 : : * For tree form instances, this means that all of the
229 : : * child instances in the contents.tree.children array
230 : : * are trusted. This means that if the container is
231 : : * serialized then the resulting data will be in
232 : : * normal form.
233 : : *
234 : : * If this flag is unset it does not imply that the
235 : : * data is corrupted. It merely means that we're not
236 : : * sure that it's valid. See g_variant_is_trusted().
237 : : *
238 : : * STATE_FLOATING: if this flag is set then the object has a floating
239 : : * reference. See g_variant_ref_sink().
240 : : *
241 : : * ref_count: the reference count of the instance
242 : : *
243 : : * depth: the depth of the GVariant in a hierarchy of nested containers,
244 : : * increasing with the level of nesting. The top-most GVariant has depth
245 : : * zero. This is used to avoid recursing too deeply and overflowing the
246 : : * stack when handling deeply nested untrusted serialized GVariants.
247 : : */
248 : : #define STATE_LOCKED 1
249 : : #define STATE_SERIALISED 2
250 : : #define STATE_TRUSTED 4
251 : : #define STATE_FLOATING 8
252 : :
253 : : /* -- private -- */
254 : : /* < private >
255 : : * g_variant_lock:
256 : : * @value: a #GVariant
257 : : *
258 : : * Locks @value for performing sensitive operations.
259 : : */
260 : : static void
261 : 19775274 : g_variant_lock (GVariant *value)
262 : : {
263 : 19775274 : g_bit_lock (&value->state, 0);
264 : 19775274 : }
265 : :
266 : : /* < private >
267 : : * g_variant_unlock:
268 : : * @value: a #GVariant
269 : : *
270 : : * Unlocks @value after performing sensitive operations.
271 : : */
272 : : static void
273 : 19775274 : g_variant_unlock (GVariant *value)
274 : : {
275 : 19775274 : g_bit_unlock (&value->state, 0);
276 : 19775274 : }
277 : :
278 : : /* < private >
279 : : * g_variant_release_children:
280 : : * @value: a #GVariant
281 : : *
282 : : * Releases the reference held on each child in the 'children' array of
283 : : * @value and frees the array itself. @value must be in tree form.
284 : : *
285 : : * This is done when freeing a tree-form instance or converting it to
286 : : * serialized form.
287 : : *
288 : : * The current thread must hold the lock on @value.
289 : : */
290 : : static void
291 : 510851 : g_variant_release_children (GVariant *value)
292 : : {
293 : : gsize i;
294 : :
295 : 510851 : g_assert (value->state & STATE_LOCKED);
296 : 510851 : g_assert (~value->state & STATE_SERIALISED);
297 : :
298 [ + + ]: 3025994 : for (i = 0; i < value->contents.tree.n_children; i++)
299 : 2515143 : g_variant_unref (value->contents.tree.children[i]);
300 : :
301 : 510851 : g_free (value->contents.tree.children);
302 : 510851 : }
303 : :
304 : : /* This begins the main body of the recursive serializer.
305 : : *
306 : : * There are 3 functions here that work as a team with the serializer to
307 : : * get things done. g_variant_store() has a trivial role, but as a
308 : : * public API function, it has its definition elsewhere.
309 : : *
310 : : * Note that "serialization" of an instance does not mean that the
311 : : * instance is converted to serialized form -- it means that the
312 : : * serialized form of an instance is written to an external buffer.
313 : : * g_variant_ensure_serialised() (which is not part of this set of
314 : : * functions) is the function that is responsible for converting an
315 : : * instance to serialized form.
316 : : *
317 : : * We are only concerned here with container types since non-container
318 : : * instances are always in serialized form. For these instances,
319 : : * storing their serialized form merely involves a memcpy().
320 : : *
321 : : * Serialization is a two-step process. First, the size of the
322 : : * serialized data must be calculated so that an appropriately-sized
323 : : * buffer can be allocated. Second, the data is written into the
324 : : * buffer.
325 : : *
326 : : * Determining the size:
327 : : * The process of determining the size is triggered by a call to
328 : : * g_variant_ensure_size() on a container. This invokes the
329 : : * serializer code to determine the size. The serializer is passed
330 : : * g_variant_fill_gvs() as a callback.
331 : : *
332 : : * g_variant_fill_gvs() is called by the serializer on each child of
333 : : * the container which, in turn, calls g_variant_ensure_size() on
334 : : * itself and fills in the result of its own size calculation.
335 : : *
336 : : * The serializer uses the size information from the children to
337 : : * calculate the size needed for the entire container.
338 : : *
339 : : * Writing the data:
340 : : * After the buffer has been allocated, g_variant_serialise() is
341 : : * called on the container. This invokes the serializer code to write
342 : : * the bytes to the container. The serializer is, again, passed
343 : : * g_variant_fill_gvs() as a callback.
344 : : *
345 : : * This time, when g_variant_fill_gvs() is called for each child, the
346 : : * child is given a pointer to a sub-region of the allocated buffer
347 : : * where it should write its data. This is done by calling
348 : : * g_variant_store(). In the event that the instance is in serialized
349 : : * form this means a memcpy() of the serialized data into the
350 : : * allocated buffer. In the event that the instance is in tree form
351 : : * this means a recursive call back into g_variant_serialise().
352 : : *
353 : : *
354 : : * The forward declaration here allows corecursion via callback:
355 : : */
356 : : static void g_variant_fill_gvs (GVariantSerialised *, gpointer);
357 : :
358 : : /* < private >
359 : : * g_variant_ensure_size:
360 : : * @value: a #GVariant
361 : : *
362 : : * Ensures that the ->size field of @value is filled in properly. This
363 : : * must be done as a precursor to any serialization of the value in
364 : : * order to know how large of a buffer is needed to store the data.
365 : : *
366 : : * The current thread must hold the lock on @value.
