!98 fix issues found by svace static code analyzer;fix segfault,memory leak,EOF,arguments leak

From: @yanan-rock 
Reviewed-by: @zzm_567, @openeuler-basic 
Signed-off-by: @openeuler-basic

backport-add-OOM-handling-in-mimemagic.patch

@@ -0,0 +1,52 @@
+From 9f1c59eef2e21b5a80c22d44deec2cba884cdfce Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 15:31:01 +0300
+Subject: [PATCH] add OOM handling in mimemagic
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/9f1c59eef2e21b5a80c22d44deec2cba884cdfce
+
+---
+ gio/xdgmime/xdgmimemagic.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/gio/xdgmime/xdgmimemagic.c b/gio/xdgmime/xdgmimemagic.c
+index c68e27bedb..08b2c6da4f 100644
+--- a/gio/xdgmime/xdgmimemagic.c
++++ b/gio/xdgmime/xdgmimemagic.c
+@@ -103,6 +103,8 @@ _xdg_mime_magic_matchlet_new (void)
+   XdgMimeMagicMatchlet *matchlet;
+ 
+   matchlet = malloc (sizeof (XdgMimeMagicMatchlet));
++  if (matchlet == NULL)
++    return NULL;
+ 
+   matchlet->indent = 0;
+   matchlet->offset = 0;
+@@ -355,6 +357,11 @@ _xdg_mime_magic_parse_magic_line (FILE              *magic_file,
+     return XDG_MIME_MAGIC_ERROR;
+ 
+   matchlet = _xdg_mime_magic_matchlet_new ();
++
++  /* OOM */
++  if (matchlet == NULL)
++    return XDG_MIME_MAGIC_ERROR;
++
+   matchlet->indent = indent;
+   matchlet->offset = _xdg_mime_magic_read_a_number (magic_file, &end_of_file);
+   if (end_of_file)
+@@ -767,6 +774,11 @@ _xdg_mime_magic_read_magic_file (XdgMimeMagic *mime_magic,
+ 	{
+ 	case XDG_MIME_MAGIC_SECTION:
+ 	  match = _xdg_mime_magic_match_new ();
++
++	  /* OOM */
++	  if (match == NULL)
++	    return;
++
+ 	  state = _xdg_mime_magic_parse_header (magic_file, match);
+ 	  if (state == XDG_MIME_MAGIC_EOF || state == XDG_MIME_MAGIC_ERROR)
+ 	    _xdg_mime_magic_match_free (match);
+-- 
+GitLab
+

