Vala doesn't ensure the array passed to gtk_application_set_accels_for_action is null terminated
Submitted by Greg V
Link to original bug (#794731)
Description
A common (at least in the elementary OS world) idiom for setting GTK accelerators seems to be using a Gee.HashMultiMap's to_array like this:
The GTK vapi marks that argument as null terminated:
public void set_accels_for_action (string detailed_action_name, [CCode (array_length = false, array_null_terminated = true)] string[] accels);
But the generated C code does not make it null terminated:
https://github.com/Alecaddd/sequeler/issues/96#issuecomment-375301139
So GTK starts reading garbage, which results in funny messages like
(Sequeler:50044): Gtk-WARNING **: 16:01:05.864: Unable to parse accelerator '\u0008\x8dn\u000b\u0008': ignored request to install 501 accelerators
(501 accelerators!) and much worse, SEGFAULTS!
(Apart from Sequeler, this happens in Geary when clicking "reply".)
I'm not sure where exactly should this be fixed — should Vala codegen ensure null-termination when passing to an array_null_terminated argument? Should libgee null-terminate in to_array? Should consumers construct new arrays instead of this (rather silly IMO) multimap trick?
And I'm extremely not sure how this wasn't discovered on Linux?! Was some unintended magic making them null terminated?
Version: 0.40.x