367 : : */
368 : : static void
369 : 3962536 : g_variant_ensure_size (GVariant *value)
370 : : {
371 : 3962536 : g_assert (value->state & STATE_LOCKED);
372 : :
373 [ + + ]: 3962536 : if (value->size == (gsize) -1)
374 : : {
375 : : gpointer *children;
376 : : gsize n_children;
377 : :
378 : 24852 : children = (gpointer *) value->contents.tree.children;
379 : 24852 : n_children = value->contents.tree.n_children;
380 : 24852 : value->size = g_variant_serialiser_needed_size (value->type_info,
381 : : g_variant_fill_gvs,
382 : : children, n_children);
383 : : }
384 : 3962536 : }
385 : :
386 : : /* < private >
387 : : * g_variant_to_serialised:
388 : : * @value: a #GVariant
389 : : *
390 : : * Gets a GVariantSerialised for a GVariant in state STATE_SERIALISED.
391 : : */
392 : : inline static GVariantSerialised
393 : 786891 : g_variant_to_serialised (GVariant *value)
394 : : {
395 : 786891 : g_assert (value->state & STATE_SERIALISED);
396 : : {
397 : 786891 : GVariantSerialised serialised = {
398 : 786891 : value->type_info,
399 : 786891 : (gpointer) value->contents.serialised.data,
400 : 786891 : value->size,
401 : 786891 : value->depth,
402 : 786891 : value->contents.serialised.ordered_offsets_up_to,
403 : 786891 : value->contents.serialised.checked_offsets_up_to,
404 : : };
405 : 786891 : return serialised;
406 : : }
407 : : }
408 : :
409 : : /* < private >
410 : : * g_variant_serialise:
411 : : * @value: a #GVariant
412 : : * @data: an appropriately-sized buffer
413 : : *
414 : : * Serializes @value into @data. @value must be in tree form.
415 : : *
416 : : * No change is made to @value.
417 : : *
418 : : * The current thread must hold the lock on @value.
419 : : */
420 : : static void
421 : 24980 : g_variant_serialise (GVariant *value,
422 : : gpointer data)
423 : : {
424 : 24980 : GVariantSerialised serialised = { 0, };
425 : : gpointer *children;
426 : : gsize n_children;
427 : :
428 : 24980 : g_assert (~value->state & STATE_SERIALISED);
429 : 24980 : g_assert (value->state & STATE_LOCKED);
430 : :
431 : 24980 : serialised.type_info = value->type_info;
432 : 24980 : serialised.size = value->size;
433 : 24980 : serialised.data = data;
434 : 24980 : serialised.depth = value->depth;
435 : 24980 : serialised.ordered_offsets_up_to = 0;
436 : 24980 : serialised.checked_offsets_up_to = 0;
437 : :
438 : 24980 : children = (gpointer *) value->contents.tree.children;
439 : 24980 : n_children = value->contents.tree.n_children;
440 : :
441 : 24980 : g_variant_serialiser_serialise (serialised, g_variant_fill_gvs,
442 : : children, n_children);
443 : 24980 : }
444 : :
445 : : /* < private >
446 : : * g_variant_fill_gvs:
447 : : * @serialised: a pointer to a #GVariantSerialised
448 : : * @data: a #GVariant instance
449 : : *
450 : : * This is the callback that is passed by a tree-form container instance
451 : : * to the serializer. This callback gets called on each child of the
452 : : * container. Each child is responsible for performing the following
453 : : * actions:
454 : : *
455 : : * - reporting its type
456 : : *
457 : : * - reporting its serialized size (requires knowing the size first)
458 : : *
459 : : * - possibly storing its serialized form into the provided buffer
460 : : */
461 : : static void
462 : 276821 : g_variant_fill_gvs (GVariantSerialised *serialised,
463 : : gpointer data)
464 : : {
465 : 276821 : GVariant *value = data;
466 : :
467 : 276821 : g_variant_lock (value);
468 : 276821 : g_variant_ensure_size (value);
469 : 276821 : g_variant_unlock (value);
470 : :
471 [ + + ]: 276821 : if (serialised->type_info == NULL)
472 : 150369 : serialised->type_info = value->type_info;
473 : 276821 : g_assert (serialised->type_info == value->type_info);
474 : :
475 [ + + ]: 276821 : if (serialised->size == 0)
476 : 149561 : serialised->size = value->size;
477 : 276821 : g_assert (serialised->size == value->size);
478 : 276821 : serialised->depth = value->depth;
479 : :
480 [ + + ]: 276821 : if (value->state & STATE_SERIALISED)
481 : : {
482 : 247836 : serialised->ordered_offsets_up_to = value->contents.serialised.ordered_offsets_up_to;
483 : 247836 : serialised->checked_offsets_up_to = value->contents.serialised.checked_offsets_up_to;
484 : : }
485 : : else
486 : : {
487 : 28985 : serialised->ordered_offsets_up_to = 0;
488 : 28985 : serialised->checked_offsets_up_to = 0;
489 : : }
490 : :
491 [ + + ]: 276821 : if (serialised->data)
492 : : /* g_variant_store() is a public API, so it
493 : : * it will reacquire the lock if it needs to.
494 : : */
495 : 209456 : g_variant_store (value, serialised->data);
496 : 276821 : }
497 : :
498 : : /* this ends the main body of the recursive serializer */
499 : :
500 : : /* < private >
501 : : * g_variant_ensure_serialised:
502 : : * @value: a #GVariant
503 : : *
504 : : * Ensures that @value is in serialized form.
505 : : *
506 : : * If @value is in tree form then this function ensures that the
507 : : * serialized size is known and then allocates a buffer of that size and
508 : : * serializes the instance into the buffer. The 'children' array is
509 : : * then released and the instance is set to serialized form based on the
510 : : * contents of the buffer.
511 : : *
512 : : * The current thread must hold the lock on @value.