backport-application-Unset-the-registered-state-after-shutting-down.patch

@@ -0,0 +1,140 @@
+From 63873c0eb114faf6696874fe577912af687d67cf Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marco=20Trevisan=20=28Trevi=C3=B1o=29?= <mail@3v1n0.net>
+Date: Wed, 21 Apr 2021 06:17:36 +0200
+Subject: [PATCH] application: Unset the registered state after shutting down
+
+An application that has been shut down is still marked as registered
+even if its implementation has been already destroyed.
+
+This may lead to unguarded crashes when calling functions that have
+assumptions for being used with registered applications.
+
+So, when an application is registered, mark it as unregistered just
+before destroying its implementation and after being shut down, so that
+we follow the registration process in reversed order.
+
+Added tests
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/63873c0eb114faf6696874fe577912af687d67cf
+
+---
+ gio/gapplication.c       |  7 ++++
+ gio/tests/gapplication.c | 76 ++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 83 insertions(+)
+
+diff --git a/gio/gapplication.c b/gio/gapplication.c
+index 8e65176354..bf4a4cb650 100644
+--- a/gio/gapplication.c
++++ b/gio/gapplication.c
+@@ -2578,6 +2578,13 @@ g_application_run (GApplication  *application,
+ 
+   if (application->priv->impl)
+     {
++      if (application->priv->is_registered)
++        {
++          application->priv->is_registered = FALSE;
++
++          g_object_notify (G_OBJECT (application), "is-registered");
++        }
++
+       g_application_impl_flush (application->priv->impl);
+       g_application_impl_destroy (application->priv->impl);
+       application->priv->impl = NULL;
+diff --git a/gio/tests/gapplication.c b/gio/tests/gapplication.c
+index 900e7ac977..6f1a27e0f3 100644
+--- a/gio/tests/gapplication.c
++++ b/gio/tests/gapplication.c
+@@ -576,6 +576,81 @@ test_quit (void)
+   g_free (binpath);
+ }
+ 
++typedef struct
++{
++  gboolean shutdown;
++  GParamSpec *notify_spec; /* (owned) (nullable) */
++} RegisteredData;
++
++static void
++on_registered_shutdown (GApplication *app,
++                        gpointer user_data)
++{
++  RegisteredData *registered_data = user_data;
++
++  registered_data->shutdown = TRUE;
++}
++
++static void
++on_registered_notify (GApplication *app,
++                      GParamSpec *spec,
++                      gpointer user_data)
++{
++  RegisteredData *registered_data = user_data;
++  registered_data->notify_spec = g_param_spec_ref (spec);
++
++  if (g_application_get_is_registered (app))
++    g_assert_false (registered_data->shutdown);
++  else
++    g_assert_true (registered_data->shutdown);
++}
++
++static void
++test_registered (void)
++{
++  char *binpath = g_test_build_filename (G_TEST_BUILT, "unimportant", NULL);
++  gchar *argv[] = { binpath, NULL };
++  RegisteredData registered_data = { FALSE, NULL };
++  GApplication *app;
++
++  app = g_application_new (NULL, G_APPLICATION_FLAGS_NONE);
++  g_signal_connect (app, "activate", G_CALLBACK (noappid_activate), NULL);
++  g_signal_connect (app, "shutdown", G_CALLBACK (on_registered_shutdown), &registered_data);
++  g_signal_connect (app, "notify::is-registered", G_CALLBACK (on_registered_notify), &registered_data);
++
++  g_assert_null (registered_data.notify_spec);
++
++  g_assert_true (g_application_register (app, NULL, NULL));
++  g_assert_true (g_application_get_is_registered (app));
++
++  g_assert_nonnull (registered_data.notify_spec);
++  g_assert_cmpstr (registered_data.notify_spec->name, ==, "is-registered");
++  g_clear_pointer (&registered_data.notify_spec, g_param_spec_unref);
++
++  g_assert_false (registered_data.shutdown);
++
++  g_application_run (app, 1, argv);
++
++  g_assert_true (registered_data.shutdown);
++  g_assert_false (g_application_get_is_registered (app));
++  g_assert_nonnull (registered_data.notify_spec);
++  g_assert_cmpstr (registered_data.notify_spec->name, ==, "is-registered");
++  g_clear_pointer (&registered_data.notify_spec, g_param_spec_unref);
++
++  /* Register it again */
++  registered_data.shutdown = FALSE;
++  g_assert_true (g_application_register (app, NULL, NULL));
++  g_assert_true (g_application_get_is_registered (app));
++  g_assert_nonnull (registered_data.notify_spec);
++  g_assert_cmpstr (registered_data.notify_spec->name, ==, "is-registered");
++  g_clear_pointer (&registered_data.notify_spec, g_param_spec_unref);
++  g_assert_false (registered_data.shutdown);
++
++  g_object_unref (app);
++
++  g_free (binpath);
++}
++
+ static void
+ on_activate (GApplication *app)
+ {
+@@ -1136,6 +1211,7 @@ main (int argc, char **argv)
+   g_test_add_func ("/gapplication/properties", properties);
+   g_test_add_func ("/gapplication/app-id", appid);
+   g_test_add_func ("/gapplication/quit", test_quit);
++  g_test_add_func ("/gapplication/registered", test_registered);
+   g_test_add_func ("/gapplication/local-actions", test_local_actions);
+ /*  g_test_add_func ("/gapplication/remote-actions", test_remote_actions); */
+   g_test_add_func ("/gapplication/local-command-line", test_local_command_line);
+-- 
+GitLab
+

