Merge lp:~mhr3/unity/fix-861144 into lp:unity

+ {
+ /* check that there really is such IndicatorObjectEntry */
+ if (g_hash_table_lookup (priv->entry2indicator_hash, entry) != NULL)
+ {
+ return entry;
+ }

Can you add an extra check in there:

+ if (!INDICATOR_IS_OBJECT_ENTRY (entry))
+ {
+ g_critical ("Invalid IndicatorObjectEntry reference %p", entry);
+ return NULL;
+ }

Not that it makes the code much more safe, but it has a slim chance of
making debugging easier should we ever see it again

I'd love to add that, but IndicatorObjectEntry is just a simple struct, sorry...

get_entry_by_id has been previously added to be very fast and to avoid unneeded loops or checks.
If well used it shouldn't lead to crashes, was it causing some?
However the new lookup improves the safety.

Marco - at the very least it was taking a string directly from DBus
and parsing it into a memory address and accessing that address
without any sanity checks. That is *highly* unsafe and can lead to
arbitrary impossible-to-debug bugs at any later point in time. Granted
- after this patch it is still highly unsafe, if slightly less than
before :-)

For P I think we should find a way to stop passing pointers over DBus.
It is just wrong in so many ways.

On the first version the pointer was just used as an ID that was used by an hashtable, but using this way caused some slowdown. However I know that the current implementation is potentially unsafe, but since we're mostly getting events from that entries, the risks are controlled. Also I never experienced a crash caused by that.

However I agree that this part would need a better design. I'm available for working on improving this part on all the stack (from libindicator, to unity itself).

Ah, however to fix this crash (bug #861144) I guess that we only need (at the current state) to add a

   g_return_if_fail (object);

In the panel_service_show_entry function. I forgot to add it previously, and I'd suggest to use this check always, after that the entry_id has been parsed, leaving the old get_entry_by_id implementation.
Otherwise we'll duplicate the number of hashtable lookups.

Otherwise using something like
   void panel_service_get_indicator_entry_by_id(PanelService *self, IndicatorObject **io, IndicatorObjectEntry **entry);

To get also the IndicatorObject and to avoid further lookups.

A simple way to optimize all these operations, by the way, would be to link an entry to its own parent indicator (also if this could lead to other issues, though).

> Ah, however to fix this crash (bug #861144) I guess that we only need (at the
> current state) to add a
>
> g_return_if_fail (object);
>

Yes that should also suffice, but we *really* don't want unchecked pointer casting.

> In the panel_service_show_entry function. I forgot to add it previously, and
> I'd suggest to use this check always, after that the entry_id has been parsed,
> leaving the old get_entry_by_id implementation.
> Otherwise we'll duplicate the number of hashtable lookups.
>
> Otherwise using something like
> void panel_service_get_indicator_entry_by_id(PanelService *self,
> IndicatorObject **io, IndicatorObjectEntry **entry);
>
> To get also the IndicatorObject and to avoid further lookups.
>

Ok, I'll fix it to do that to save a couple of cpu cycles.

> A simple way to optimize all these operations, by the way, would be to link an
> entry to its own parent indicator (also if this could lead to other issues,
> though).

Feel free to do so, there are too many scary bits in libindicator... Although that'd be most likely an ABI break, so P stuff.

> Feel free to do so, there are too many scary bits in libindicator... Although
> that'd be most likely an ABI break, so P stuff.

Well, I agree. But I think that would be redesigned at all with Ted.

Ah, +1 ;)

Looks fine.