2017-02-28 Carlos Garnacho Release 1.11.4 tracker-extract: Cache TrackerConfig::max-bytes This is the only setting read from extractor modules. It turns out that under the right circumstances a g_settings_get_value() call can trigger open() calls with readwrite permissions from the caller thread. This is forbidden in extractor threads and triggers warnings like: dconf-CRITICAL **: unable to create file '/run/user/1000/dconf/user': Permission denied. dconf will not work properly. Also, since this setting is meaningless to update during tracker-extract lifetime, just drop the g_settings_bind() call, this means the setting is only read once on startup. https://bugzilla.gnome.org/show_bug.cgi?id=779342 tracker-needle: Fix build with up-to-date gtk+ vapi The GtkListStore remove method now takes a ref TreeIter. tracker-preferences: Fix build with up-to-date gtk+ vapi The GtkListStore remove method now takes a ref TreeIter. tracker-extract: Avoid allocating full image in memory at once Just read it line by line reusing the same buffer, it will still let us to fetch metadata at the end of the file. https://bugzilla.gnome.org/show_bug.cgi?id=778090 2017-02-28 Mario Blättermann Update German translation 2017-02-27 Chao-Hsiung Liao Update Chinese (Taiwan) translation 2017-02-26 Мирослав Николић Updated Serbian translation 2017-02-26 Fran Dieguez Updated Galician translations 2017-02-24 Carlos Garnacho libtracker-data: Use memory temp store for readonly connections It seems a bit harsh that fts queries on readonly interfaces fail if / is full because a tmp file for the fts view couldn't be created. Let readonly clients fully operate on memory for these cases. tracker-store: Create our own error if cancelled No functional change, but fixes coverity warning about g_cancellable_set_error_if_cancelled() return value being unchecked, as vala would just check the returned error pointer. Coverity ID: 1298211 libtracker-common: Be more lenient with dup2/dup3 And allow these to manipulate stdin/out/err. They may close file descriptors, but they don't grant access to anything the process wouldn't have already access for, anyway. libtracker-data: Clear possible error The same GError may be reused further ahead, which would doubly free it as it gets non-NULL again to error handling paths. 2017-02-23 Sam Thursfield Fix pointer signedness warnings It's a bit ugly that GLib string functions take signed chars and SQLite'3 string functions return unsigned chars. We could disable that warning instead but maybe it's useful in some other places. Remove superfluous struct initializer Remove some unused variables 2017-02-22 Claude Paroz Updated French translation 2017-02-19 Kjartan Maraas Updated Norwegian bokmål translation. 2017-02-18 Jiri Grönroos Update Finnish translation 2017-02-18 Anders Jonsson Update Swedish translation 2017-02-16 Ask Hjorth Larsen Updated Danish translation 2017-02-13 Inaki Larranaga Murgoitio Update Basque language 2017-02-06 Sam Thursfield configure.ac: Remove obsolete bits for 'external' media handler There's no code to actually implement this nowadays, the configure.ac stuff is a relic. 2017-02-05 Philip Withnall tracker-extract: Clarify untrusted value checks When validating the values of csize and tsize (as they are read from a potentially untrusted MP3 file), put them as the left-hand operand in the comparison by themselves, without adding anything which: • confuses Coverity; • potentially overflows. Coverity ID: 1399652 https://bugzilla.gnome.org/show_bug.cgi?id=778206 tracker-extract: Clarify a magic number Looks like this is the value of the header and frame sizes. https://bugzilla.gnome.org/show_bug.cgi?id=778206 2017-02-04 Sam Thursfield Don't store path to the source tree in binaries The tracker-needle & tracker-preferences tools had a developer convenience that would hardcode the path to the source tree into the binaries, so that while developing you could edit the .ui files without having to rerun `make install` afterwards. It's not good to enable this sort of thing in non-debug binaries, and also it prevents the binaries from being bit-for-bit reproducible. This problem was detected by the Debian reproducible builds CI system: https://tests.reproducible-builds.org/tracker 2017-01-31 Debarshi Ray tracker-extract-png: Insert "nfo:image-category-screenshot" as a URI This is not a string, but a builtin class, so it must be dealt with as a URI. https://bugzilla.gnome.org/show_bug.cgi?id=776723 2017-01-30 Carlos Garnacho examples: Check tracker_sparql_cursor_next() return value. Coverity ID: 1188420 examples: Drop unneeded g_object_unref() call Another one. Coverity ID: 1188470 libtracker-extract: Remove initialize arg from load_module() It's now TRUE from all call points, so just make it happen by default. libtracker-extract: Remove dead code These functions are now unused, and libtracker-extract is private to Tracker. So these functions can be just removed. tracker-extract: Take gstreamer initialization to plugin init phase The gst_init() call may end up rebuilding the registry, so should be happening outside the sandbox. tracker-extract: Ensure extract modules are initialized on startup This takes module initialization out of the sandbox. Modules are trusted bits of code, so only the extract function must be taken as untrusted. tracker-extract: Add helpers to retrieve BE uints/sizes from MP3 ID3 tags The current code pretty much seems to assume that the host byte order is little endian, as multibyte data contained in ID3 frames is BE and byte swapping is performed. Add helpers that do care to translate that to the host memory order. 