rpms/glib2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS glib2-2.68.4-19.el9

Browse Source
This commit is contained in:
AlmaLinux RelEng Bot 2026-03-30 11:21:57 -04:00
parent dbcbcc7412
commit 22efdcef5d
7 changed files with 1113 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
SOURCES/CVE-2024-52533.patch Normal file
View File

@ -0,0 +1,45 @@
From 25833cefda24c60af913d6f2d532b5afd608b821 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 19 Sep 2024 18:35:53 +0100
Subject: [PATCH] gsocks4aproxy: Fix a single byte buffer overflow in connect
messages
`SOCKS4_CONN_MSG_LEN` failed to account for the length of the final nul
byte in the connect message, which is an addition in SOCKSv4a vs
SOCKSv4.
This means that the buffer for building and transmitting the connect
message could be overflowed if the username and hostname are both
`SOCKS4_MAX_LEN` (255) bytes long.
Proxy configurations are normally statically configured, so the username
is very unlikely to be near its maximum length, and hence this overflow
is unlikely to be triggered in practice.
(Commit message by Philip Withnall, diagnosis and fix by Michael
Catanzaro.)
Fixes: #3461
---
gio/gsocks4aproxy.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gio/gsocks4aproxy.c b/gio/gsocks4aproxy.c
index 3dad118eb7..b3146d08fd 100644
--- a/gio/gsocks4aproxy.c
+++ b/gio/gsocks4aproxy.c
@@ -79,9 +79,9 @@ g_socks4a_proxy_init (GSocks4aProxy *proxy)
* +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
* | VN | CD | DSTPORT | DSTIP | USERID |NULL| HOST | | NULL |
* +----+----+----+----+----+----+----+----+----+----+....+----+------+....+------+
- * 1 1 2 4 variable 1 variable
+ * 1 1 2 4 variable 1 variable 1
*/
-#define SOCKS4_CONN_MSG_LEN (9 + SOCKS4_MAX_LEN * 2)
+#define SOCKS4_CONN_MSG_LEN (10 + SOCKS4_MAX_LEN * 2)
static gint
set_connect_msg (guint8 *msg,
const gchar *hostname,
--
GitLab

124
SOURCES/CVE-2025-13601.patch Normal file
View File

@ -0,0 +1,124 @@
From be4f154723a177201a8e81174a230416473bce33 Mon Sep 17 00:00:00 2001
From: Philip Withnall <pwithnall@gnome.org>
Date: Thu, 13 Nov 2025 18:27:22 +0000
Subject: [PATCH] gconvert: Error out if g_escape_uri_string() would overflow
If the string to escape contains a very large number of unacceptable
characters (which would need escaping), the calculation of the length of
the escaped string could overflow, leading to a potential write off the
end of the newly allocated string.
In addition to that, the number of unacceptable characters was counted
in a signed integer, which would overflow to become negative, making it
easier for an attacker to craft an input string which would cause an
out-of-bounds write.
Fix that by validating the allocation length, and using an unsigned
integer to count the number of unacceptable characters.
Spotted by treeplus. Thanks to the Sovereign Tech Resilience programme
from the Sovereign Tech Agency. ID: #YWH-PGM9867-134
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
Fixes: #3827
---
glib/gconvert.c | 36 +++++++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 11 deletions(-)
diff --git a/glib/gconvert.c b/glib/gconvert.c
index f78cff01d..5f3e49066 100644
--- a/glib/gconvert.c
+++ b/glib/gconvert.c
@@ -1378,8 +1378,9 @@ static const gchar hex[16] = "0123456789ABCDEF";
/* Note: This escape function works on file: URIs, but if you want to
* escape something else, please read RFC-2396 */
static gchar *
-g_escape_uri_string (const gchar *string,
- UnsafeCharacterSet mask)
+g_escape_uri_string (const gchar *string,
+ UnsafeCharacterSet mask,
+ GError **error)
{
#define ACCEPTABLE(a) ((a)>=32 && (a)<128 && (acceptable[(a)-32] & use_mask))
@@ -1387,7 +1388,7 @@ g_escape_uri_string (const gchar *string,
gchar *q;
gchar *result;
int c;
- gint unacceptable;
+ size_t unacceptable;
UnsafeCharacterSet use_mask;
g_return_val_if_fail (mask == UNSAFE_ALL
@@ -1404,7 +1405,14 @@ g_escape_uri_string (const gchar *string,
if (!ACCEPTABLE (c))
unacceptable++;
}
-
+
+ if (unacceptable >= (G_MAXSIZE - (p - string)) / 2)
+ {
+ g_set_error_literal (error, G_CONVERT_ERROR, G_CONVERT_ERROR_BAD_URI,
+ _("The URI is too long"));
+ return NULL;
+ }
+
result = g_malloc (p - string + unacceptable * 2 + 1);
use_mask = mask;
@@ -1429,12 +1437,13 @@ g_escape_uri_string (const gchar *string,
static gchar *
-g_escape_file_uri (const gchar *hostname,
- const gchar *pathname)
+g_escape_file_uri (const gchar *hostname,
+ const gchar *pathname,
+ GError **error)
{
char *escaped_hostname = NULL;
- char *escaped_path;
- char *res;