backport-gapplication-fix-arguments-leak-in-error-path.patch

@@ -0,0 +1,44 @@
+From 65b4bc30eb38b1484533a2ee08f7229a9e961af8 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@gnome.org>
+Date: Wed, 31 Mar 2021 11:44:23 -0500
+Subject: [PATCH] gapplication: fix arguments leak in error path
+
+If this g_return_val_if_fail() is ever hit, then we leak arguments.
+This is not very important because if your code hits
+g_return_val_if_fail() you are invoking undefined behavior, a rather
+more serious problem, but let's replace it with g_critical() to be
+robust.
+
+This includes a small behavior change: it returns 1 rather than 0 in
+this error case.
+
+Found by Coverity.
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/65b4bc30eb38b1484533a2ee08f7229a9e961af8
+
+---
+ gio/gapplication.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/gio/gapplication.c b/gio/gapplication.c
+index 5a43202a5d..8e65176354 100644
+--- a/gio/gapplication.c
++++ b/gio/gapplication.c
+@@ -2524,7 +2524,12 @@ g_application_run (GApplication  *application,
+ 
+   context = g_main_context_default ();
+   acquired_context = g_main_context_acquire (context);
+-  g_return_val_if_fail (acquired_context, 0);
++  if (!acquired_context)
++    {
++      g_critical ("g_application_run() cannot acquire the default main context because it is already acquired by another thread!");
++      g_strfreev (arguments);
++      return 1;
++    }
+ 
+   if (!G_APPLICATION_GET_CLASS (application)
+         ->local_command_line (application, &arguments, &status))
+-- 
+GitLab
+

backport-gdtlsconnection-Fix-a-check-for-a-vfunc-being-implemented.patch

@@ -0,0 +1,32 @@
+From be57c5d14c771361482917f4cb35851a07d19a8e Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 29 Apr 2021 13:17:05 +0100
+Subject: [PATCH] gdtlsconnection: Fix a check for a vfunc being implemented
+
+It was checking the wrong vfunc; likely a copy/paste error.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/be57c5d14c771361482917f4cb35851a07d19a8e
+
+---
+ gio/gdtlsconnection.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gio/gdtlsconnection.c b/gio/gdtlsconnection.c
+index 4bbc88d7a7..136e317b13 100644
+--- a/gio/gdtlsconnection.c
++++ b/gio/gdtlsconnection.c
+@@ -1069,7 +1069,7 @@ g_dtls_connection_get_negotiated_protocol (GDtlsConnection *conn)
+   GDtlsConnectionInterface *iface;
+ 
+   iface = G_DTLS_CONNECTION_GET_INTERFACE (conn);
+-  if (iface->set_advertised_protocols == NULL)
++  if (iface->get_negotiated_protocol == NULL)
+     return NULL;
+ 
+   return iface->get_negotiated_protocol (conn);
+-- 
+GitLab
+

backport-glocalfileinfo-Fix-atime-mtime-mix.patch

@@ -0,0 +1,28 @@
+From 5a032f32ea77d81c012841dde88b070f55037f25 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 13:56:43 +0300
+Subject: [PATCH] glocalfileinfo: Fix atime/mtime mix due to bad copy/paste
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/5a032f32ea77d81c012841dde88b070f55037f25
+
+---
+ gio/glocalfileinfo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gio/glocalfileinfo.c b/gio/glocalfileinfo.c
+index 3867ca684a..d3b327a19c 100644
+--- a/gio/glocalfileinfo.c
++++ b/gio/glocalfileinfo.c
+@@ -2650,7 +2650,7 @@ set_mtime_atime (char                       *filename,
+     {
+       if (lazy_stat (filename, &statbuf, &got_stat) == 0)
+ 	{
+-	  times[0].tv_sec = statbuf.st_mtime;
++	  times[0].tv_sec = statbuf.st_atime;
+ #if defined (HAVE_STRUCT_STAT_ST_ATIMENSEC)
+ 	  times[0].tv_usec = statbuf.st_atimensec / 1000;
+ #elif defined (HAVE_STRUCT_STAT_ST_ATIM_TV_NSEC)
+-- 
+GitLab
+

backport-gopenuriportal-Fix-GVariantBuilder-and-string-leakage.patch

@@ -0,0 +1,29 @@
+From 9dc7475f93c5c63fff66999d228407e13a47d5d3 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:00:03 +0300
+Subject: [PATCH] gopenuriportal: Fix GVariantBuilder and string leakage on
+ g_open failure
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/9dc7475f93c5c63fff66999d228407e13a47d5d3
+
+---
+ gio/gopenuriportal.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/gio/gopenuriportal.c b/gio/gopenuriportal.c
+index be68569ed8..6ef8f037c3 100644
+--- a/gio/gopenuriportal.c
++++ b/gio/gopenuriportal.c
+@@ -108,6 +108,8 @@ g_openuri_portal_open_uri (const char  *uri,
+       errsv = errno;
+       if (fd == -1)
+         {
++	  g_free (path);
++	  g_variant_builder_clear (&opt_builder);
+           g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errsv),
+                        "Failed to open '%s'", path);
+           return FALSE;
+-- 
+GitLab
+