513 : : */
514 : : static void
515 : 6037727 : g_variant_ensure_serialised (GVariant *value)
516 : : {
517 : 6037727 : g_assert (value->state & STATE_LOCKED);
518 : :
519 [ + + ]: 6037727 : if (~value->state & STATE_SERIALISED)
520 : : {
521 : : GBytes *bytes;
522 : : gpointer data;
523 : :
524 : 9699 : TRACE(GLIB_VARIANT_START_SERIALISE(value, value->type_info));
525 : 9699 : g_variant_ensure_size (value);
526 : 9699 : data = g_malloc (value->size);
527 : 9699 : g_variant_serialise (value, data);
528 : :
529 : 9699 : g_variant_release_children (value);
530 : :
531 : 9699 : bytes = g_bytes_new_take (data, value->size);
532 : 9699 : value->contents.serialised.data = g_bytes_get_data (bytes, NULL);
533 : 9699 : value->contents.serialised.bytes = bytes;
534 : 9699 : value->contents.serialised.ordered_offsets_up_to = G_MAXSIZE;
535 : 9699 : value->contents.serialised.checked_offsets_up_to = G_MAXSIZE;
536 : 9699 : value->state |= STATE_SERIALISED;
537 : 9699 : TRACE(GLIB_VARIANT_END_SERIALISE(value, value->type_info));
538 : : }
539 : 6037727 : }
540 : :
541 : : /* < private >
542 : : * g_variant_alloc:
543 : : * @type: the type of the new instance
544 : : * @serialised: if the instance will be in serialised form
545 : : * @trusted: if the instance will be trusted
546 : : *
547 : : * Allocates a #GVariant instance and does some common work (such as
548 : : * looking up and filling in the type info), setting the state field,
549 : : * and setting the ref_count to 1.
550 : : *
551 : : * Returns: a new #GVariant with a floating reference
552 : : */
553 : : static GVariant *
554 : 3295338 : g_variant_alloc (const GVariantType *type,
555 : : gboolean serialised,
556 : : gboolean trusted)
557 : : {
558 : : GVariant *value;
559 : :
560 : 3295338 : value = g_slice_new (GVariant);
561 : 3295338 : value->type_info = g_variant_type_info_get (type);
562 [ + + ]: 3295338 : value->state = (serialised ? STATE_SERIALISED : 0) |
563 [ + + ]: 3295338 : (trusted ? STATE_TRUSTED : 0) |
564 : : STATE_FLOATING;
565 : 3295338 : value->size = (gssize) -1;
566 : 3295338 : g_atomic_ref_count_init (&value->ref_count);
567 : 3295338 : value->depth = 0;
568 : :
569 : 3295338 : return value;
570 : : }
571 : :
572 : : /**
573 : : * g_variant_new_from_bytes:
574 : : * @type: a #GVariantType
575 : : * @bytes: a #GBytes
576 : : * @trusted: if the contents of @bytes are trusted
577 : : *
578 : : * Constructs a new serialized-mode #GVariant instance. This is the
579 : : * inner interface for creation of new serialized values that gets
580 : : * called from various functions in gvariant.c.
581 : : *
582 : : * A reference is taken on @bytes.
583 : : *
584 : : * The data in @bytes must be aligned appropriately for the @type being loaded.
585 : : * Otherwise this function will internally create a copy of the memory (since
586 : : * GLib 2.60) or (in older versions) fail and exit the process.
587 : : *
588 : : * Returns: (transfer none): a new #GVariant with a floating reference
589 : : *
590 : : * Since: 2.36
591 : : */
592 : : GVariant *
593 : 2784439 : g_variant_new_from_bytes (const GVariantType *type,
594 : : GBytes *bytes,
595 : : gboolean trusted)
596 : : {
597 : : GVariant *value;
598 : : guint alignment;
599 : : gsize size;
600 : 2784439 : GBytes *owned_bytes = NULL;
601 : : GVariantSerialised serialised;
602 : :
603 : 2784439 : value = g_variant_alloc (type, TRUE, trusted);
604 : :
605 : 2784439 : g_variant_type_info_query (value->type_info,
606 : : &alignment, &size);
607 : :
608 : : /* Ensure the alignment is correct. This is a huge performance hit if it’s
609 : : * not correct, but that’s better than aborting if a caller provides data
610 : : * with the wrong alignment (which is likely to happen very occasionally, and
611 : : * only cause an abort on some architectures — so is unlikely to be caught
612 : : * in testing). Callers can always actively ensure they use the correct
613 : : * alignment to avoid the performance hit. */
614 : 2784439 : serialised.type_info = value->type_info;
615 : 2784439 : serialised.data = (guchar *) g_bytes_get_data (bytes, &serialised.size);
616 : 2784439 : serialised.depth = 0;
617 [ + + ]: 2784439 : serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
618 [ + + ]: 2784439 : serialised.checked_offsets_up_to = trusted ? G_MAXSIZE : 0;
619 : :
620 [ + + ]: 2784439 : if (!g_variant_serialised_check (serialised))
621 : : {
622 : : #ifdef HAVE_POSIX_MEMALIGN
623 : 85 : gpointer aligned_data = NULL;
624 : 85 : gsize aligned_size = g_bytes_get_size (bytes);
625 : :
626 : : /* posix_memalign() requires the alignment to be a multiple of
627 : : * sizeof(void*), and a power of 2. See g_variant_type_info_query() for
628 : : * details on the alignment format.
629 : : *
630 : : * While calling posix_memalign() with aligned_size==0 is safe on glibc,
631 : : * POSIX specifies that the behaviour is implementation-defined, so avoid
632 : : * that and leave aligned_data==NULL in that case.
633 : : * See https://pubs.opengroup.org/onlinepubs/9699919799/functions/posix_memalign.html */
634 [ + + ]: 85 : if (aligned_size != 0 &&
635 [ - + ]: 61 : posix_memalign (&aligned_data, MAX (sizeof (void *), alignment + 1),
636 : : aligned_size) != 0)
637 : 0 : g_error ("posix_memalign failed");
638 : :
639 [ + + ]: 85 : if (aligned_size != 0)
640 : 61 : memcpy (aligned_data, g_bytes_get_data (bytes, NULL), aligned_size);
641 : :
642 : 85 : bytes = owned_bytes = g_bytes_new_with_free_func (aligned_data,
643 : : aligned_size,
644 : : free, aligned_data);
645 : 85 : aligned_data = NULL;
646 : : #else
647 : : /* NOTE: there may be platforms that lack posix_memalign() and also
648 : : * have malloc() that returns non-8-aligned. if so, we need to try
649 : : * harder here.
650 : : */
651 : : bytes = owned_bytes = g_bytes_new (g_bytes_get_data (bytes, NULL),
652 : : g_bytes_get_size (bytes));
653 : : #endif
654 : : }
655 : :
656 : 2784439 : value->contents.serialised.bytes = g_bytes_ref (bytes);
657 : :
658 [ + + + + ]: 2784439 : if (size && g_bytes_get_size (bytes) != size)
659 : : {
660 : : /* Creating a fixed-sized GVariant with a bytes of the wrong
661 : : * size.
