Public bug reported:
When gdbus is used with the call subcommand, string arguments passed to
the called method that contain the character '&' are treated as empty
"". Presumably this also affects the emit subcommand.
The problem appears to be that internally the arguments are processed as
XML but not safely escaped, as shown in the tests below.
>From the gdbus man page, try this example:
gdbus call --session --dest org.freedesktop.Notifications \
--object-path /org/freedesktop/Notifications \
--method org.freedesktop.Notifications.Notify \
my_app_name \
42 \
gtk-dialog-info \
"The Summary" \
"Here's the body of the notification" \
[] {} 5000
A notification is displayed with the information icon, the summary and
the body.
Now try
gdbus call --session --dest org.freedesktop.Notifications \
--object-path /org/freedesktop/Notifications \
--method org.freedesktop.Notifications.Notify \
my_app_name \
42 \
gtk-dialog-info \
"The Summary" \
"Here's the body containing '&' of the notification" \
[] {} 5000
A notification is displayed with the information icon, the summary and
*no* body.
Now try
gdbus call --session --dest org.freedesktop.Notifications \
--object-path /org/freedesktop/Notifications \
--method org.freedesktop.Notifications.Notify \
my_app_name \
42 \
gtk-dialog-info \
"The Summary" \
"Here's the body containing '&' of the notification" \
[] {} 5000
A notification is displayed with the information icon, the summary and
this body
"Here's the body containing '&' of the notification"
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libglib2.0-bin 2.40.2-0ubuntu1
ProcVersionSignature: Ubuntu 4.2.0-36.41~14.04.1-generic 4.2.8-ckt8
Uname: Linux 4.2.0-36-generic i686
ApportVersion: 2.14.1-0ubuntu3.20
Architecture: i386
CurrentDesktop: LXDE
Date: Tue May 10 15:56:44 2016
InstallationDate: Installed on 2016-02-21 (78 days ago)
InstallationMedia: Lubuntu 14.04.4 LTS "Trusty Tahr" - Release i386 (20160217.1)
SourcePackage: glib2.0
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: glib2.0 (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug i386 trusty
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580223
Title:
'gdbus call' can't handle arguments containing '&' (XML escaping
failure) failure
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1580223/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
