Bug#1033568: marked as done (unblock: gnome-calendar/43.1-2)

Debian Bug Tracking System Mon, 27 Mar 2023 09:00:38 -0700

Your message dated Mon, 27 Mar 2023 15:57:26 +0000
with message-id <[email protected]>
and subject line unblock gnome-calendar
has caused the Debian Bug report #1033568,
regarding unblock: gnome-calendar/43.1-2
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1033568: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033568
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock

Please unblock package gnome-calendar

[ Reason ]
If the user tries to add a new calendar manually, the version of
gnome-calendar currently in testing crashes while the user is typing
the URI.

This happens while the URI is incomplete because it is not validated
before proceeding.

[ Impact ]
The application crashes suddenly and must be restarted with no clue
about why the crash happened.

[ Tests ]
Tested manually, the bug is very easy to reproduce, simply typing
'https://' on the URL entry is enough. The new package also provides a
test case.

[ Risks ]
Very low, this is the upstream patch for this bug and is very
straightforward.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock gnome-calendar/43.1-2

diff -Nru gnome-calendar-43.1/debian/changelog 
gnome-calendar-43.1/debian/changelog
--- gnome-calendar-43.1/debian/changelog        2022-10-18 16:09:27.000000000 
+0200
+++ gnome-calendar-43.1/debian/changelog        2023-03-20 18:25:22.000000000 
+0100
@@ -1,3 +1,14 @@
+gnome-calendar (43.1-2) unstable; urgency=high
+
+  [ Alberto Garcia ]
+  * debian/patches/validate-uri.patch:
+    - Fix crash when adding an url manually (Closes: #1033239)
+
+  [ Jeremy Bicha ]
+  * Branch for bookworm
+
+ -- Alberto Garcia <[email protected]>  Mon, 20 Mar 2023 18:25:22 +0100
+
 gnome-calendar (43.1-1) unstable; urgency=high
 
   * New upstream release (LP: #1993308)
diff -Nru gnome-calendar-43.1/debian/control gnome-calendar-43.1/debian/control
--- gnome-calendar-43.1/debian/control  2022-10-18 16:09:27.000000000 +0200
+++ gnome-calendar-43.1/debian/control  2023-03-20 18:25:22.000000000 +0100
@@ -6,7 +6,7 @@
 Section: gnome
 Priority: optional
 Maintainer: Debian GNOME Maintainers 
<[email protected]>
-Uploaders: Iain Lane <[email protected]>, Jeremy Bicha <[email protected]>, 
Laurent Bigonville <[email protected]>
+Uploaders: Jeremy Bicha <[email protected]>
 Build-Depends: appstream-util,
                debhelper-compat (= 13),
                dh-sequence-gnome,
@@ -29,8 +29,8 @@
                xvfb <!nocheck>,
 Standards-Version: 4.6.0
 Rules-Requires-Root: no
-Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar
-Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git
+Vcs-Browser: 
https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm
+Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b 
debian/bookworm
 Homepage: https://wiki.gnome.org/Apps/Calendar
 
 Package: gnome-calendar
diff -Nru gnome-calendar-43.1/debian/control.in 
gnome-calendar-43.1/debian/control.in
--- gnome-calendar-43.1/debian/control.in       2022-10-18 16:09:27.000000000 
+0200
+++ gnome-calendar-43.1/debian/control.in       2023-03-20 18:25:22.000000000 
+0100
@@ -25,8 +25,8 @@
                xvfb <!nocheck>,
 Standards-Version: 4.6.0
 Rules-Requires-Root: no
-Vcs-Browser: https://salsa.debian.org/gnome-team/gnome-calendar
-Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git
+Vcs-Browser: 
https://salsa.debian.org/gnome-team/gnome-calendar/tree/debian/bookworm
+Vcs-Git: https://salsa.debian.org/gnome-team/gnome-calendar.git -b 
debian/bookworm
 Homepage: https://wiki.gnome.org/Apps/Calendar
 
 Package: gnome-calendar
diff -Nru gnome-calendar-43.1/debian/gbp.conf 
gnome-calendar-43.1/debian/gbp.conf
--- gnome-calendar-43.1/debian/gbp.conf 2022-10-18 16:09:27.000000000 +0200
+++ gnome-calendar-43.1/debian/gbp.conf 2023-03-20 18:25:22.000000000 +0100
@@ -1,6 +1,6 @@
 [DEFAULT]
 pristine-tar = True
-debian-branch = debian/master
+debian-branch = debian/bookworm
 upstream-branch = upstream/latest
 