662 : : *
663 : : * We should do the equivalent of pulling a fixed-sized child out
664 : : * of a brozen container (ie: data is NULL size is equal to the correct
665 : : * fixed size).
666 : : */
667 : 73 : value->contents.serialised.data = NULL;
668 : 73 : value->size = size;
669 : : }
670 : : else
671 : : {
672 : 2784366 : value->contents.serialised.data = g_bytes_get_data (bytes, &value->size);
673 : : }
674 : :
675 [ + + ]: 2784439 : value->contents.serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
676 [ + + ]: 2784439 : value->contents.serialised.checked_offsets_up_to = trusted ? G_MAXSIZE : 0;
677 : :
678 : 2784439 : g_clear_pointer (&owned_bytes, g_bytes_unref);
679 : :
680 : 2784439 : TRACE(GLIB_VARIANT_FROM_BUFFER(value, value->type_info, value->ref_count, value->state));
681 : :
682 : 2784439 : return value;
683 : : }
684 : :
685 : : /* -- internal -- */
686 : :
687 : : /* < internal >
688 : : * g_variant_new_from_children:
689 : : * @type: a #GVariantType
690 : : * @children: an array of #GVariant pointers. Consumed.
691 : : * @n_children: the length of @children
692 : : * @trusted: %TRUE if every child in @children is trusted
693 : : *
694 : : * Constructs a new tree-mode #GVariant instance. This is the inner
695 : : * interface for creation of new serialized values that gets called from
696 : : * various functions in gvariant.c.
697 : : *
698 : : * @children is consumed by this function. g_free() will be called on
699 : : * it some time later.
700 : : *
701 : : * Returns: a new #GVariant with a floating reference
702 : : */
703 : : GVariant *
704 : 510899 : g_variant_new_from_children (const GVariantType *type,
705 : : GVariant **children,
706 : : gsize n_children,
707 : : gboolean trusted)
708 : : {
709 : : GVariant *value;
710 : :
711 : 510899 : value = g_variant_alloc (type, FALSE, trusted);
712 : 510899 : value->contents.tree.children = children;
713 : 510899 : value->contents.tree.n_children = n_children;
714 : 510899 : TRACE(GLIB_VARIANT_FROM_CHILDREN(value, value->type_info, value->ref_count, value->state));
715 : :
716 : 510899 : return value;
717 : : }
718 : :
719 : : /* < internal >
720 : : * g_variant_get_type_info:
721 : : * @value: a #GVariant
722 : : *
723 : : * Returns the #GVariantTypeInfo corresponding to the type of @value. A
724 : : * reference is not added, so the return value is only good for the
725 : : * duration of the life of @value.
726 : : *
727 : : * Returns: the #GVariantTypeInfo for @value
728 : : */
729 : : GVariantTypeInfo *
730 : 31520706 : g_variant_get_type_info (GVariant *value)
731 : : {
732 : 31520706 : return value->type_info;
733 : : }
734 : :
735 : : /* < internal >
736 : : * g_variant_is_trusted:
737 : : * @value: a #GVariant
738 : : *
739 : : * Determines if @value is trusted by #GVariant to contain only
740 : : * fully-valid data. All values constructed solely via #GVariant APIs
741 : : * are trusted, but values containing data read in from other sources
742 : : * are usually not trusted.
743 : : *
744 : : * The main advantage of trusted data is that certain checks can be
745 : : * skipped. For example, we don't need to check that a string is
746 : : * properly nul-terminated or that an object path is actually a
747 : : * properly-formatted object path.
748 : : *
749 : : * Returns: if @value is trusted
750 : : */
751 : : gboolean
752 : 6189265 : g_variant_is_trusted (GVariant *value)
753 : : {
754 : 6189265 : return (value->state & STATE_TRUSTED) != 0;
755 : : }
756 : :
757 : : /* < internal >
758 : : * g_variant_get_depth:
759 : : * @value: a #GVariant
760 : : *
761 : : * Gets the nesting depth of a #GVariant. This is 0 for a #GVariant with no
762 : : * children.
763 : : *
764 : : * Returns: nesting depth of @value
765 : : */
766 : : gsize
767 : 180 : g_variant_get_depth (GVariant *value)
768 : : {
769 : 180 : return value->depth;
770 : : }
771 : :
772 : : /* -- public -- */
773 : :
774 : : /**
775 : : * g_variant_unref:
776 : : * @value: a #GVariant
777 : : *
778 : : * Decreases the reference count of @value. When its reference count
779 : : * drops to 0, the memory used by the variant is freed.
780 : : *
781 : : * Since: 2.24
782 : : **/
783 : : void
784 : 10221473 : g_variant_unref (GVariant *value)
785 : : {
786 : 10221473 : g_return_if_fail (value != NULL);
787 : :
788 : 10221473 : TRACE(GLIB_VARIANT_UNREF(value, value->type_info, value->ref_count, value->state));
789 : :
790 [ + + ]: 10221473 : if (g_atomic_ref_count_dec (&value->ref_count))
791 : : {
792 [ - + ]: 4012523 : if G_UNLIKELY (value->state & STATE_LOCKED)
793 : 0 : g_critical ("attempting to free a locked GVariant instance. "
794 : : "This should never happen.");
795 : :
796 : 4012523 : value->state |= STATE_LOCKED;
797 : :
798 : 4012523 : g_variant_type_info_unref (value->type_info);
799 : :
800 [ + + ]: 4012523 : if (value->state & STATE_SERIALISED)
801 : 3511371 : g_bytes_unref (value->contents.serialised.bytes);
802 : : else
803 : 501152 : g_variant_release_children (value);
804 : :
805 : 4012523 : memset (value, 0, sizeof (GVariant));
806 : 4012523 : g_slice_free (GVariant, value);
807 : : }
808 : : }
809 : :
810 : : /**
811 : : * g_variant_ref:
812 : : * @value: a #GVariant
813 : : *
814 : : * Increases the reference count of @value.