+ char *escaped_path = NULL;
+ char *res = NULL;
#ifdef G_OS_WIN32
char *p, *backslash;
@@ -1455,10 +1464,14 @@ g_escape_file_uri (const gchar *hostname,
if (hostname && *hostname != '\0')
{
- escaped_hostname = g_escape_uri_string (hostname, UNSAFE_HOST);
+ escaped_hostname = g_escape_uri_string (hostname, UNSAFE_HOST, error);
+ if (escaped_hostname == NULL)
+ goto out;
}
- escaped_path = g_escape_uri_string (pathname, UNSAFE_PATH);
+ escaped_path = g_escape_uri_string (pathname, UNSAFE_PATH, error);
+ if (escaped_path == NULL)
+ goto out;
res = g_strconcat ("file://",
(escaped_hostname) ? escaped_hostname : "",
@@ -1466,6 +1479,7 @@ g_escape_file_uri (const gchar *hostname,
escaped_path,
NULL);
+out:
#ifdef G_OS_WIN32
g_free ((char *) pathname);
#endif
@@ -1785,7 +1799,7 @@ g_filename_to_uri (const gchar *filename,
hostname = NULL;
#endif
- escaped_uri = g_escape_file_uri (hostname, filename);
+ escaped_uri = g_escape_file_uri (hostname, filename, error);
return escaped_uri;
}
--
2.52.0

140
SOURCES/CVE-2025-4373.patch Normal file
View File

@ -0,0 +1,140 @@
From cc647f9e46d55509a93498af19659baf9c80f2e3 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 10 Apr 2025 10:57:20 -0500
Subject: [PATCH] gstring: carefully handle gssize parameters
Wherever we use gssize to allow passing -1, we need to ensure we don't
overflow the value by assigning a gsize to it without checking if the
size exceeds the maximum gssize. The safest way to do this is to just
use normal gsize everywhere instead and use gssize only for the
parameter.
Our computers don't have enough RAM to write tests for this. I tried
forcing string->len to high values for test purposes, but this isn't
valid and will just cause out of bounds reads/writes due to
string->allocated_len being unexpectedly small, so I don't think we can
test this easily.
---
glib/gstring.c | 36 +++++++++++++++++++++++-------------
1 file changed, 23 insertions(+), 13 deletions(-)
diff --git a/glib/gstring.c b/glib/gstring.c
index 5279ed3cca..d79a4849c0 100644
--- a/glib/gstring.c
+++ b/glib/gstring.c
@@ -480,8 +480,9 @@ g_string_insert_len (GString *string,
return string;
if (len < 0)
- len = strlen (val);
- len_unsigned = len;
+ len_unsigned = strlen (val);
+ else
+ len_unsigned = len;
if (pos < 0)
pos_unsigned = string->len;
@@ -778,10 +779,12 @@ g_string_insert_c (GString *string,
g_string_maybe_expand (string, 1);
if (pos < 0)
- pos = string->len;
+ pos_unsigned = string->len;
else
- g_return_val_if_fail ((gsize) pos <= string->len, string);
- pos_unsigned = pos;
+ {
+ pos_unsigned = pos;
+ g_return_val_if_fail (pos_unsigned <= string->len, string);
+ }
/* If not just an append, move the old stuff */
if (pos_unsigned < string->len)
@@ -814,6 +817,7 @@ g_string_insert_unichar (GString *string,
gssize pos,
gunichar wc)
{
+ gsize pos_unsigned;
gint charlen, first, i;
gchar *dest;
@@ -855,15 +859,18 @@ g_string_insert_unichar (GString *string,
g_string_maybe_expand (string, charlen);
if (pos < 0)
- pos = string->len;
+ pos_unsigned = string->len;
else
- g_return_val_if_fail ((gsize) pos <= string->len, string);
+ {
+ pos_unsigned = pos;
+ g_return_val_if_fail (pos_unsigned <= string->len, string);
+ }
/* If not just an append, move the old stuff */
- if ((gsize) pos < string->len)
- memmove (string->str + pos + charlen, string->str + pos, string->len - pos);
+ if (pos_unsigned < string->len)
+ memmove (string->str + pos_unsigned + charlen, string->str + pos_unsigned, string->len - pos_unsigned);
- dest = string->str + pos;
+ dest = string->str + pos_unsigned;
/* Code copied from g_unichar_to_utf() */
for (i = charlen - 1; i > 0; --i)
{
@@ -921,6 +928,7 @@ g_string_overwrite_len (GString *string,
const gchar *val,
gssize len)
{
+ gssize len_unsigned;
gsize end;
g_return_val_if_fail (string != NULL, NULL);
@@ -932,14 +940,16 @@ g_string_overwrite_len (GString *string,
g_return_val_if_fail (pos <= string->len, string);
if (len < 0)
- len = strlen (val);
+ len_unsigned = strlen (val);
+ else
+ len_unsigned = len;
- end = pos + len;
+ end = pos + len_unsigned;
if (end > string->len)
g_string_maybe_expand (string, end - string->len);
- memcpy (string->str + pos, val, len);
+ memcpy (string->str + pos, val, len_unsigned);
if (end > string->len)
{
--
GitLab
From 089070bf53807ad2a81bc0b014ad19016fada2a5 Mon Sep 17 00:00:00 2001
From: Peter Bloomfield <PeterBloomfield@bellsouth.net>
Date: Thu, 10 Apr 2025 22:12:49 -0400
Subject: [PATCH] gstring: Make len_unsigned unsigned
Declare `len_unsigned` as `gsize` instead of `gssize`.
