Hello community, here is the log from the commit of package cjs for openSUSE:Factory checked in at 2017-08-10 14:02:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cjs (Old) and /work/SRC/openSUSE:Factory/.cjs.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cjs" Thu Aug 10 14:02:54 2017 rev:7 rq:509020 version:3.4.3 Changes: -------- --- /work/SRC/openSUSE:Factory/cjs/cjs.changes 2017-06-29 15:18:19.265863430 +0200 +++ /work/SRC/openSUSE:Factory/.cjs.new/cjs.changes 2017-08-10 14:11:33.173102107 +0200 @@ -1,0 +2,12 @@ +Sun Jul 9 12:20:12 UTC 2017 - sor.ale...@meowr.ru + +- Update to version 3.4.3: + * object.cpp: Follow-up to 503fa20 - handler ID's must be managed + from start to finish - they should be initialised to 0, and + re-set to 0 whenever they're finished being used. + * arg: Don't crash when asked to convert a null strv to an array. + * object: Don't invalidate closure if already invalid. + * closure: Remove pointer to runtime. + * closure: Prevent use-after-free in closures. + +------------------------------------------------------------------- Old: ---- cjs-3.4.2.tar.gz New: ---- cjs-3.4.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cjs.spec ++++++ --- /var/tmp/diff_new_pack.UA2gYL/_old 2017-08-10 14:11:33.904999059 +0200 +++ /var/tmp/diff_new_pack.UA2gYL/_new 2017-08-10 14:11:33.908998496 +0200 @@ -20,10 +20,10 @@ %define sover 0 %define typelib typelib-1_0-CjsPrivate-1_0 Name: cjs -Version: 3.4.2 +Version: 3.4.3 Release: 0 Summary: JavaScript module used by Cinnamon -License: MIT and (MPL-1.1 or GPL-2.0+ or LGPL-2.1+) +License: MIT AND (MPL-1.1 OR GPL-2.0+ OR LGPL-2.1+) Group: System/GUI/Other Url: https://github.com/linuxmint/cjs Source: https://github.com/linuxmint/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz @@ -104,22 +104,18 @@ %postun -n %{soname}%{sover} -p /sbin/ldconfig %files -%defattr(-,root,root) %doc COPYING* README debian/changelog %{_bindir}/%{name}* %files -n %{soname}%{sover} -%defattr(-,root,root) %{_libdir}/libcjs.so.%{sover}* %files -n %{typelib} -%defattr(-,root,root) %dir %{_libdir}/cjs/ %dir %{_libdir}/cjs/girepository-1.0/ %{_libdir}/cjs/girepository-1.0/CjsPrivate-1.0.typelib %files devel -%defattr(-,root,root) %{_includedir}/%{name}-1.0/ %{_libdir}/%{soname}.so %{_libdir}/pkgconfig/%{name}*.pc ++++++ cjs-3.4.2.tar.gz -> cjs-3.4.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cjs-3.4.2/configure.ac new/cjs-3.4.3/configure.ac --- old/cjs-3.4.2/configure.ac 2017-06-26 12:19:31.000000000 +0200 +++ new/cjs-3.4.3/configure.ac 2017-07-06 11:11:13.000000000 +0200 @@ -3,7 +3,7 @@ m4_define(pkg_major_version, 3) m4_define(pkg_minor_version, 4) -m4_define(pkg_micro_version, 2) +m4_define(pkg_micro_version, 3) m4_define(pkg_version, pkg_major_version.pkg_minor_version.pkg_micro_version) m4_define(pkg_int_version, (pkg_major_version * 100 + pkg_minor_version) * 100 + pkg_micro_version) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cjs-3.4.2/debian/changelog new/cjs-3.4.3/debian/changelog --- old/cjs-3.4.2/debian/changelog 2017-06-26 12:19:31.000000000 +0200 +++ new/cjs-3.4.3/debian/changelog 2017-07-06 11:11:13.000000000 +0200 @@ -1,3 +1,20 @@ +cjs (3.4.3) sonya; urgency=medium + + [ Michael Webster ] + * object.cpp: Follow-up to 503fa20e07ce - handler ID's *must* be managed from start to finish - they should be initialized to 0, and re-set to 0 whenever they're finished being used. + + [ leigh123linux ] + * arg: don't crash when asked to convert a null strv to an array (#48) + + [ Michael Webster ] + * Apply upstream: https://github.com/GNOME/gjs/commit/bace908922aa6ee9ee3885eef01b75816ece842f + + [ Philip Chimento ] + * closure: Remove pointer to runtime + * closure: Prevent use-after-free in closures + + -- Clement Lefebvre <r...