backport-gproxyaddressenumerator-Fix-string-leakage-on-an-invalid-input.patch

@@ -0,0 +1,47 @@
+From a50e605d52534f604776e56fd181ace98b6a0166 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:02:33 +0300
+Subject: [PATCH] gproxyaddressenumerator: Fix string leakage on an invalid
+ input
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/a50e605d52534f604776e56fd181ace98b6a0166
+
+---
+ gio/gproxyaddressenumerator.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/gio/gproxyaddressenumerator.c b/gio/gproxyaddressenumerator.c
+index d3de4940c9..654baade57 100644
+--- a/gio/gproxyaddressenumerator.c
++++ b/gio/gproxyaddressenumerator.c
+@@ -262,8 +262,12 @@ g_proxy_address_enumerator_next (GSocketAddressEnumerator  *enumerator,
+ 	}
+       dest_protocol = g_uri_parse_scheme (priv->dest_uri);
+ 		 		  
+-      g_return_val_if_fail (G_IS_INET_SOCKET_ADDRESS (priv->proxy_address),
+-			    NULL);
++      if (!G_IS_INET_SOCKET_ADDRESS (priv->proxy_address))
++        {
++	       g_free (dest_hostname);
++	       g_free (dest_protocol);
++        }
++      g_return_val_if_fail (G_IS_INET_SOCKET_ADDRESS (priv->proxy_address), NULL);
+ 
+       inetsaddr = G_INET_SOCKET_ADDRESS (priv->proxy_address);
+       inetaddr = g_inet_socket_address_get_address (inetsaddr);
+@@ -352,6 +356,11 @@ return_result (GTask *task)
+ 	}
+       dest_protocol = g_uri_parse_scheme (priv->dest_uri);
+ 
++      if (!G_IS_INET_SOCKET_ADDRESS (priv->proxy_address))
++        {
++	       g_free (dest_hostname);
++	       g_free (dest_protocol);
++        }
+       g_return_if_fail (G_IS_INET_SOCKET_ADDRESS (priv->proxy_address));
+ 
+       inetsaddr = G_INET_SOCKET_ADDRESS (priv->proxy_address);
+-- 
+GitLab
+

backport-gsocks5proxy-Fix-buffer-overflow-on-a-really-long-domain-name.patch

@@ -0,0 +1,73 @@
+From b32727d43d9d11aa017f1f29648ad5019376537c Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:07:01 +0300
+Subject: [PATCH] gsocks5proxy: Fix buffer overflow on a really long domain
+ name
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/b32727d43d9d11aa017f1f29648ad5019376537c
+
+---
+ gio/gsocks5proxy.c | 23 +++++++++++++----------
+ 1 file changed, 13 insertions(+), 10 deletions(-)
+
+diff --git a/gio/gsocks5proxy.c b/gio/gsocks5proxy.c
+index 873db7ea6d..948ac8b8b8 100644
+--- a/gio/gsocks5proxy.c
++++ b/gio/gsocks5proxy.c
+@@ -328,7 +328,7 @@ set_connect_msg (guint8       *msg,
+  *
+  * The parser only requires 4 bytes.
+  */
+-#define SOCKS5_CONN_REP_LEN	  255
++#define SOCKS5_CONN_REP_LEN	  257
+ static gboolean
+ parse_connect_reply (const guint8 *data, gint *atype, GError **error)
+ {
+@@ -509,7 +509,7 @@ g_socks5_proxy_connect (GProxy            *proxy,
+       guint8 data[SOCKS5_CONN_REP_LEN];
+       gint atype;
+ 
+-      if (!g_input_stream_read_all (in, data, 4, NULL,
++      if (!g_input_stream_read_all (in, data, 4 /* VER, REP, RSV, ATYP */, NULL,
+ 				    cancellable, error))
+ 	goto error;
+ 
+@@ -519,23 +519,26 @@ g_socks5_proxy_connect (GProxy            *proxy,
+       switch (atype)
+ 	{
+ 	  case SOCKS5_ATYP_IPV4:
+-	    if (!g_input_stream_read_all (in, data, 6, NULL,
+-					  cancellable, error))
++	    if (!g_input_stream_read_all (in, data,
++					  4 /* IPv4 length */ + 2 /* port */,
++					  NULL, cancellable, error))
+ 	      goto error;
+ 	    break;
+ 
+ 	  case SOCKS5_ATYP_IPV6:
+-	    if (!g_input_stream_read_all (in, data, 18, NULL,
+-					  cancellable, error))
++	    if (!g_input_stream_read_all (in, data,
++					  16 /* IPv6 length */ + 2 /* port */,
++					  NULL, cancellable, error))
+ 	      goto error;
+ 	    break;
+ 
+ 	  case SOCKS5_ATYP_DOMAINNAME:
+-	    if (!g_input_stream_read_all (in, data, 1, NULL,
+-					  cancellable, error))
++	    if (!g_input_stream_read_all (in, data, 1 /* domain name length */,
++					  NULL, cancellable, error))
+ 	      goto error;
+-	    if (!g_input_stream_read_all (in, data, data[0] + 2, NULL,
+-					  cancellable, error))
++	    if (!g_input_stream_read_all (in, data,
++					  data[0] /* domain name length */ + 2 /* port */,
++					  NULL, cancellable, error))
+ 	      goto error;
+ 	    break;
+ 	}
+-- 
+GitLab
+