---
glib/gstring.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/glib/gstring.c b/glib/gstring.c
index d79a4849c0..2a399ee21f 100644
--- a/glib/gstring.c
+++ b/glib/gstring.c
@@ -928,7 +928,7 @@ g_string_overwrite_len (GString *string,
const gchar *val,
gssize len)
{
- gssize len_unsigned;
+ gsize len_unsigned;
gsize end;
g_return_val_if_fail (string != NULL, NULL);
--
GitLab

187
SOURCES/gdatetime-test.patch Normal file
View File

@ -0,0 +1,187 @@
From e608f34a060f2def4afeefc6e54b3189e6a82393 Mon Sep 17 00:00:00 2001
From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>
Date: Fri, 11 Oct 2024 09:38:52 +0100
Subject: [PATCH 1/3] gdatetime test: Do not assume PST8PDT was always exactly
-8/-7
In newer tzdata, it is an alias for America/Los_Angeles, which has a
slightly different meaning: DST did not exist there before 1883. As a
result, we can no longer hard-code the knowledge that interval 0 is
standard time and interval 1 is summer time, and instead we need to look
up the correct intervals from known timestamps.
Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/3502
Bug-Debian: https://bugs.debian.org/1084190
[smcv: expand commit message, fix whitespace]
Signed-off-by: Simon McVittie <smcv@debian.org>
---
glib/tests/gdatetime.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/glib/tests/gdatetime.c b/glib/tests/gdatetime.c
index bc4eba93a..2697e3caa 100644
--- a/glib/tests/gdatetime.c
+++ b/glib/tests/gdatetime.c
@@ -2475,6 +2475,7 @@ test_posix_parse (void)
{
GTimeZone *tz;
GDateTime *gdt1, *gdt2;
+ gint i1, i2;
/* Check that an unknown zone name falls back to UTC. */
G_GNUC_BEGIN_IGNORE_DEPRECATIONS
@@ -2498,16 +2499,25 @@ test_posix_parse (void)
/* This fails rules_from_identifier on Unix (though not on Windows)
* but passes anyway because PST8PDT is a zone name.
+ *
+ * Intervals i1 and i2 (rather than 0 and 1) are needed because in
+ * recent tzdata, PST8PDT may be an alias for America/Los_Angeles,
+ * and hence be aware that DST has not always existed.
+ * https://bugs.debian.org/1084190
*/
tz = g_time_zone_new_identifier ("PST8PDT");
g_assert_nonnull (tz);
g_assert_cmpstr (g_time_zone_get_identifier (tz), ==, "PST8PDT");
- g_assert_cmpstr (g_time_zone_get_abbreviation (tz, 0), ==, "PST");
- g_assert_cmpint (g_time_zone_get_offset (tz, 0), ==, - 8 * 3600);
- g_assert (!g_time_zone_is_dst (tz, 0));
- g_assert_cmpstr (g_time_zone_get_abbreviation (tz, 1), ==, "PDT");
- g_assert_cmpint (g_time_zone_get_offset (tz, 1), ==,- 7 * 3600);
- g_assert (g_time_zone_is_dst (tz, 1));
+ /* a date in winter = non-DST */
+ i1 = g_time_zone_find_interval (tz, G_TIME_TYPE_STANDARD, 0);
+ /* approximately 6 months in seconds, i.e. a date in summer = DST */
+ i2 = g_time_zone_find_interval (tz, G_TIME_TYPE_DAYLIGHT, 15000000);
+ g_assert_cmpstr (g_time_zone_get_abbreviation (tz, i1), ==, "PST");
+ g_assert_cmpint (g_time_zone_get_offset (tz, i1), ==, - 8 * 3600);
+ g_assert (!g_time_zone_is_dst (tz, i1));
+ g_assert_cmpstr (g_time_zone_get_abbreviation (tz, i2), ==, "PDT");
+ g_assert_cmpint (g_time_zone_get_offset (tz, i2), ==,- 7 * 3600);
+ g_assert (g_time_zone_is_dst (tz, i2));
g_time_zone_unref (tz);
tz = g_time_zone_new_identifier ("PST8PDT6:32:15");
--
2.50.0
From a2a6ca391d16e76f74fe28f2bf33fecd0ded1293 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Fri, 18 Oct 2024 11:03:19 +0100
Subject: [PATCH 2/3] gdatetime test: Try to make PST8PDT test more obviously
correct
Instead of using timestamp 0 as a magic number (in this case interpreted
as 1970-01-01T00:00:00-08:00), calculate a timestamp from a recent
year/month/day in winter, in this case 2024-01-01T00:00:00-08:00.
