gdbus-codegen: Initialize output variables and possibly add safety checks
By initializing output variables to sane values (pointers to NULL
, numbers to 0
, and so on) can help when the caller does a wrong thing. Similarly adding safety checks (g_return[_val]_fi_fail(....)
) into the generated code might help improving code safety.
In my particular case, there is generated this code with glib 2.74.1:
gchar *
e_dbus_source_dup_uid (EDBusSource *object)
{
gchar *value;
g_object_get (G_OBJECT (object), "uid", &value, NULL);
return value;
}
The code which calls this function expected the object
to never be NULL
, thus it did something like:
gchar *uid = e_dbus_source_dup_uid (object);
/* ... do something with the `uid` .... */
g_free (uid);
when the object
is NULL
, or an invalid object, the e_dbus_source_dup_uid()
returns uninitialized value
variable, because g_object_get()
returns early on g_return_if_fail (G_IS_OBJECT (object))
, thus the g_free()
call frees a memory whenever the stack-allocated value
variable pointed to.
You can be sure finding such things is more than just tricky.
That being said, adding safety check for in-parameters of the generated functions and initialize output variables will make the code generally safer and more secure, from my point of view.