2017-01-29 Carlos Garnacho tracker-extract: Check size specified in id3v2.0/2.3/2.4 frames It might be conceivably used to read past mmap()ped memory boundaries given the right conditions. Bailing out early avoids that. Coverity ID: 1298199 (Tentative fix) 2017-01-28 Carlos Garnacho examples: Check for NULL cursors in class-signal example It is unlikely to receive errors on queries there, but still this is an example, so better be correct there. Coverity ID: 1188420 libtracker-data: Make tracker_ontology_[write|load]_gvdb return a boolean Those return a GError already, so returning a boolean too sounds consistent with GLib APIs. Coincidentally fixes an "Unchecked return value" Coverity warning with gvdb_table_write_contents(), we now do propagate it. Coverity ID: 1188424 examples: Drop unneeded g_object_unref() call The cursor will be NULL in the error paths, no need to try to unref it. Coverity ID: 1188470 libtracker-data: Remove graph_id argument from resource_buffer_switch() It is unused. The graph argument is important though, because we ensure a resource ID is created for it if it doesn't exist yet. Coverity ID: 1188466 libtracker-fts: Clarify code flow The xInst function pointer can't return a <0 column here, so in practical effects an offsets array is ensured to be created on the first iteration. It might not seem like that to the keen eye, nor Coverity. Coverity ID: 1388715 docs: Make error message actually useful It's an error, not a stroke. 2017-01-28 Piotr Drąg Fix translator comments They need to be exactly one line above a string to show up in .po files. 2017-01-27 Carlos Garnacho Revert "tracker-extract, png: Fix DLNA profiles" This reverts commit 89baaa45a70e5d50462bbd4e5b89dbb2c221e701. The reasons to classify all pngs as PNG_LRG went away with the maemo bugzilla. The reason isn't clear and seems to go against the DNLA spec (at least, how gupnp-dlna understands it, which Tracker took inspiration from). This commit also made the if (profile)... check below useless, which raised warnings in Coverity. Coverity ID: 1298205 https://bugzilla.gnome.org/show_bug.cgi?id=777819 2017-01-25 Philip Withnall libtracker-miner: Fix use of an uninitialised variable In the error path, finish_current_directory() was called on `notifier` before it had been initialised. Coverity CID: 1397952 https://bugzilla.gnome.org/show_bug.cgi?id=777725 2017-01-24 Carlos Garnacho utils: drop "--pkg gee-0.8" This is unneeded now. utils: Drop libgee dependency It's only used on the tracker-resdump helper, and can be easily replaced with the GLib counterparts. 2017-01-23 Philip Withnall tracker-seccomp: Check syscall availability at runtime not compile time This makes our seccomp() protection independent of the exact kernel version Tracker is built against. https://bugzilla.gnome.org/show_bug.cgi?id=777591 tracker-seccomp: Rewrap macros to make them clearer This introduces no functional changes. https://bugzilla.gnome.org/show_bug.cgi?id=777591 2017-01-22 Philip Withnall tracker-seccomp: Add checks for mlock2() and getrandom() syscalls On older kernels, these syscalls did not exist, so the __NR_* syscall number definition does not exist for them, and compilation fails. Make the seccomp rules for them conditional on the syscall numbers existing. https://bugzilla.gnome.org/show_bug.cgi?id=777591 2017-01-20 Piotr Drąg Update Polish translation 2017-01-20 Sam Thursfield libtracker-sparql: Fix bad serialization of date/time values TrackerResource was creating bad SPARQL & Turtle from GDateTime values. If you saw this... GDBus.Error:org.freedesktop.Tracker1.SparqlError.Type: Not a ISO 8601 date string. Allowed form is [-]CCYY-MM-DDThh:mm:ss[Z|(+|-)hh:mm] ...it's because in the arguments for g_date_time_format() I confused %S (seconds since the last minute) with %s (seconds since 1st January 1970). That's a lot of extra seconds. libtracker-sparql: Remove some unused variables from tracker-resource.c 2017-01-19 Carlos Garnacho libtracker-common: Whitelist waitid/waitpid/wait4 https://bugzilla.gnome.org/show_bug.cgi?id=776117 libtracker-common: Whitelist getpid() syscall https://bugzilla.gnome.org/show_bug.cgi?id=776117 2017-01-18 Dušan Kazik Update Slovak translation