Similarly, instead of using a timestamp 15 million seconds later
(1970-06-23T15:40:00-07:00), calculate a timestamp from a recent
year/month/day in summer, in this case 2024-07-01T00:00:00-07:00.
Signed-off-by: Simon McVittie <smcv@debian.org>
---
glib/tests/gdatetime.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/glib/tests/gdatetime.c b/glib/tests/gdatetime.c
index 2697e3caa..676951cce 100644
--- a/glib/tests/gdatetime.c
+++ b/glib/tests/gdatetime.c
@@ -2499,19 +2499,16 @@ test_posix_parse (void)
/* This fails rules_from_identifier on Unix (though not on Windows)
* but passes anyway because PST8PDT is a zone name.
- *
- * Intervals i1 and i2 (rather than 0 and 1) are needed because in
- * recent tzdata, PST8PDT may be an alias for America/Los_Angeles,
- * and hence be aware that DST has not always existed.
- * https://bugs.debian.org/1084190
*/
tz = g_time_zone_new_identifier ("PST8PDT");
g_assert_nonnull (tz);
g_assert_cmpstr (g_time_zone_get_identifier (tz), ==, "PST8PDT");
/* a date in winter = non-DST */
- i1 = g_time_zone_find_interval (tz, G_TIME_TYPE_STANDARD, 0);
- /* approximately 6 months in seconds, i.e. a date in summer = DST */
- i2 = g_time_zone_find_interval (tz, G_TIME_TYPE_DAYLIGHT, 15000000);
+ gdt1 = g_date_time_new (tz, 2024, 1, 1, 0, 0, 0);
+ i1 = g_time_zone_find_interval (tz, G_TIME_TYPE_STANDARD, g_date_time_to_unix (gdt1));
+ /* a date in summer = DST */
+ gdt2 = g_date_time_new (tz, 2024, 7, 1, 0, 0, 0);
+ i2 = g_time_zone_find_interval (tz, G_TIME_TYPE_DAYLIGHT, g_date_time_to_unix (gdt2));
g_assert_cmpstr (g_time_zone_get_abbreviation (tz, i1), ==, "PST");
g_assert_cmpint (g_time_zone_get_offset (tz, i1), ==, - 8 * 3600);
g_assert (!g_time_zone_is_dst (tz, i1));
@@ -2519,6 +2516,8 @@ test_posix_parse (void)
g_assert_cmpint (g_time_zone_get_offset (tz, i2), ==,- 7 * 3600);
g_assert (g_time_zone_is_dst (tz, i2));
g_time_zone_unref (tz);
+ g_date_time_unref (gdt1);
+ g_date_time_unref (gdt2);
tz = g_time_zone_new_identifier ("PST8PDT6:32:15");
#ifdef G_OS_WIN32
--
2.50.0
From 345a41982e7237f72e88b4ade951320df52553b2 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@debian.org>
Date: Fri, 18 Oct 2024 11:23:42 +0100
Subject: [PATCH 3/3] gdatetime test: Fall back if legacy System V PST8PDT is
not available
On recent versions of Debian, PST8PDT is part of the tzdata-legacy
package, which is not always installed and might disappear in future.
Successfully tested with and without tzdata-legacy on Debian unstable.
Signed-off-by: Simon McVittie <smcv@debian.org>
---
glib/tests/gdatetime.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/glib/tests/gdatetime.c b/glib/tests/gdatetime.c
index 676951cce..7512389e0 100644
--- a/glib/tests/gdatetime.c
+++ b/glib/tests/gdatetime.c
@@ -2476,6 +2476,7 @@ test_posix_parse (void)
GTimeZone *tz;
GDateTime *gdt1, *gdt2;
gint i1, i2;
+ const char *expect_id;
/* Check that an unknown zone name falls back to UTC. */
G_GNUC_BEGIN_IGNORE_DEPRECATIONS
@@ -2498,11 +2499,25 @@ test_posix_parse (void)
g_time_zone_unref (tz);
/* This fails rules_from_identifier on Unix (though not on Windows)
- * but passes anyway because PST8PDT is a zone name.
+ * but can pass anyway because PST8PDT is a legacy System V zone name.