@linuxmint.com> Thu, 06 Jul 2017 11:10:34 +0200 + cjs (3.4.2) sonya; urgency=medium [ leigh123linux ] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cjs-3.4.2/gi/arg.cpp new/cjs-3.4.3/gi/arg.cpp --- old/cjs-3.4.2/gi/arg.cpp 2017-06-26 12:19:31.000000000 +0200 +++ new/cjs-3.4.3/gi/arg.cpp 2017-07-06 11:11:13.000000000 +0200 @@ -572,7 +572,13 @@ guint i; JS::AutoValueVector elems(context); - for (i = 0; strv[i] != NULL; i++) { + /* We treat a NULL strv as an empty array, since this function should always + * set an array value when returning true. + * Another alternative would be to set value_p to JS::NullValue, but clients + * would need to always check for both an empty array and null if that was + * the case. + */ + for (i = 0; strv != NULL && strv[i] != NULL; i++) { elems.growBy(1); if (!gjs_string_from_utf8(context, strv[i], -1, elems[i])) return false; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cjs-3.4.2/gi/closure.cpp new/cjs-3.4.3/gi/closure.cpp --- old/cjs-3.4.2/gi/closure.cpp 2017-06-26 12:19:31.000000000 +0200 +++ new/cjs-3.4.3/gi/closure.cpp 2017-07-06 11:11:13.000000000 +0200 @@ -33,9 +33,9 @@ #include "cjs/mem.h" struct Closure { - JSRuntime *runtime; JSContext *context; GjsMaybeOwned<JSObject *> obj; + unsigned idle_clear_id; }; struct GjsClosure { @@ -92,7 +92,6 @@ c->obj.reset(); c->context = NULL; - c->runtime = NULL; /* Notify any closure reference holders they * may want to drop references. @@ -131,7 +130,7 @@ closure->priv.obj.reset(); closure->priv.context = nullptr; - closure->priv.runtime = nullptr; + closure->priv.idle_clear_id = 0; g_closure_unref(static_cast<GClosure *>(data)); return G_SOURCE_REMOVE; @@ -177,7 +176,7 @@ "removing our destroy notifier on global object)", closure); - g_idle_add(closure_clear_idle, closure); + c->idle_clear_id = g_idle_add(closure_clear_idle, closure); g_closure_ref(closure); } @@ -186,7 +185,8 @@ GClosure *closure) { GJS_DEC_COUNTER(closure); - g_idle_add(closure_clear_idle, closure); + Closure *c = &(reinterpret_cast<GjsClosure *>(closure))->priv; + c->idle_clear_id = g_idle_add(closure_clear_idle, closure); g_closure_ref(closure); } @@ -196,6 +196,13 @@ { Closure *self = &((GjsClosure*) closure)->priv; + if (self->idle_clear_id > 0) { + /* Remove any pending closure_clear_idle(), we are doing it + * immediately here. */ + g_source_remove(self->idle_clear_id); + closure_clear_idle(closure); + } + self->~Closure(); } @@ -307,7 +314,6 @@ gc = (GjsClosure*) g_closure_new_simple(sizeof(GjsClosure), NULL); c = new (&gc->priv) Closure(); - c->runtime = JS_GetRuntime(context); /* The saved context is used for lifetime management, so that the closure will * be torn down with the context that created it. The context could be attached to * the default context of the runtime using if we wanted the closure to survive diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cjs-3.4.2/gi/object.cpp new/cjs-3.4.3/gi/object.cpp --- old/cjs-3.4.2/gi/object.cpp 2017-06-26 12:19:31.000000000 +0200 +++ new/cjs-3.4.3/gi/object.cpp 2017-07-06 11:11:13.000000000 +0200 @@ -1417,6 +1417,7 @@ { auto cd = static_cast<ConnectData *>(user_data); cd->obj->signals.erase(cd); + cd->idle_invalidate_id = 0; g_slice_free(ConnectData, cd); return G_SOURCE_REMOVE; } @@ -1465,15 +1466,18 @@ */ for (ConnectData *cd : priv->signals) { /* First remove any pending invalidation, we are doing it now. */ - if (cd->idle_invalidate_id > 0) + if (cd->idle_invalidate_id > 0) { g_source_remove(cd->idle_invalidate_id); + cd->idle_invalidate_id = 0; + } else { + /* We also have to remove the invalidate notifier, which would + * otherwise schedule a new pending invalidation. */ + g_closure_remove_invalidate_notifier(cd->closure, cd, + signal_connection_invalidated); - /* We also have to remove the invalidate notifier, which would - * otherwise schedule a new pending invalidation. */ - g_closure_remove_invalidate_notifier(cd->closure, cd, - signal_connection_invalidated); + g_closure_invalidate(cd->closure); + } - g_closure_invalidate(cd->closure); g_slice_free(ConnectData, cd); } priv->signals.clear(); @@ -1665,6 +1669,7 @@ connect_data = g_slice_new(ConnectData); priv->signals.insert(connect_data); connect_data->obj = priv; + connect_data->idle_invalidate_id = 0; /* This is a weak reference, and will be cleared when the closure is invalidated */ connect_data->closure = closure; g_closure_add_invalidate_notifier(closure, connect_data, signal_connection_invalidated);