backport-gsocks5proxy-Handle-EOF-when-reading-from-a-stream.patch

@@ -0,0 +1,110 @@
+From 40a46d1346fdd4e07c648ba1ee78dedd9bfa33ad Mon Sep 17 00:00:00 2001
+From: Benjamin Berg <bberg@redhat.com>
+Date: Tue, 6 Apr 2021 16:52:23 +0200
+Subject: [PATCH] gsocks5proxy: Handle EOF when reading from a stream
+
+The code did not handle EOF (0 byte read) correctly. This can e.g. cause
+an infinite loop if an incorrect socks proxy is configured.
+
+Add the appropriate checks and return an G_IO_ERROR_CONNECTION_CLOSED
+error if EOF is encountered.
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/40a46d1346fdd4e07c648ba1ee78dedd9bfa33ad
+
+---
+ gio/gsocks5proxy.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 50 insertions(+)
+
+diff --git a/gio/gsocks5proxy.c b/gio/gsocks5proxy.c
+index 09b7fcac29..873db7ea6d 100644
+--- a/gio/gsocks5proxy.c
++++ b/gio/gsocks5proxy.c
+@@ -717,6 +717,16 @@ nego_reply_read_cb (GObject      *source,
+       return;
+     }
+ 
++  if (read == 0)
++    {
++      g_task_return_new_error (task,
++                               G_IO_ERROR,
++                               G_IO_ERROR_CONNECTION_CLOSED,
++                               "Connection to SOCKSv5 proxy server lost");
++      g_object_unref (task);
++      return;
++    }
++
+   data->offset += read;
+   
+   if (data->offset == data->length)
+@@ -821,6 +831,16 @@ auth_reply_read_cb (GObject      *source,
+       return;
+     }
+ 
++  if (read == 0)
++    {
++      g_task_return_new_error (task,
++                               G_IO_ERROR,
++                               G_IO_ERROR_CONNECTION_CLOSED,
++                               "Connection to SOCKSv5 proxy server lost");
++      g_object_unref (task);
++      return;
++    }
++
+   data->offset += read;
+ 
+   if (data->offset == data->length)
+@@ -923,6 +943,16 @@ connect_reply_read_cb (GObject       *source,
+       return;
+     }
+ 
++  if (read == 0)
++    {
++      g_task_return_new_error (task,
++                               G_IO_ERROR,
++                               G_IO_ERROR_CONNECTION_CLOSED,
++                               "Connection to SOCKSv5 proxy server lost");
++      g_object_unref (task);
++      return;
++    }
++
+   data->offset += read;
+ 
+   if (data->offset == data->length)
+@@ -983,6 +1013,16 @@ connect_addr_len_read_cb (GObject      *source,
+       return;
+     }
+ 
++  if (read == 0)
++    {
++      g_task_return_new_error (task,
++                               G_IO_ERROR,
++                               G_IO_ERROR_CONNECTION_CLOSED,
++                               "Connection to SOCKSv5 proxy server lost");
++      g_object_unref (task);
++      return;
++    }
++
+   data->length = data->buffer[0] + 2;
+   data->offset = 0;
+ 
+@@ -1009,6 +1049,16 @@ connect_addr_read_cb (GObject      *source,
+       return;
+     }
+ 
++  if (read == 0)
++    {
++      g_task_return_new_error (task,
++                               G_IO_ERROR,
++                               G_IO_ERROR_CONNECTION_CLOSED,
++                               "Connection to SOCKSv5 proxy server lost");
++      g_object_unref (task);
++      return;
++    }
++
+   data->offset += read;
+ 
+   if (data->offset == data->length)
+-- 
+GitLab
+