*/
tz = g_time_zone_new_identifier ("PST8PDT");
+ expect_id = "PST8PDT";
+
+#ifndef G_OS_WIN32
+ /* PST8PDT is in tzdata's "backward" set, packaged as tzdata-legacy and
+ * not always present in some OSs; fall back to the equivalent geographical
+ * name if the "backward" time zones are absent. */
+ if (tz == NULL)
+ {
+ g_test_message ("Legacy PST8PDT time zone not available, falling back");
+ tz = g_time_zone_new_identifier ("America/Los_Angeles");
+ expect_id = "America/Los_Angeles";
+ }
+#endif
+
g_assert_nonnull (tz);
- g_assert_cmpstr (g_time_zone_get_identifier (tz), ==, "PST8PDT");
+ g_assert_cmpstr (g_time_zone_get_identifier (tz), ==, expect_id);
/* a date in winter = non-DST */
gdt1 = g_date_time_new (tz, 2024, 1, 1, 0, 0, 0);
i1 = g_time_zone_find_interval (tz, G_TIME_TYPE_STANDARD, g_date_time_to_unix (gdt1));
--
2.50.0

70
SOURCES/gdbusconnection-serial-number-overflow.patch Normal file
View File

@ -0,0 +1,70 @@
From 95f006a2d14fcc41c0b1823d07e2b8b871195548 Mon Sep 17 00:00:00 2001
From: Philip Withnall <pwithnall@gnome.org>
Date: Mon, 3 Feb 2025 18:27:21 +0000
Subject: [PATCH] gdbusconnection: Prevent sending a serial of zero on overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It finally happened: someone managed to keep a process alive long
enough, and using a single `GDBusConnection`, to overflow the
`last_serial` counter in the connection and send an invalid message with
serial of zero (which is disallowed by the D-Bus specification).
Avoid that happening in future by skipping serials of zero on overflow,
and wrapping straight back around to 1.
This looks a little more confusing than it is, because `last_serial` is
pre-incremented on use, so to skip zero, we explicitly set it to zero.
This is exactly what happens when the `GDBusConnection` is initialised
anyway.
I cant think of a way to add a unit test for this — there is no way to
affect the value of `last_serial` except by sending messages (each one
increments it), and in order to get it to overflow by sending messages
at 1kHz, the test would have to run for 49 days.
Instead, I tested this manually by temporarily modifying
`GDBusConnection` to initialise `last_serial` to `G_MAXUINT32 - 3`, then
checked that the unit tests all still passed, and that the overflow code
was being executed.
Signed-off-by: Philip Withnall <pwithnall@gnome.org>
Fixes: #3592
---
gio/gdbusconnection.c | 17 +++++++++++++++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c
index 348b5b9..96faaa1 100644
--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
@@ -1794,9 +1794,22 @@ g_dbus_connection_send_message_unlocked (GDBusConnection *connection,
goto out;
if (flags & G_DBUS_SEND_MESSAGE_FLAGS_PRESERVE_SERIAL)
- serial_to_use = g_dbus_message_get_serial (message);
+ {
+ serial_to_use = g_dbus_message_get_serial (message);
+ }
else
- serial_to_use = ++connection->last_serial; /* TODO: handle overflow */
+ {
+ /* The serial_to_use must not be zero, as per
+ * https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-messages. */
+ if (connection->last_serial == G_MAXUINT32)
+ connection->last_serial = 1;
+ else
+ connection->last_serial++;
+
+ serial_to_use = connection->last_serial;
+ }
+
+ g_assert (serial_to_use != 0);
switch (blob[0])
{
--
2.47.3

510
SOURCES/gunixmount-improvements.patch Normal file
View File

@ -0,0 +1,510 @@
From 704d650e4d43d8d563358fd75d80a5d97ce91127 Mon Sep 17 00:00:00 2001
From: Christian Hergert <chergert@redhat.com>
Date: Fri, 21 Nov 2025 12:31:13 -0800
Subject: [PATCH 1/5] gio/gunixmounts: mark some file-system types as system
Since this list was originally created, more file system types have
become commonly used and would benefit from being marked as a system
file-system type.
This was found while tracking down some performance issues in
gnome-settings-daemon trash handling.
---
gio/gunixmounts.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c
index 6abe87414..67bf3d36d 100644
--- a/gio/gunixmounts.c
+++ b/gio/gunixmounts.c
@@ -319,6 +319,8 @@ g_unix_is_system_fs_type (const char *fs_type)
"auto",
"autofs",
"autofs4",
+ "binfmt_misc",
+ "bpf",
"cgroup",
"configfs",
"cxfs",
@@ -327,6 +329,7 @@ g_unix_is_system_fs_type (const char *fs_type)
"devpts",
"devtmpfs",
"ecryptfs",
+ "efivarfs",
"fdescfs",
"fusectl",
"gfs",
@@ -355,6 +358,7 @@ g_unix_is_system_fs_type (const char *fs_type)
"selinuxfs",
"sysfs",
"tmpfs",
+ "tracefs",
"usbfs",
NULL
};
--
2.52.0
From d01e214e82774f25dde3523ca23ca09b8ab563f9 Mon Sep 17 00:00:00 2001
From: Ondrej Holy <oholy@redhat.com>
Date: Mon, 1 Dec 2025 15:36:02 +0100
Subject: [PATCH 2/5] gio/gunixmounts: Mark more file systems as system
internal
The commit f1a90a67 updated list of system internal file systems.
I think we can add a few more file systems (i.e. `cgroups2`,
`fuse.gvfsd-fuse`, `fuse.portal`) and `/bin/efi` path. This is to
improve performance of `gvfsd-trash`, `gsd-houskeeping` and similar.