815 : : *
816 : : * Returns: the same @value
817 : : *
818 : : * Since: 2.24
819 : : **/
820 : : GVariant *
821 : 6208963 : g_variant_ref (GVariant *value)
822 : : {
823 : 6208963 : g_return_val_if_fail (value != NULL, NULL);
824 : :
825 : 6208963 : TRACE(GLIB_VARIANT_REF(value, value->type_info, value->ref_count, value->state));
826 : :
827 : 6208963 : g_atomic_ref_count_inc (&value->ref_count);
828 : :
829 : 6208963 : return value;
830 : : }
831 : :
832 : : /**
833 : : * g_variant_ref_sink:
834 : : * @value: a #GVariant
835 : : *
836 : : * #GVariant uses a floating reference count system. All functions with
837 : : * names starting with `g_variant_new_` return floating
838 : : * references.
839 : : *
840 : : * Calling g_variant_ref_sink() on a #GVariant with a floating reference
841 : : * will convert the floating reference into a full reference. Calling
842 : : * g_variant_ref_sink() on a non-floating #GVariant results in an
843 : : * additional normal reference being added.
844 : : *
845 : : * In other words, if the @value is floating, then this call "assumes
846 : : * ownership" of the floating reference, converting it to a normal
847 : : * reference. If the @value is not floating, then this call adds a
848 : : * new normal reference increasing the reference count by one.
849 : : *
850 : : * All calls that result in a #GVariant instance being inserted into a
851 : : * container will call g_variant_ref_sink() on the instance. This means
852 : : * that if the value was just created (and has only its floating
853 : : * reference) then the container will assume sole ownership of the value
854 : : * at that point and the caller will not need to unreference it. This
855 : : * makes certain common styles of programming much easier while still
856 : : * maintaining normal refcounting semantics in situations where values
857 : : * are not floating.
858 : : *
859 : : * Returns: the same @value
860 : : *
861 : : * Since: 2.24
862 : : **/
863 : : GVariant *
864 : 3444385 : g_variant_ref_sink (GVariant *value)
865 : : {
866 : 3444385 : g_return_val_if_fail (value != NULL, NULL);
867 : 3444385 : g_return_val_if_fail (!g_atomic_ref_count_compare (&value->ref_count, 0), NULL);
868 : :
869 : 3444385 : g_variant_lock (value);
870 : :
871 : 3444385 : TRACE(GLIB_VARIANT_REF_SINK(value, value->type_info, value->ref_count, value->state, value->state & STATE_FLOATING));
872 : :
873 [ + + ]: 3444385 : if (~value->state & STATE_FLOATING)
874 : 768233 : g_variant_ref (value);
875 : : else
876 : 2676152 : value->state &= ~STATE_FLOATING;
877 : :
878 : 3444385 : g_variant_unlock (value);
879 : :
880 : 3444385 : return value;
881 : : }
882 : :
883 : : /**
884 : : * g_variant_take_ref:
885 : : * @value: a #GVariant
886 : : *
887 : : * If @value is floating, sink it. Otherwise, do nothing.
888 : : *
889 : : * Typically you want to use g_variant_ref_sink() in order to
890 : : * automatically do the correct thing with respect to floating or
891 : : * non-floating references, but there is one specific scenario where
892 : : * this function is helpful.
893 : : *
894 : : * The situation where this function is helpful is when creating an API
895 : : * that allows the user to provide a callback function that returns a
896 : : * #GVariant. We certainly want to allow the user the flexibility to
897 : : * return a non-floating reference from this callback (for the case
898 : : * where the value that is being returned already exists).
899 : : *
900 : : * At the same time, the style of the #GVariant API makes it likely that
901 : : * for newly-created #GVariant instances, the user can be saved some
902 : : * typing if they are allowed to return a #GVariant with a floating
903 : : * reference.
904 : : *
905 : : * Using this function on the return value of the user's callback allows
906 : : * the user to do whichever is more convenient for them. The caller
907 : : * will always receives exactly one full reference to the value: either
908 : : * the one that was returned in the first place, or a floating reference
909 : : * that has been converted to a full reference.
910 : : *
911 : : * This function has an odd interaction when combined with
912 : : * g_variant_ref_sink() running at the same time in another thread on
913 : : * the same #GVariant instance. If g_variant_ref_sink() runs first then
914 : : * the result will be that the floating reference is converted to a hard
915 : : * reference. If g_variant_take_ref() runs first then the result will
916 : : * be that the floating reference is converted to a hard reference and
917 : : * an additional reference on top of that one is added. It is best to
918 : : * avoid this situation.
919 : : *
920 : : * Returns: the same @value
921 : : **/
922 : : GVariant *
923 : 604099 : g_variant_take_ref (GVariant *value)
924 : : {
925 : 604099 : g_return_val_if_fail (value != NULL, NULL);
926 : 604099 : g_return_val_if_fail (!g_atomic_ref_count_compare (&value->ref_count, 0), NULL);
927 : :
928 : 604099 : TRACE(GLIB_VARIANT_TAKE_REF(value, value->type_info, value->ref_count, value->state, value->state & STATE_FLOATING));
929 : 604099 : g_atomic_int_and (&value->state, ~STATE_FLOATING);
930 : :
931 : 604099 : return value;
932 : : }
933 : :
934 : : /**
935 : : * g_variant_is_floating:
936 : : * @value: a #GVariant
937 : : *
938 : : * Checks whether @value has a floating reference count.
939 : : *
940 : : * This function should only ever be used to assert that a given variant
941 : : * is or is not floating, or for debug purposes. To acquire a reference
942 : : * to a variant that might be floating, always use g_variant_ref_sink()
943 : : * or g_variant_take_ref().
944 : : *
945 : : * See g_variant_ref_sink() for more information about floating reference
946 : : * counts.
947 : : *
948 : : * Returns: whether @value is floating
949 : : *
950 : : * Since: 2.26
951 : : **/
952 : : gboolean
953 : 1208 : g_variant_is_floating (GVariant *value)
954 : : {
955 : 1208 : g_return_val_if_fail (value != NULL, FALSE);
956 : :
957 : 1208 : return (value->state & STATE_FLOATING) != 0;
958 : : }
959 : :
960 : : /**
961 : : * g_variant_get_size:
962 : : * @value: a #GVariant instance
963 : : *
964 : : * Determines the number of bytes that would be required to store @value
965 : : * with g_variant_store().
966 : : *
967 : : * If @value has a fixed-sized type then this function always returned
968 : : * that fixed size.
