gstrfuncs: Deprecate g_memdup() in favour of g_memdup2() (!1928) · Merge requests · GNOME / GLib

Philip Withnall requested to merge pwithnall/glib:2319-memdup-deprecation into master Feb 04, 2021

Unfortunately, g_memdup() accepts its size argument as a guint, unlike most other functions which deal with memory sizes — they all use gsize. gsize is 64 bits on 64-bit machines, while guint is only 32 bits. This can lead to a silent (with default compiler warnings) truncation of the value provided by the caller. For large values, this will result in the returned heap allocation being significantly smaller than the caller expects, which will then lead to buffer overflow reads/writes.

Any code using g_memdup() should immediately port to g_memdup2() and check the pointer arithmetic around their call site to ensure there aren’t other overflows.

Signed-off-by: Philip Withnall pwithnall@endlessos.org Fixes: #2319 (closed)

Edited Feb 15, 2021 by Philip Withnall

gstrfuncs: Deprecate g_memdup() in favour of g_memdup2()

Merge request reports