Antonio Ospite authored Jul 11, 2016 and Robert Roth committed Oct 25, 2016

Fix a regression introduced by 9bb6936b
(Migrate HistoryEntry to use a GtkBuilder template)

GtkLabel widgets are window-less, so they can't receive the
"button-press-event" signal directly: they need to be wrapped inside
a GtkEventBox. The old procedural code was doing that but in the
transition to the GtkBuilder template this detail was forgotten.

Fix that by just putting a GtkEventBox as a parent of a GtkLabel in
data/history-entry.ui

While at it also remove the deprecated GtkLabel attributes "xalign" and
"yalign", and don't specify the "events" property explicitly since
that's not needed anymore.

https://bugzilla.gnome.org/show_bug.cgi?id=766155

https://bugzilla.gnome.org/show_bug.cgi?id=748732
On populating the target combobox, the current value of the from combo
was removed intentionally. This way, setting the old from value as new
target value failed, as it did not exist in the target combo. Note that
this has only happened with the initially selected from currency, so
removing that from target currencies also led to inconsistencies between
the two comboboxes. We better have the same list in both combos, in the
worst case a user can use the same unit as both from and to unit to get
a valid 1 conversion result.

djb authored Sep 25, 2016 and Robert Roth committed Oct 10, 2016

This was ignored at runtime anyway: Inspector showed that it got
GTK_ALIGN_FILL.

https://bugzilla.gnome.org/show_bug.cgi?id=771946

djb authored Sep 25, 2016 and Robert Roth committed Oct 10, 2016

This fixes the problem of the Label being overly wide, and the immediately
following problem of it and the arrow now being too close together.

https://bugzilla.gnome.org/show_bug.cgi?id=771946

djb authored Sep 25, 2016 and Robert Roth committed Oct 04, 2016

https://bugzilla.gnome.org/show_bug.cgi?id=771957

djb authored Sep 25, 2016 and Robert Roth committed Oct 04, 2016

https://bugzilla.gnome.org/show_bug.cgi?id=771957

Tobias Mueller authored Sep 18, 2016 and Robert Roth committed Sep 25, 2016

The 1 needs to be unsigned to be shifted by 63 positions properly.
The behaviour is undefined otherwise.

I found this with ASan:
math-buttons.c:610:25: runtime error: left shift of 1 by 63 places cannot be represented in type 'long long int'

https://bugzilla.gnome.org/show_bug.cgi?id=771608

Tobias Mueller authored Sep 18, 2016 and Robert Roth committed Sep 25, 2016

The text_out buffer has just been created as a char array with
offset_out + 1 elements. So we can access element 0 to offset_out.
offset_out+1 is beyond the bounds.  We simply increase the size by one.
While this fixes this issue, I think it is not the most elegant
solution.

I found this with ASan when opening programming mode and then pressing, e.g.
7 AND 3 Enter:
=================================================================
==13==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200025bb91 at pc 0x7f6f28554292 bp 0x7f6f15cdfba0 sp 0x7f6f15cdfb98
WRITE of size 1 at 0x60200025bb91 thread T6
    #0 0x7f6f28554291  (/app/lib/gnome-calculator/libcalculator.so+0x17a291)
    #1 0x7f6f2854e91c in number_and (/app/lib/gnome-calculator/libcalculator.so+0x17491c)
    #2 0x7f6f284d6923  (/app/lib/gnome-calculator/libcalculator.so+0xfc923)
    #3 0x7f6f284c84f6 in lr_node_solve_lr (/app/lib/gnome-calculator/libcalculator.so+0xee4f6)
    #4 0x7f6f284c7bc6  (/app/lib/gnome-calculator/libcalculator.so+0xedbc6)
    #5 0x7f6f284c62b4 in parse_node_solve (/app/lib/gnome-calculator/libcalculator.so+0xec2b4)
    #6 0x7f6f284dddd0 in parser_parse (/app/lib/gnome-calculator/libcalculator.so+0x103dd0)
    #7 0x7f6f284b63d4 in equation_parse (/app/lib/gnome-calculator/libcalculator.so+0xdc3d4)
    #8 0x7f6f28519692  (/app/lib/gnome-calculator/libcalculator.so+0x13f692)
    #9 0x7f6f2851a1dc  (/app/lib/gnome-calculator/libcalculator.so+0x1401dc)
    #10 0x7f6f2851c30d  (/app/lib/gnome-calculator/libcalculator.so+0x14230d)
    #11 0x7f6f25414834  (/lib/libglib-2.0.so.0+0x6e834)
    #12 0x7f6f239503c3  (/lib/libpthread.so.0+0x73c3)
    #13 0x7f6f2368ddec in __clone (/lib/libc.so.6+0xe8dec)