969 : : *
970 : : * In the case that @value is already in serialized form or the size has
971 : : * already been calculated (ie: this function has been called before)
972 : : * then this function is O(1). Otherwise, the size is calculated, an
973 : : * operation which is approximately O(n) in the number of values
974 : : * involved.
975 : : *
976 : : * Returns: the serialized size of @value
977 : : *
978 : : * Since: 2.24
979 : : **/
980 : : gsize
981 : 3676016 : g_variant_get_size (GVariant *value)
982 : : {
983 : 3676016 : g_variant_lock (value);
984 : 3676016 : g_variant_ensure_size (value);
985 : 3676016 : g_variant_unlock (value);
986 : :
987 : 3676016 : return value->size;
988 : : }
989 : :
990 : : /**
991 : : * g_variant_get_data:
992 : : * @value: a #GVariant instance
993 : : *
994 : : * Returns a pointer to the serialized form of a #GVariant instance.
995 : : * The returned data may not be in fully-normalised form if read from an
996 : : * untrusted source. The returned data must not be freed; it remains
997 : : * valid for as long as @value exists.
998 : : *
999 : : * If @value is a fixed-sized value that was deserialized from a
1000 : : * corrupted serialized container then %NULL may be returned. In this
1001 : : * case, the proper thing to do is typically to use the appropriate
1002 : : * number of nul bytes in place of @value. If @value is not fixed-sized
1003 : : * then %NULL is never returned.
1004 : : *
1005 : : * In the case that @value is already in serialized form, this function
1006 : : * is O(1). If the value is not already in serialized form,
1007 : : * serialization occurs implicitly and is approximately O(n) in the size
1008 : : * of the result.
1009 : : *
1010 : : * To deserialize the data returned by this function, in addition to the
1011 : : * serialized data, you must know the type of the #GVariant, and (if the
1012 : : * machine might be different) the endianness of the machine that stored
1013 : : * it. As a result, file formats or network messages that incorporate
1014 : : * serialized #GVariants must include this information either
1015 : : * implicitly (for instance "the file always contains a
1016 : : * %G_VARIANT_TYPE_VARIANT and it is always in little-endian order") or
1017 : : * explicitly (by storing the type and/or endianness in addition to the
1018 : : * serialized data).
1019 : : *
1020 : : * Returns: (transfer none): the serialized form of @value, or %NULL
1021 : : *
1022 : : * Since: 2.24
1023 : : **/
1024 : : gconstpointer
1025 : 6037691 : g_variant_get_data (GVariant *value)
1026 : : {
1027 : 6037691 : g_variant_lock (value);
1028 : 6037691 : g_variant_ensure_serialised (value);
1029 : 6037691 : g_variant_unlock (value);
1030 : :
1031 : 6037691 : return value->contents.serialised.data;
1032 : : }
1033 : :
1034 : : /**
1035 : : * g_variant_get_data_as_bytes:
1036 : : * @value: a #GVariant
1037 : : *
1038 : : * Returns a pointer to the serialized form of a #GVariant instance.
1039 : : * The semantics of this function are exactly the same as
1040 : : * g_variant_get_data(), except that the returned #GBytes holds
1041 : : * a reference to the variant data.
1042 : : *
1043 : : * Returns: (transfer full): A new #GBytes representing the variant data
1044 : : *
1045 : : * Since: 2.36
1046 : : */
1047 : : GBytes *
1048 : 36 : g_variant_get_data_as_bytes (GVariant *value)
1049 : : {
1050 : : const gchar *bytes_data;
1051 : : const gchar *data;
1052 : : gsize bytes_size;
1053 : : gsize size;
1054 : :
1055 : 36 : g_variant_lock (value);
1056 : 36 : g_variant_ensure_serialised (value);
1057 : 36 : g_variant_unlock (value);
1058 : :
1059 : 36 : bytes_data = g_bytes_get_data (value->contents.serialised.bytes, &bytes_size);
1060 : 36 : data = value->contents.serialised.data;
1061 : 36 : size = value->size;
1062 : :
1063 [ + + ]: 36 : if (data == NULL)
1064 : : {
1065 : 2 : g_assert (size == 0);
1066 : 2 : data = bytes_data;
1067 : : }
1068 : :
1069 [ + + + + ]: 36 : if (data == bytes_data && size == bytes_size)
1070 : 33 : return g_bytes_ref (value->contents.serialised.bytes);
1071 : : else
1072 : 3 : return g_bytes_new_from_bytes (value->contents.serialised.bytes,
1073 : 3 : data - bytes_data, size);
1074 : : }
1075 : :
1076 : :
1077 : : /**
1078 : : * g_variant_n_children:
1079 : : * @value: a container #GVariant
1080 : : *
1081 : : * Determines the number of children in a container #GVariant instance.
1082 : : * This includes variants, maybes, arrays, tuples and dictionary
1083 : : * entries. It is an error to call this function on any other type of
1084 : : * #GVariant.
1085 : : *
1086 : : * For variants, the return value is always 1. For values with maybe
1087 : : * types, it is always zero or one. For arrays, it is the length of the
1088 : : * array. For tuples it is the number of tuple items (which depends
1089 : : * only on the type). For dictionary entries, it is always 2
1090 : : *
1091 : : * This function is O(1).
1092 : : *
1093 : : * Returns: the number of children in the container
1094 : : *
1095 : : * Since: 2.24
1096 : : **/
1097 : : gsize
1098 : 3200165 : g_variant_n_children (GVariant *value)
1099 : : {
1100 : : gsize n_children;
1101 : :
1102 : 3200165 : g_variant_lock (value);
1103 : :
1104 [ + + ]: 3200165 : if (value->state & STATE_SERIALISED)
1105 : 53203 : n_children = g_variant_serialised_n_children (
1106 : : g_variant_to_serialised (value));
1107 : : else
1108 : 3146962 : n_children = value->contents.tree.n_children;
1109 : :
1110 : 3200165 : g_variant_unlock (value);
1111 : :
1112 : 3200165 : return n_children;
1113 : : }
1114 : :
1115 : : /**
1116 : : * g_variant_get_child_value:
1117 : : * @value: a container #GVariant
1118 : : * @index_: the index of the child to fetch
1119 : : *
1120 : : * Reads a child item out of a container #GVariant instance. This
1121 : : * includes variants, maybes, arrays, tuples and dictionary
1122 : : * entries. It is an error to call this function on any other type of
1123 : : * #GVariant.