backport-gthread-posix-Free-a-memory-leak-on-error-path.patch

@@ -0,0 +1,27 @@
+From d129395fe2f22f12004526bc11ca7d407f42e4ab Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?GOUJON=20=C3=89van?= <goujon.evan@gmail.com>
+Date: Thu, 22 Jul 2021 16:41:09 +0200
+Subject: [PATCH] g_system_thread_new: Free a memory leak on error path
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/d129395fe2f22f12004526bc11ca7d407f42e4ab
+
+---
+ glib/gthread-posix.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/glib/gthread-posix.c b/glib/gthread-posix.c
+index 3d69767e67..8e2e66db54 100644
+--- a/glib/gthread-posix.c
++++ b/glib/gthread-posix.c
+@@ -1331,6 +1331,7 @@ g_system_thread_new (GThreadFunc proxy,
+     {
+       g_set_error (error, G_THREAD_ERROR, G_THREAD_ERROR_AGAIN, 
+                    "Error creating thread: %s", g_strerror (ret));
++      g_free (thread->thread.name);
+       g_slice_free (GThreadPosix, thread);
+       return NULL;
+     }
+-- 
+GitLab
+

backport-gtype-Fix-pointer-being-dereferenced-despite-NULL-check.patch

@@ -0,0 +1,35 @@
+From 5419228f632af830d9117c142a1c7c1a9708cc08 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:26:20 +0300
+Subject: [PATCH] gtype: Fix pointer being dereferenced despite NULL check
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/5419228f632af830d9117c142a1c7c1a9708cc08
+
+---
+ gobject/gtype.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/gobject/gtype.c b/gobject/gtype.c
+index 34f62ecba5..26ec30b7b7 100644
+--- a/gobject/gtype.c
++++ b/gobject/gtype.c
+@@ -3159,11 +3159,14 @@ g_type_class_peek_parent (gpointer g_class)
+   g_return_val_if_fail (g_class != NULL, NULL);
+   
+   node = lookup_type_node_I (G_TYPE_FROM_CLASS (g_class));
++
++  g_return_val_if_fail (node != NULL, NULL);
++
+   /* We used to acquire a read lock here. That is not necessary, since 
+    * parent->data->class.class is constant as long as the derived class
+    * exists. 
+    */
+-  if (node && node->is_classed && node->data && NODE_PARENT_TYPE (node))
++  if (node->is_classed && node->data && NODE_PARENT_TYPE (node))
+     {
+       node = lookup_type_node_I (NODE_PARENT_TYPE (node));
+       class = node->data->class.class;
+-- 
+GitLab
+

backport-gutils-Avoid-segfault-in-g_get_user_database_entry.patch

@@ -0,0 +1,58 @@
+From bb40105fe95b5d95e31715ddb210380d381a1e26 Mon Sep 17 00:00:00 2001
+From: Jamie Bainbridge <jamie.bainbridge@gmail.com>
+Date: Wed, 8 Sep 2021 12:08:17 +1000
+Subject: [PATCH] gutils: Avoid segfault in g_get_user_database_entry
+
+g_get_user_database_entry() capitalises the first letter of pw_name
+with g_ascii_toupper (pw->pw_name[0]).
+
+However, the manpage for getpwnam() and getpwuid() says the result of
+those calls "may point to a static area". GLib is then trying to edit
+static memory which belongs to a shared library, so segfaults.
+
+The reentrant variants of the above calls are supposed to fill the user
+buffer supplied to them, however Michael Catanzaro also found a bug in
+systemd where the data is not copied to the user buffer and still points
+to static memory, resulting in the same sort of segfault. See:
+https://github.com/systemd/systemd/issues/20679
+
+Solve both these cases in GLib by copying pw_name off to a temporary
+variable, set uppercase on that variable, and use the variable to join
+into the desired string. Free the variable after it is no longer needed.
+
+Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/bb40105fe95b5d95e31715ddb210380d381a1e26
+
+---
+ glib/gutils.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/glib/gutils.c b/glib/gutils.c
+index b7a2113d41..4bccd72297 100644
+--- a/glib/gutils.c
++++ b/glib/gutils.c
+@@ -692,14 +692,17 @@ g_get_user_database_entry (void)
+               {
+                 gchar **gecos_fields;
+                 gchar **name_parts;
++                gchar *uppercase_pw_name;
+ 
+                 /* split the gecos field and substitute '&' */
+                 gecos_fields = g_strsplit (pw->pw_gecos, ",", 0);
+                 name_parts = g_strsplit (gecos_fields[0], "&", 0);
+-                pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]);
+-                e.real_name = g_strjoinv (pw->pw_name, name_parts);
++                uppercase_pw_name = g_strdup (pw->pw_name);
++                uppercase_pw_name[0] = g_ascii_toupper (uppercase_pw_name[0]);
++                e.real_name = g_strjoinv (uppercase_pw_name, name_parts);
+                 g_strfreev (gecos_fields);
+                 g_strfreev (name_parts);
++                g_free (uppercase_pw_name);
+               }
+ #endif
+ 
+-- 
+GitLab
+