Related: https://gitlab.gnome.org/GNOME/gvfs/-/issues/814
---
gio/gunixmounts.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c
index 67bf3d36d..2229e26f5 100644
--- a/gio/gunixmounts.c
+++ b/gio/gunixmounts.c
@@ -240,6 +240,7 @@ g_unix_is_mount_path_system_internal (const char *mount_path)
*/
"/", /* we already have "Filesystem root" in Nautilus */
"/bin",
+ "/bin/efi",
"/boot",
"/compat/linux/proc",
"/compat/linux/sys",
@@ -322,6 +323,7 @@ g_unix_is_system_fs_type (const char *fs_type)
"binfmt_misc",
"bpf",
"cgroup",
+ "cgroup2",
"configfs",
"cxfs",
"debugfs",
@@ -331,6 +333,8 @@ g_unix_is_system_fs_type (const char *fs_type)
"ecryptfs",
"efivarfs",
"fdescfs",
+ "fuse.gvfsd-fuse",
+ "fuse.portal",
"fusectl",
"gfs",
"gfs2",
--
2.52.0
From 2178d97df4c797e535211410cde4b2d184e77113 Mon Sep 17 00:00:00 2001
From: Ondrej Holy <oholy@redhat.com>
Date: Wed, 3 Dec 2025 10:02:15 +0100
Subject: [PATCH 3/5] gio/gunixmounts: Replace /bin/efi with /boot/efi
The commit 06e9f2c0 added `/bin/efi` instead of `/boot/efi` to the
list of system internal mount paths by mistake. Let's fix it.
---
gio/gunixmounts.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c
index 2229e26f5..b43382981 100644
--- a/gio/gunixmounts.c
+++ b/gio/gunixmounts.c
@@ -240,8 +240,8 @@ g_unix_is_mount_path_system_internal (const char *mount_path)
*/
"/", /* we already have "Filesystem root" in Nautilus */
"/bin",
- "/bin/efi",
"/boot",
+ "/boot/efi",
"/compat/linux/proc",
"/compat/linux/sys",
"/dev",
--
2.52.0
From e50947c3d432b823a164f2712ec00b0f0919d957 Mon Sep 17 00:00:00 2001
From: Christian Hergert <chergert@redhat.com>
Date: Fri, 21 Nov 2025 18:54:33 -0800
Subject: [PATCH 4/5] gio/unixmounts: use bsearch() to check for set inclusion
This turns out to be about 17% faster than the previous set comparisons
on large (in the thousands) /proc/mounts configurations. It does require
that we keep the lists sorted but ended up faster than gperf hashing.
---
gio/gunixmounts.c | 59 +++++++++++++++++++++++++----------------------
1 file changed, 31 insertions(+), 28 deletions(-)
diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c
index b43382981..d659e9fb5 100644
--- a/gio/gunixmounts.c
+++ b/gio/gunixmounts.c
@@ -39,6 +39,7 @@
#include <unistd.h>
#include <sys/time.h>
#include <errno.h>
+#include <stdlib.h>
#include <string.h>
#include <signal.h>
#include <gstdio.h>
@@ -207,16 +208,17 @@ static GSource *proc_mounts_watch_source;
static struct libmnt_monitor *proc_mounts_monitor = NULL;
#endif
+static int
+compare_str (const char * key,
+ const char * const *element)
+{
+ return strcmp (key, *element);
+}
+
static gboolean
-is_in (const char *value, const char *set[])
+is_in (const char *value, const char *set[], gsize set_size)
{
- int i;
- for (i = 0; set[i] != NULL; i++)
- {
- if (strcmp (set[i], value) == 0)
- return TRUE;
- }
- return FALSE;
+ return bsearch (value, set, set_size, sizeof (char *), (GCompareFunc)compare_str) != NULL;
}
/**
@@ -234,11 +236,12 @@ is_in (const char *value, const char *set[])
gboolean
g_unix_is_mount_path_system_internal (const char *mount_path)
{
+ /* keep sorted for bsearch */
const char *ignore_mountpoints[] = {
/* Includes all FHS 2.3 toplevel dirs and other specialized
* directories that we want to hide from the user.