1124 : : *
1125 : : * It is an error if @index_ is greater than the number of child items
1126 : : * in the container. See g_variant_n_children().
1127 : : *
1128 : : * The returned value is never floating. You should free it with
1129 : : * g_variant_unref() when you're done with it.
1130 : : *
1131 : : * Note that values borrowed from the returned child are not guaranteed to
1132 : : * still be valid after the child is freed even if you still hold a reference
1133 : : * to @value, if @value has not been serialized at the time this function is
1134 : : * called. To avoid this, you can serialize @value by calling
1135 : : * g_variant_get_data() and optionally ignoring the return value.
1136 : : *
1137 : : * There may be implementation specific restrictions on deeply nested values,
1138 : : * which would result in the unit tuple being returned as the child value,
1139 : : * instead of further nested children. #GVariant is guaranteed to handle
1140 : : * nesting up to at least 64 levels.
1141 : : *
1142 : : * This function is O(1).
1143 : : *
1144 : : * Returns: (transfer full): the child at the specified index
1145 : : *
1146 : : * Since: 2.24
1147 : : **/
1148 : : GVariant *
1149 : 3646516 : g_variant_get_child_value (GVariant *value,
1150 : : gsize index_)
1151 : : {
1152 : 3646516 : g_return_val_if_fail (value->depth < G_MAXSIZE, NULL);
1153 : :
1154 [ + + ]: 3646516 : if (~g_atomic_int_get (&value->state) & STATE_SERIALISED)
1155 : : {
1156 : : /* g_variant_serialised_get_child() does its own checks on index_ */
1157 : 2929003 : g_return_val_if_fail (index_ < g_variant_n_children (value), NULL);
1158 : :
1159 : 2929003 : g_variant_lock (value);
1160 : :
1161 [ + - ]: 2929003 : if (~value->state & STATE_SERIALISED)
1162 : : {
1163 : : GVariant *child;
1164 : :
1165 : 2929003 : child = g_variant_ref (value->contents.tree.children[index_]);
1166 : 2929003 : g_variant_unlock (value);
1167 : :
1168 : 2929003 : return child;
1169 : : }
1170 : :
1171 : 0 : g_variant_unlock (value);
1172 : : }
1173 : :
1174 : : {
1175 : 717513 : GVariantSerialised serialised = g_variant_to_serialised (value);
1176 : : GVariantSerialised s_child;
1177 : : GVariant *child;
1178 : :
1179 : : /* get the serializer to extract the serialized data for the child
1180 : : * from the serialized data for the container
1181 : : */
1182 : 717513 : s_child = g_variant_serialised_get_child (serialised, index_);
1183 : :
1184 : : /* Update the cached ordered_offsets_up_to, since @serialised will be thrown away when this function exits */
1185 : 717513 : value->contents.serialised.ordered_offsets_up_to = MAX (value->contents.serialised.ordered_offsets_up_to, serialised.ordered_offsets_up_to);
1186 : 717513 : value->contents.serialised.checked_offsets_up_to = MAX (value->contents.serialised.checked_offsets_up_to, serialised.checked_offsets_up_to);
1187 : :
1188 : : /* Check whether this would cause nesting too deep. If so, return a fake
1189 : : * child. The only situation we expect this to happen in is with a variant,
1190 : : * as all other deeply-nested types have a static type, and hence should
1191 : : * have been rejected earlier. In the case of a variant whose nesting plus
1192 : : * the depth of its child is too great, return a unit variant () instead of
1193 : : * the real child. */
1194 [ + + ]: 717513 : if (!(value->state & STATE_TRUSTED) &&
1195 : 130718 : g_variant_type_info_query_depth (s_child.type_info) >=
1196 [ - + ]: 130718 : G_VARIANT_MAX_RECURSION_DEPTH - value->depth)
1197 : : {
1198 : 0 : g_assert (g_variant_is_of_type (value, G_VARIANT_TYPE_VARIANT));
1199 : 0 : g_variant_type_info_unref (s_child.type_info);
1200 : 0 : return g_variant_new_tuple (NULL, 0);
1201 : : }
1202 : :
1203 : : /* create a new serialized instance out of it */
1204 : 717513 : child = g_slice_new (GVariant);
1205 : 717513 : child->type_info = s_child.type_info;
1206 : 717513 : child->state = (value->state & STATE_TRUSTED) |
1207 : : STATE_SERIALISED;
1208 : 717513 : child->size = s_child.size;
1209 : 717513 : g_atomic_ref_count_init (&child->ref_count);
1210 : 717513 : child->depth = value->depth + 1;
1211 : 717513 : child->contents.serialised.bytes =
1212 : 717513 : g_bytes_ref (value->contents.serialised.bytes);
1213 : 717513 : child->contents.serialised.data = s_child.data;
1214 [ + + ]: 717513 : child->contents.serialised.ordered_offsets_up_to = (value->state & STATE_TRUSTED) ? G_MAXSIZE : s_child.ordered_offsets_up_to;
1215 [ + + ]: 717513 : child->contents.serialised.checked_offsets_up_to = (value->state & STATE_TRUSTED) ? G_MAXSIZE : s_child.checked_offsets_up_to;
1216 : :
1217 : 717513 : TRACE(GLIB_VARIANT_FROM_PARENT(child, child->type_info, child->ref_count, child->state, value));
1218 : :
1219 : 717513 : return child;
1220 : : }
1221 : : }
1222 : :
1223 : : /**
1224 : : * g_variant_maybe_get_child_value:
1225 : : * @value: a container #GVariant
1226 : : * @index_: the index of the child to fetch
1227 : : *
1228 : : * Reads a child item out of a container #GVariant instance, if it is in normal
1229 : : * form. If it is not in normal form, return %NULL.
1230 : : *
1231 : : * This function behaves the same as g_variant_get_child_value(), except that it
1232 : : * returns %NULL if the child is not in normal form. g_variant_get_child_value()
1233 : : * would instead return a new default value of the correct type.
