@@ -1303,6 +1303,7 @@ dist_patch_DATA = \
%D%/packages/patches/guile-rsvg-pkgconfig.patch \
%D%/packages/patches/guile-emacs-fix-configure.patch \
%D%/packages/patches/gtk2-fix-builder-test.patch \
+ %D%/packages/patches/gtk2-harden-list-store.patch \
%D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \
%D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \
%D%/packages/patches/gtk2-theme-paths.patch \
@@ -1014,6 +1014,7 @@ (define-public gtk+-2
"1nn6kks1zyvb5xikr9y2k7r9bwjy1g4b0m0s66532bclymbwfamc"))
(patches (search-patches "gtk2-respect-GUIX_GTK2_PATH.patch"
"gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch"
+ "gtk2-harden-list-store.patch"
"gtk2-theme-paths.patch"
"gtk2-fix-builder-test.patch"))))
(build-system gnu-build-system)
new file mode 100644
@@ -0,0 +1,42 @@
+Backport the implementation of gtk_list_store_iter_is_valid from gtk+-3.
+
+Index: gtk+-2.24.33/gtk/gtkliststore.c
+===================================================================
+--- gtk+-2.24.33.orig/gtk/gtkliststore.c
++++ gtk+-2.24.33/gtk/gtkliststore.c
+@@ -1195,16 +1195,31 @@ gboolean
+ gtk_list_store_iter_is_valid (GtkListStore *list_store,
+ GtkTreeIter *iter)
+ {
++ GSequenceIter *seq_iter;
++
+ g_return_val_if_fail (GTK_IS_LIST_STORE (list_store), FALSE);
+ g_return_val_if_fail (iter != NULL, FALSE);
+
+- if (!VALID_ITER (iter, list_store))
+- return FALSE;
++ /* can't use VALID_ITER() here, because iter might point
++ * to random memory.
++ *
++ * We MUST NOT dereference it.
++ */
+
+- if (g_sequence_iter_get_sequence (iter->user_data) != list_store->seq)
++ if (iter == NULL ||
++ iter->user_data == NULL ||
++ list_store->stamp != iter->stamp)
+ return FALSE;
+
+- return TRUE;
++ for (seq_iter = g_sequence_get_begin_iter (list_store->seq);
++ !g_sequence_iter_is_end (seq_iter);
++ seq_iter = g_sequence_iter_next (seq_iter))
++ {
++ if (seq_iter == iter->user_data)
++ return TRUE;
++ }
++
++ return FALSE;
+ }
+
+ static gboolean real_gtk_list_store_row_draggable (GtkTreeDragSource *drag_source,