0x60200025bb91 is located 0 bytes to the right of 1-byte region [0x60200025bb90,0x60200025bb91)
allocated by thread T6 here:
    #0 0x7f6f28b4cd60 in __interceptor_calloc (/usr/lib64/libasan.so.3+0xc1d60)
    #1 0x7f6f253f40b0 in g_malloc0 (/lib/libglib-2.0.so.0+0x4e0b0)
    #2 0x7f6f2854e91c in number_and (/app/lib/gnome-calculator/libcalculator.so+0x17491c)
    #3 0x7f6f284d6923  (/app/lib/gnome-calculator/libcalculator.so+0xfc923)
    #4 0x7f6f284c84f6 in lr_node_solve_lr (/app/lib/gnome-calculator/libcalculator.so+0xee4f6)
    #5 0x7f6f284c7bc6  (/app/lib/gnome-calculator/libcalculator.so+0xedbc6)
    #6 0x7f6f284c62b4 in parse_node_solve (/app/lib/gnome-calculator/libcalculator.so+0xec2b4)
    #7 0x7f6f284dddd0 in parser_parse (/app/lib/gnome-calculator/libcalculator.so+0x103dd0)
    #8 0x7f6f284b63d4 in equation_parse (/app/lib/gnome-calculator/libcalculator.so+0xdc3d4)
    #9 0x7f6f28519692  (/app/lib/gnome-calculator/libcalculator.so+0x13f692)
    #10 0x7f6f2851a1dc  (/app/lib/gnome-calculator/libcalculator.so+0x1401dc)
    #11 0x7f6f2851c30d  (/app/lib/gnome-calculator/libcalculator.so+0x14230d)
    #12 0x7f6f25414834  (/lib/libglib-2.0.so.0+0x6e834)

Thread T6 created by T0 here:
    #0 0x7f6f28abbde9 in __interceptor_pthread_create (/usr/lib64/libasan.so.3+0x30de9)
    #1 0x7f6f25431caf  (/lib/libglib-2.0.so.0+0x8bcaf)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/app/lib/gnome-calculator/libcalculator.so+0x17a291)
Shadow bytes around the buggy address:
  0x0c0480043720: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0480043730: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0480043740: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0480043750: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0480043760: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c0480043770: fa fa[01]fa fa fa 02 fa fa fa fd fd fa fa fd fa
  0x0c0480043780: fa fa fd fa fa fa fd fa fa fa 02 fa fa fa fd fd
  0x0c0480043790: fa fa fd fa fa fa fd fa fa fa 00 07 fa fa 00 07
  0x0c04800437a0: fa fa fd fa fa fa 00 00 fa fa 00 00 fa fa 01 fa
  0x0c04800437b0: fa fa 02 fa fa fa 04 fa fa fa 02 fa fa fa 06 fa
  0x0c04800437c0: fa fa 06 fa fa fa 06 fa fa fa 00 00 fa fa 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==13==ABORTING

https://bugzilla.gnome.org/show_bug.cgi?id=771610

Tobias Mueller authored Sep 18, 2016 and Robert Roth committed Sep 25, 2016

Otherwise, array.length-1 will be 0-1 == -1.
And it'll try to access array[-1] which is not very good.
We prevent that by checking for the array size
and we're also asserting array index values to reference actual data
instead of pointing outside the array.

I found this with ASan when opening programming mode and clicking "ans" from
the "X" drop down box:

=================================================================
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200028b308 at pc 0x7f14b5110f70 bp 0x7ffcc3f8b800 sp 0x7ffcc3f8b7f8
READ of size 8 at 0x60200028b308 thread T0
    #0 0x7f14b5110f6f  (/app/lib/gnome-calculator/libcalculator.so+0x12af6f)
    #1 0x7f14b5111b1d in function_manager_functions_eligible_for_autocompletion_for_text (/app/lib/gnome-calculator/libcalculator.so+0x12bb1d)
    #2 0x44104f in function_completion_provider_get_matches_for_completion_at_cursor (/app/bin/gnome-calculator+0x44104f)
    #3 0x4422fa  (/app/bin/gnome-calculator+0x4422fa)
    #4 0x44065a in completion_provider_populate (/app/bin/gnome-calculator+0x44065a)
    #5 0x7f14b4a1c1b1 in gtk_source_completion_provider_populate (/app/lib/libgtksourceview-3.0.so.1+0x2021b1)
    #6 0x7f14b4a0600f  (/app/lib/libgtksourceview-3.0.so.1+0x1ec00f)
    #7 0x7f14b4a06346  (/app/lib/libgtksourceview-3.0.so.1+0x1ec346)
    #8 0x7f14b1ffb5c2  (/lib/libglib-2.0.so.0+0x495c2)
    #9 0x7f14b1ffab89 in g_main_context_dispatch (/lib/libglib-2.0.so.0+0x48b89)
    #10 0x7f14b1ffaf07  (/lib/libglib-2.0.so.0+0x48f07)
    #11 0x7f14b1ffafab in g_main_context_iteration (/lib/libglib-2.0.so.0+0x48fab)
    #12 0x7f14b25bb9fc in g_application_run (/lib/libgio-2.0.so.0+0xaa9fc)
    #13 0x412965 in calculator_main (/app/bin/gnome-calculator+0x412965)
    #14 0x4129c9 in main (/app/bin/gnome-calculator+0x4129c9)
    #15 0x7f14b01d168f in __libc_start_main (/lib/libc.so.6+0x2068f)
    #16 0x40c5f8 in _start (/app/bin/gnome-calculator+0x40c5f8)

0x60200028b308 is located 8 bytes to the left of 8-byte region [0x60200028b310,0x60200028b318)
allocated by thread T0 here:
    #0 0x7f14b5755d60 in __interceptor_calloc (/usr/lib64/libasan.so.3+0xc1d60)
    #1 0x7f14b20000b0 in g_malloc0 (/lib/libglib-2.0.so.0+0x4e0b0)
    #2 0x44104f in function_completion_provider_get_matches_for_completion_at_cursor (/app/bin/gnome-calculator+0x44104f)
    #3 0x4422fa  (/app/bin/gnome-calculator+0x4422fa)
    #4 0x44065a in completion_provider_populate (/app/bin/gnome-calculator+0x44065a)
    #5 0x7f14b4a1c1b1 in gtk_source_completion_provider_populate (/app/lib/libgtksourceview-3.0.so.1+0x2021b1)
    #6 0x7f14b4a0600f  (/app/lib/libgtksourceview-3.0.so.1+0x1ec00f)
    #7 0x7f14b4a06346  (/app/lib/libgtksourceview-3.0.so.1+0x1ec346)
    #8 0x7f14b1ffb5c2  (/lib/libglib-2.0.so.0+0x495c2)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/app/lib/gnome-calculator/libcalculator.so+0x12af6f)
Shadow bytes around the buggy address:
  0x0c0480049610: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
  0x0c0480049620: fa fa fd fa fa fa fd fd fa fa fd fd fa fa fd fa
  0x0c0480049630: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fd
  0x0c0480049640: fa fa fd fd fa fa fd fa fa fa fd fa fa fa fd fa
  0x0c0480049650: fa fa fd fa fa fa fd fa fa fa fd fa fa fa 04 fa
=>0x0c0480049660: fa[fa]00 fa fa fa fd fd fa fa fd fa fa fa 04 fa
  0x0c0480049670: fa fa fd fa fa fa fd fd fa fa 00 00 fa fa 00 00
  0x0c0480049680: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c0480049690: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c04800496a0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c04800496b0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==14==ABORTING

https://bugzilla.gnome.org/show_bug.cgi?id=771609

Lapo Calamandrei authored Sep 22, 2016 and Robert Roth committed Sep 25, 2016

https://bugzilla.gnome.org/show_bug.cgi?id=771829

Alice Mikhaylenko authored Jul 25, 2016 and Carlos Soriano Sánchez committed Sep 22, 2016

https://bugzilla.gnome.org/show_bug.cgi?id=769142

https://bugzilla.gnome.org/show_bug.cgi?id=748729
Ported the behaviour of the superscript/subscript toggle of removing
trailing spaces if no selection to the keyboard-only superscript/subscript
entry using modifiers.

It has been breaking the build for almost 12 hours.

https://bugzilla.gnome.org/show_bug.cgi?id=770697

Future versions of gettext will fail if this header is missing.