backport-gvariant-Fix-memory-leak-on-a-TYPE-CHECK-failure.patch

@@ -0,0 +1,34 @@
+From 05dffc1a7f562e9c8c6c21b67f99204f7a7b4e27 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:20:26 +0300
+Subject: [PATCH] gvariant: Fix memory leak on a TYPE_CHECK failure
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/05dffc1a7f562e9c8c6c21b67f99204f7a7b4e27
+
+---
+ glib/gvariant.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index a9bb99c647..4a9704c19c 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -800,7 +800,13 @@ g_variant_new_array (const GVariantType *child_type,
+ 
+   for (i = 0; i < n_children; i++)
+     {
+-      TYPE_CHECK (children[i], child_type, NULL);
++      if G_UNLIKELY (!g_variant_is_of_type (children[i], child_type))
++        {
++          while (i != 0)
++            g_variant_unref (my_children[--i]);
++          g_free (my_children);
++	  g_return_val_if_fail (g_variant_is_of_type (children[i], child_type), NULL);
++        }
+       my_children[i] = g_variant_ref_sink (children[i]);
+       trusted &= g_variant_is_trusted (children[i]);
+     }
+-- 
+GitLab
+

backport-gvariant-Fix-pointers-being-dereferenced-despite-NULL-checks.patch

@@ -0,0 +1,61 @@
+From 7f6ce4d8d234996b523b71abef139f1c80c88254 Mon Sep 17 00:00:00 2001
+From: Egor Bychin <e.bychin@drweb.com>
+Date: Mon, 11 Oct 2021 14:24:12 +0300
+Subject: [PATCH] gvariant: Fix pointers being dereferenced despite NULL checks
+
+Conflict:NA
+Reference:https://gitlab.gnome.org/GNOME/glib/-/commit/7f6ce4d8d234996b523b71abef139f1c80c88254
+
+---
+ glib/gvariant.c | 14 ++++++++------
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 4a9704c19c..5fa6a82685 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -3196,8 +3196,7 @@ struct heap_builder
+ #define GVSB_MAGIC               ((gsize) 1033660112u)
+ #define GVSB_MAGIC_PARTIAL       ((gsize) 2942751021u)
+ #define GVHB_MAGIC               ((gsize) 3087242682u)
+-#define is_valid_builder(b)      (b != NULL && \
+-                                  GVSB(b)->magic == GVSB_MAGIC)
++#define is_valid_builder(b)      (GVSB(b)->magic == GVSB_MAGIC)
+ #define is_valid_heap_builder(b) (GVHB(b)->magic == GVHB_MAGIC)
+ 
+ /* Just to make sure that by adding a union to GVariantBuilder, we
+@@ -3207,7 +3206,9 @@ G_STATIC_ASSERT (sizeof (GVariantBuilder) == sizeof (gsize[16]));
+ static gboolean
+ ensure_valid_builder (GVariantBuilder *builder)
+ {
+-  if (is_valid_builder (builder))
++  if (builder == NULL)
++    return FALSE;
++  else if (is_valid_builder (builder))
+     return TRUE;
+   if (builder->u.s.partial_magic == GVSB_MAGIC_PARTIAL)
+     {
+@@ -3853,8 +3854,7 @@ struct heap_dict
+ #define GVSD_MAGIC              ((gsize) 2579507750u)
+ #define GVSD_MAGIC_PARTIAL      ((gsize) 3488698669u)
+ #define GVHD_MAGIC              ((gsize) 2450270775u)
+-#define is_valid_dict(d)        (d != NULL && \
+-                                 GVSD(d)->magic == GVSD_MAGIC)
++#define is_valid_dict(d)        (GVSD(d)->magic == GVSD_MAGIC)
+ #define is_valid_heap_dict(d)   (GVHD(d)->magic == GVHD_MAGIC)
+ 
+ /* Just to make sure that by adding a union to GVariantDict, we didn't
+@@ -3864,7 +3864,9 @@ G_STATIC_ASSERT (sizeof (GVariantDict) == sizeof (gsize[16]));
+ static gboolean
+ ensure_valid_dict (GVariantDict *dict)
+ {
+-  if (is_valid_dict (dict))
++  if (dict == NULL)
++    return FALSE;
++  else if (is_valid_dict (dict))
+     return TRUE;
+   if (dict->u.s.partial_magic == GVSD_MAGIC_PARTIAL)
+     {
+-- 
+GitLab
+