 [buildpackage]
diff -Nru gnome-calendar-43.1/debian/patches/series 
gnome-calendar-43.1/debian/patches/series
--- gnome-calendar-43.1/debian/patches/series   2022-10-18 16:09:27.000000000 
+0200
+++ gnome-calendar-43.1/debian/patches/series   2023-03-20 18:25:22.000000000 
+0100
@@ -0,0 +1 @@
+validate-uri.patch
diff -Nru gnome-calendar-43.1/debian/patches/validate-uri.patch 
gnome-calendar-43.1/debian/patches/validate-uri.patch
--- gnome-calendar-43.1/debian/patches/validate-uri.patch       1970-01-01 
01:00:00.000000000 +0100
+++ gnome-calendar-43.1/debian/patches/validate-uri.patch       2023-03-20 
18:25:22.000000000 +0100
@@ -0,0 +1,121 @@
+From: Georges Basile Stavracas Neto <[email protected]>
+Subject: Test URI before discovery
+Bug: https://gitlab.gnome.org/GNOME/gnome-calendar/-/issues/794
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033239
+Origin: 
https://gitlab.gnome.org/GNOME/gnome-calendar/-/commit/0322bcf54cf1fc37ff74b87fd36e282dc1cf7863
+Index: gnome-calendar-43.1/src/utils/gcal-source-discoverer.c
+===================================================================
+--- gnome-calendar-43.1.orig/src/utils/gcal-source-discoverer.c
++++ gnome-calendar-43.1/src/utils/gcal-source-discoverer.c
+@@ -183,6 +183,26 @@ is_authentication_error (gint code)
+   return FALSE;
+ }
+ 
++static GUri *
++create_and_validate_uri (const gchar  *uri,
++                         GError      **error)
++{
++  g_autoptr (GUri) guri = NULL;
++
++  guri = g_uri_parse (uri, SOUP_HTTP_URI_FLAGS | G_URI_FLAGS_PARSE_RELAXED, 
error);
++
++  if (!guri)
++    GCAL_RETURN (NULL);
++
++  if (!g_uri_get_host (guri) || g_uri_get_host (guri)[0] == '\0')
++    {
++      g_set_error (error, G_URI_ERROR, G_URI_ERROR_FAILED, "Invalid URI");
++      return NULL;
++    }
++
++  return g_steal_pointer (&guri);
++}
++
+ 
+ /*
+  * Callbacks
+@@ -221,7 +241,7 @@ discover_file_in_thread (DiscovererData
+ 
+   GCAL_ENTRY;
+ 
+-  guri = g_uri_parse (data->uri, SOUP_HTTP_URI_FLAGS | 
G_URI_FLAGS_PARSE_RELAXED, NULL);
++  guri = create_and_validate_uri (data->uri, error);
+ 
+   if (!guri)
+     GCAL_RETURN (NULL);
+@@ -277,6 +297,7 @@ discover_webdav_in_thread (DiscovererDat
+   g_autoptr (ESource) source = NULL;
+   g_autoptr (GError) local_error = NULL;
+   g_autofree gchar *certificate_pem = NULL;
++  g_autoptr (GUri) guri = NULL;
+   GTlsCertificateFlags flags;
+   GSList *discovered_sources = NULL;
+   GSList *user_addresses = NULL;
+@@ -284,6 +305,11 @@ discover_webdav_in_thread (DiscovererDat
+ 
+   GCAL_ENTRY;
+ 
++  guri = create_and_validate_uri (data->uri, error);
++
++  if (!guri)
++    GCAL_RETURN (NULL);
++
+   credentials = e_named_parameters_new ();
+   e_named_parameters_set (credentials, E_SOURCE_CREDENTIAL_USERNAME, 
data->username);
+   e_named_parameters_set (credentials, E_SOURCE_CREDENTIAL_PASSWORD, 
data->password);
+Index: gnome-calendar-43.1/tests/test-discoverer.c
+===================================================================
+--- gnome-calendar-43.1.orig/tests/test-discoverer.c
++++ gnome-calendar-43.1/tests/test-discoverer.c
+@@ -82,6 +82,43 @@ discoverer_file (void)
+ 
+ 
/*********************************************************************************************************************/
+ 
++static void
++discoverer_invalid_https_only_cb (GObject      *source_object,
++                                  GAsyncResult *result,
++                                  gpointer      user_data)
++{
++  g_autoptr (GPtrArray) sources = NULL;
++  g_autoptr (GError) error = NULL;
++  GMainLoop *mainloop = user_data;
++
++  sources = gcal_discover_sources_from_uri_finish (result, &error);
++  g_assert_error (error, G_URI_ERROR, G_URI_ERROR_FAILED);
++  g_assert_null (sources);
++
++  g_main_loop_quit (mainloop);
++}
++
++static void
++discoverer_invalid_https_only (void)
++{
++  g_autoptr (GMainLoop) mainloop = NULL;
++
++  g_test_bug ("794");
++
++  mainloop = g_main_loop_new (NULL, FALSE);
++
++  gcal_discover_sources_from_uri ("https://";,
++                                  NULL,
++                                  NULL,
++                                  NULL,
++                                  discoverer_invalid_https_only_cb,
++                                  mainloop);
++
++  g_main_loop_run (mainloop);
++}
++
++/*********************************************************************************************************************/
++
+ #if 0
+ 
+ static void
+@@ -183,6 +220,7 @@ main (gint   argc,
+   g_test_init (&argc, &argv, NULL);
+ 
+   g_test_add_func ("/discoverer/file", discoverer_file);
++  g_test_add_func ("/discoverer/invalid-https-only", 
discoverer_invalid_https_only);
+   //g_test_add_func ("/discoverer/webdav/unauthorized", 
discoverer_webdav_unauthorized);
+ 
+   return g_test_run ();

--- End Message ---

--- Begin Message ---
Unblocked.
--- End Message ---

Bug#1033568: marked as done (unblock: gnome-calendar/43.1-2)

Reply via email to