1234 : : *
1235 : : * This is intended to be used internally to avoid unnecessary #GVariant
1236 : : * allocations.
1237 : : *
1238 : : * The returned value is never floating. You should free it with
1239 : : * g_variant_unref() when you're done with it.
1240 : : *
1241 : : * This function is O(1).
1242 : : *
1243 : : * Returns: (transfer full): the child at the specified index
1244 : : *
1245 : : * Since: 2.74
1246 : : */
1247 : : GVariant *
1248 : 15604 : g_variant_maybe_get_child_value (GVariant *value,
1249 : : gsize index_)
1250 : : {
1251 : 15604 : g_return_val_if_fail (value->depth < G_MAXSIZE, NULL);
1252 : :
1253 [ - + ]: 15604 : if (~g_atomic_int_get (&value->state) & STATE_SERIALISED)
1254 : : {
1255 : : /* g_variant_serialised_get_child() does its own checks on index_ */
1256 : 0 : g_return_val_if_fail (index_ < g_variant_n_children (value), NULL);
1257 : :
1258 : 0 : g_variant_lock (value);
1259 : :
1260 [ # # ]: 0 : if (~value->state & STATE_SERIALISED)
1261 : : {
1262 : : GVariant *child;
1263 : :
1264 : 0 : child = g_variant_ref (value->contents.tree.children[index_]);
1265 : 0 : g_variant_unlock (value);
1266 : :
1267 : 0 : return child;
1268 : : }
1269 : :
1270 : 0 : g_variant_unlock (value);
1271 : : }
1272 : :
1273 : : {
1274 : 15604 : GVariantSerialised serialised = g_variant_to_serialised (value);
1275 : : GVariantSerialised s_child;
1276 : :
1277 : : /* get the serializer to extract the serialized data for the child
1278 : : * from the serialized data for the container
1279 : : */
1280 : 15604 : s_child = g_variant_serialised_get_child (serialised, index_);
1281 : :
1282 [ + - + + ]: 15604 : if (!(value->state & STATE_TRUSTED) && s_child.data == NULL)
1283 : : {
1284 : 15593 : g_variant_type_info_unref (s_child.type_info);
1285 : 15593 : return NULL;
1286 : : }
1287 : :
1288 : 11 : g_variant_type_info_unref (s_child.type_info);
1289 : 11 : return g_variant_get_child_value (value, index_);
1290 : : }
1291 : : }
1292 : :
1293 : : /**
1294 : : * g_variant_store:
1295 : : * @value: the #GVariant to store
1296 : : * @data: (not nullable): the location to store the serialized data at
1297 : : *
1298 : : * Stores the serialized form of @value at @data. @data should be
1299 : : * large enough. See g_variant_get_size().
1300 : : *
1301 : : * The stored data is in machine native byte order but may not be in
1302 : : * fully-normalised form if read from an untrusted source. See
1303 : : * g_variant_get_normal_form() for a solution.
1304 : : *
1305 : : * As with g_variant_get_data(), to be able to deserialize the
1306 : : * serialized variant successfully, its type and (if the destination
1307 : : * machine might be different) its endianness must also be available.
1308 : : *
1309 : : * This function is approximately O(n) in the size of @data.
1310 : : *
1311 : : * Since: 2.24
1312 : : **/
1313 : : void
1314 : 210586 : g_variant_store (GVariant *value,
1315 : : gpointer data)
1316 : : {
1317 : 210586 : g_variant_lock (value);
1318 : :
1319 [ + + ]: 210586 : if (value->state & STATE_SERIALISED)
1320 : : {
1321 [ + + ]: 195305 : if (value->contents.serialised.data != NULL)
1322 : 195264 : memcpy (data, value->contents.serialised.data, value->size);
1323 : : else
1324 : 41 : memset (data, 0, value->size);
1325 : : }
1326 : : else
1327 : 15281 : g_variant_serialise (value, data);
1328 : :
1329 : 210586 : g_variant_unlock (value);
1330 : 210586 : }
1331 : :
1332 : : /**
1333 : : * g_variant_is_normal_form:
1334 : : * @value: a #GVariant instance
1335 : : *
1336 : : * Checks if @value is in normal form.
1337 : : *
1338 : : * The main reason to do this is to detect if a given chunk of
1339 : : * serialized data is in normal form: load the data into a #GVariant
1340 : : * using g_variant_new_from_data() and then use this function to
1341 : : * check.
1342 : : *
1343 : : * If @value is found to be in normal form then it will be marked as
1344 : : * being trusted. If the value was already marked as being trusted then
1345 : : * this function will immediately return %TRUE.
1346 : : *
1347 : : * There may be implementation specific restrictions on deeply nested values.
1348 : : * GVariant is guaranteed to handle nesting up to at least 64 levels.
1349 : : *
1350 : : * Returns: %TRUE if @value is in normal form
1351 : : *
1352 : : * Since: 2.24
1353 : : **/
1354 : : gboolean
1355 : 665 : g_variant_is_normal_form (GVariant *value)
1356 : : {
1357 [ + + ]: 665 : if (value->state & STATE_TRUSTED)
1358 : 94 : return TRUE;
1359 : :
1360 : 571 : g_variant_lock (value);
1361 : :
1362 [ - + ]: 571 : if (value->depth >= G_VARIANT_MAX_RECURSION_DEPTH)
1363 : 0 : return FALSE;
1364 : :
1365 [ + - ]: 571 : if (value->state & STATE_SERIALISED)
1366 : : {
1367 [ + + ]: 571 : if (g_variant_serialised_is_normal (g_variant_to_serialised (value)))
1368 : 298 : value->state |= STATE_TRUSTED;
1369 : : }
1370 : : else
1371 : : {
1372 : 0 : gboolean normal = TRUE;
1373 : : gsize i;
1374 : :
1375 [ # # ]: 0 : for (i = 0; i < value->contents.tree.n_children; i++)
1376 : 0 : normal &= g_variant_is_normal_form (value->contents.tree.children[i]);
1377 : :
1378 [ # # ]: 0 : if (normal)
1379 : 0 : value->state |= STATE_TRUSTED;
1380 : : }
1381 : :
1382 : 571 : g_variant_unlock (value);
1383 : :
1384 : 571 : return (value->state & STATE_TRUSTED) != 0;
1385 : : }
|