*/
- "/", /* we already have "Filesystem root" in Nautilus */
+ "/", /* we already have "Filesystem root" in Nautilus */
"/bin",
"/boot",
"/boot/efi",
@@ -254,11 +257,15 @@ g_unix_is_mount_path_system_internal (const char *mount_path)
"/live/image",
"/media",
"/mnt",
+ "/net",
"/opt",
+ "/proc",
"/rescue",
"/root",
"/sbin",
+ "/sbin",
"/srv",
+ "/sys",
"/tmp",
"/usr",
"/usr/X11R6",
@@ -275,16 +282,16 @@ g_unix_is_mount_path_system_internal (const char *mount_path)
"/var/mail",
"/var/run",
"/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */
- "/proc",
- "/sbin",
- "/net",
- "/sys",
- NULL
};
- if (is_in (mount_path, ignore_mountpoints))
+ if (is_in (mount_path, ignore_mountpoints, G_N_ELEMENTS (ignore_mountpoints)))
return TRUE;
-
+
+ /* Kept separate from sorted list as they may vary */
+ if (g_str_equal ("/var", mount_path) ||
+ g_str_equal ("/run", mount_path))
+ return TRUE;
+
if (g_str_has_prefix (mount_path, "/dev/") ||
g_str_has_prefix (mount_path, "/proc/") ||
g_str_has_prefix (mount_path, "/sys/"))
@@ -314,14 +321,13 @@ g_unix_is_mount_path_system_internal (const char *mount_path)
gboolean
g_unix_is_system_fs_type (const char *fs_type)
{
+ /* keep sorted for bsearch */
const char *ignore_fs[] = {
"adfs",
"afs",
"auto",
"autofs",
"autofs4",
- "binfmt_misc",
- "bpf",
"cgroup",
"cgroup2",
"configfs",
@@ -331,7 +337,6 @@ g_unix_is_system_fs_type (const char *fs_type)
"devpts",
"devtmpfs",
"ecryptfs",
- "efivarfs",
"fdescfs",
"fuse.gvfsd-fuse",
"fuse.portal",
@@ -362,14 +367,12 @@ g_unix_is_system_fs_type (const char *fs_type)
"selinuxfs",
"sysfs",
"tmpfs",
- "tracefs",
"usbfs",
- NULL
};
g_return_val_if_fail (fs_type != NULL && *fs_type != '\0', FALSE);
- return is_in (fs_type, ignore_fs);
+ return is_in (fs_type, ignore_fs, G_N_ELEMENTS (ignore_fs));
}
/**
@@ -391,19 +394,19 @@ g_unix_is_system_fs_type (const char *fs_type)
gboolean
g_unix_is_system_device_path (const char *device_path)
{
+ /* keep sorted for bsearch */
const char *ignore_devices[] = {
- "none",
- "sunrpc",
- "devpts",
- "nfsd",
"/dev/loop",
"/dev/vn",
- NULL
+ "devpts",
+ "nfsd",
+ "none",
+ "sunrpc",
};
g_return_val_if_fail (device_path != NULL && *device_path != '\0', FALSE);
- return is_in (device_path, ignore_devices);
+ return is_in (device_path, ignore_devices, G_N_ELEMENTS (ignore_devices));
}
static gboolean
--
2.52.0
From dcc5d5e1ac3c8c80a5d7358c9162645614e9fe85 Mon Sep 17 00:00:00 2001
From: Christian Hergert <chergert@gnome.org>
Date: Tue, 6 Jan 2026 10:56:59 -0800
Subject: [PATCH 5/5] gio/unixmounts: test that mounts are in sorted order
---
gio/gunixmounts-private.h | 69 +++++++++++++++++++++++++++++++++++++++
gio/gunixmounts.c | 51 ++---------------------------
gio/tests/unix-mounts.c | 26 +++++++++++++++
3 files changed, 97 insertions(+), 49 deletions(-)
create mode 100644 gio/gunixmounts-private.h
diff --git a/gio/gunixmounts-private.h b/gio/gunixmounts-private.h
new file mode 100644
index 000000000..196e81aca
--- /dev/null
+++ b/gio/gunixmounts-private.h
@@ -0,0 +1,69 @@
+/* GIO - GLib Input, Output and Streaming Library
+ *
+ * Copyright 2006-2007 Red Hat, Inc.
+ * Copyright 2026 Christian Hergert
+ *
+ * SPDX-License-Identifier: LGPL-2.1-or-later
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+/* keep sorted for bsearch */
+static const char *system_mount_paths[] = {
+ /* Includes all FHS 2.3 toplevel dirs and other specialized
+ * directories that we want to hide from the user.
+ */
+ "/", /* we already have "Filesystem root" in Nautilus */
+ "/bin",
+ "/boot",
+ "/compat/linux/proc",
+ "/compat/linux/sys",
+ "/dev",
+ "/etc",
+ "/home",
+ "/lib",
+ "/lib64",
+ "/libexec",
+ "/live/cow",
+ "/live/image",
+ "/media",
+ "/mnt",
+ "/net",
+ "/opt",
+ "/proc",
+ "/rescue",
+ "/root",
+ "/sbin",
+ "/sbin",
+ "/srv",
+ "/sys",
+ "/tmp",
+ "/usr",
+ "/usr/X11R6",
+ "/usr/local",
+ "/usr/obj",
+ "/usr/ports",
+ "/usr/src",
+ "/usr/xobj",
+ "/var",
+ "/var/crash",
+ "/var/local",
+ "/var/log",
+ "/var/log/audit", /* https://bugzilla.redhat.com/show_bug.cgi?id=333041 */
+ "/var/mail",
+ "/var/run",
+ "/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */
+};
diff --git a/gio/gunixmounts.c b/gio/gunixmounts.c
index d659e9fb5..0ddecf966 100644
--- a/gio/gunixmounts.c
+++ b/gio/gunixmounts.c
@@ -65,6 +65,7 @@
#endif
#include "gunixmounts.h"
+#include "gunixmounts-private.h"
#include "gfile.h"
#include "gfilemonitor.h"
#include "glibintl.h"
@@ -236,55 +237,7 @@ is_in (const char *value, const char *set[], gsize set_size)
gboolean
g_unix_is_mount_path_system_internal (const char *mount_path)
{
- /* keep sorted for bsearch */
- const char *ignore_mountpoints[] = {
- /* Includes all FHS 2.3 toplevel dirs and other specialized
- * directories that we want to hide from the user.