glib2.spec

@@ -1,6 +1,6 @@
 Name:           glib2
 Version:        2.68.1
-Release:        11
+Release:        12
 Summary:        The core library that forms the basis for projects such as GTK+ and GNOME
 License:        LGPLv2+
 URL:            http://www.gtk.org
@@ -10,7 +10,21 @@ Patch6000:      backport-correctly-use-3-parameters-for-clise-range.patch
 Patch6001:      backport-fix-a-memory-leak.patch
 Patch6002:      backport-gfileenumerator-fix-leak-in-error-path.patch
 Patch6003:      backport-gdbusobjectmanagerservice-fix-leak-in-error-path.patch
-Patch6004:      backport-gdbusauth-fix-error-leak.patch 
+Patch6004:      backport-gdbusauth-fix-error-leak.patch
+Patch6005:      backport-gapplication-fix-arguments-leak-in-error-path.patch
+Patch6006:      backport-gsocks5proxy-Handle-EOF-when-reading-from-a-stream.patch
+Patch6007:      backport-application-Unset-the-registered-state-after-shutting-down.patch
+Patch6008:      backport-gdtlsconnection-Fix-a-check-for-a-vfunc-being-implemented.patch
+Patch6009:      backport-gthread-posix-Free-a-memory-leak-on-error-path.patch
+Patch6010:      backport-gutils-Avoid-segfault-in-g_get_user_database_entry.patch
+Patch6011:      backport-glocalfileinfo-Fix-atime-mtime-mix.patch
+Patch6012:      backport-gopenuriportal-Fix-GVariantBuilder-and-string-leakage.patch
+Patch6013:      backport-gproxyaddressenumerator-Fix-string-leakage-on-an-invalid-input.patch
+Patch6014:      backport-gsocks5proxy-Fix-buffer-overflow-on-a-really-long-domain-name.patch
+Patch6015:      backport-gvariant-Fix-memory-leak-on-a-TYPE-CHECK-failure.patch
+Patch6016:      backport-gvariant-Fix-pointers-being-dereferenced-despite-NULL-checks.patch
+Patch6017:      backport-gtype-Fix-pointer-being-dereferenced-despite-NULL-check.patch
+Patch6018:      backport-add-OOM-handling-in-mimemagic.patch
 
 BuildRequires:  chrpath gcc gcc-c++ gettext perl-interpreter
 BUildRequires:  glibc-devel libattr-devel libselinux-devel meson
@@ -80,8 +94,6 @@ rm glib/pcre/*.[ch]
 
 %meson_build
 
-find . -name *.dtrace-temp.c -exec rm -f {} \;
-
 %check
 %meson_test
 
@@ -178,6 +190,11 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
 %endif
 
 %changelog
+* Thu Apr 28 2022 yanan <yanan@huawei.com> - 2.68.1-12
+- Type:bugfix
+- DESC:fix issues found by svace static code analyzer
+       fix segfault,memory leak,EOF,arguments leak
+
 * Wed Apr 6 2022 hanhui <hanhui15@h-partners.com> - 2.68.1-11
 - DESC:fix gfileenumerator/gdbusobjectmanagerservice/gdbusauth of memory leak