- */
- "/", /* we already have "Filesystem root" in Nautilus */
- "/bin",
- "/boot",
- "/boot/efi",
- "/compat/linux/proc",
- "/compat/linux/sys",
- "/dev",
- "/etc",
- "/home",
- "/lib",
- "/lib64",
- "/libexec",
- "/live/cow",
- "/live/image",
- "/media",
- "/mnt",
- "/net",
- "/opt",
- "/proc",
- "/rescue",
- "/root",
- "/sbin",
- "/sbin",
- "/srv",
- "/sys",
- "/tmp",
- "/usr",
- "/usr/X11R6",
- "/usr/local",
- "/usr/obj",
- "/usr/ports",
- "/usr/src",
- "/usr/xobj",
- "/var",
- "/var/crash",
- "/var/local",
- "/var/log",
- "/var/log/audit", /* https://bugzilla.redhat.com/show_bug.cgi?id=333041 */
- "/var/mail",
- "/var/run",
- "/var/tmp", /* https://bugzilla.redhat.com/show_bug.cgi?id=335241 */
- };
-
- if (is_in (mount_path, ignore_mountpoints, G_N_ELEMENTS (ignore_mountpoints)))
+ if (is_in (mount_path, system_mount_paths, G_N_ELEMENTS (system_mount_paths)))
return TRUE;
/* Kept separate from sorted list as they may vary */
diff --git a/gio/tests/unix-mounts.c b/gio/tests/unix-mounts.c
index 67b8c8d98..ab4aaa23e 100644
--- a/gio/tests/unix-mounts.c
+++ b/gio/tests/unix-mounts.c
@@ -28,6 +28,8 @@
#include <gio/gio.h>
#include <gio/gunixmounts.h>
+#include "../gunixmounts-private.h"
+
static void
test_is_system_fs_type (void)
{
@@ -48,6 +50,29 @@ test_is_system_device_path (void)
g_assert_false (g_unix_is_system_device_path ("/"));
}
+static void
+test_system_mount_paths_sorted (void)
+{
+ size_t i;
+ size_t n_paths = G_N_ELEMENTS (system_mount_paths);
+
+ g_test_summary ("Verify that system_mount_paths array is sorted for bsearch");
+
+ for (i = 1; i < n_paths; i++)
+ {
+ int cmp = strcmp (system_mount_paths[i - 1], system_mount_paths[i]);
+ if (cmp > 0)
+ {
+ g_fprintf (stderr, "system_mount_paths array is not sorted: "
+ "\"%s\" should come before \"%s\"",
+ system_mount_paths[i - 1],
+ system_mount_paths[i]);
+ g_test_fail ();
+ return;
+ }
+ }
+}
+
int
main (int argc,
char *argv[])
@@ -58,6 +83,7 @@ main (int argc,
g_test_add_func ("/unix-mounts/is-system-fs-type", test_is_system_fs_type);
g_test_add_func ("/unix-mounts/is-system-device-path", test_is_system_device_path);
+ g_test_add_func ("/unix-mounts/system-mount-paths-sorted", test_system_mount_paths_sorted);
return g_test_run ();
}
--
2.52.0

38
SPECS/glib2.spec
View File

@ -1,6 +1,6 @@
Name: glib2
Version: 2.68.4
Release: 16%{?dist}
Release: 19%{?dist}
Summary: A library of handy utility functions
License: LGPLv2+
@ -63,6 +63,28 @@ Patch: 4038.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4155
Patch: 4155.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4281
Patch: CVE-2024-52533.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4588
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4592
Patch: CVE-2025-4373.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4356
Patch: gdatetime-test.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4470
Patch: gdbusconnection-serial-number-overflow.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914
Patch: CVE-2025-13601.patch
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4916
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4918
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4930
# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4931
Patch: gunixmount-improvements.patch
BuildRequires: chrpath
BuildRequires: gcc
BuildRequires: gcc-c++
@ -278,6 +300,20 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
%{_datadir}/installed-tests
%changelog
* Mon Jan 19 2026 Michael Catanzaro <mcatanzaro@redhat.com> - 2.68.4-19
- Add patch for CVE-2025-13601
- Fix GUnixMount issues
* Wed Sep 17 2025 RHEL Packaging Agent <jotnar@redhat.com> - 2.68.4-18
- gdbusconnection: Prevent sending a serial of zero on overflow
- Resolves: RHEL-114059
* Fri Jul 11 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.68.4-17
- Add patches for CVE-2024-52533 and CVE-2025-4373
- Update GDateTime test for new tzdata
- Resolves: RHEL-94483
- Resolves: RHEL-102844
* Thu Sep 26 2024 Ondrej Holy <oholy@redhat.com> - 2.68.4-16
- Add support for x-gvfs-trash mount option
- Resolves: RHEL-52360