This fixes the memory leak below:
$ sudo valgrind -v --leak-check=full fwupdtool get-devices
(...)
==3244345== 133 (64 direct, 69 indirect) bytes in 2 blocks are definitely lost in loss record 2,488 of 2,681
==3244345== at 0x4845899: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3244345== by 0x4C04D59: g_malloc (in /usr/lib/libglib-2.0.so.0.7000.4)
==3244345== by 0x4C1C816: g_slice_alloc (in /usr/lib/libglib-2.0.so.0.7000.4)
==3244345== by 0x4C1CE9E: g_slice_alloc0 (in /usr/lib/libglib-2.0.so.0.7000.4)
==3244345== by 0x4B84684: g_type_create_instance (in /usr/lib/libgobject-2.0.so.0.7000.4)
==3244345== by 0x4B6BB65: ??? (in /usr/lib/libgobject-2.0.so.0.7000.4)
==3244345== by 0x4B6CAF4: g_object_new_with_properties (in /usr/lib/libgobject-2.0.so.0.7000.4)
==3244345== by 0x4B6D659: g_object_new (in /usr/lib/libgobject-2.0.so.0.7000.4)
==3244345== by 0x4AA8969: ??? (in /usr/lib/libgio-2.0.so.0.7000.4)
==3244345== by 0x153967: fu_engine_load_local_metadata_watches (fu-engine.c:7050)
==3244345== by 0x1540FC: fu_engine_load (fu-engine.c:7230)
==3244345== by 0x124D29: fu_util_start_engine (fu-tool.c:262)
(...)
==3244345== LEAK SUMMARY:
==3244345== definitely lost: 64 bytes in 2 blocks
==3244345== indirectly lost: 69 bytes in 2 blocks
==3244345== possibly lost: 1,936 bytes in 8 blocks
==3244345== still reachable: 234,668 bytes in 3,072 blocks
==3244345== suppressed: 0 bytes in 0 blocks
==3244345== Reachable blocks (those to which a pointer was found) are not shown.
==3244345== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==3244345==
==3244345== ERROR SUMMARY: 9 errors from 9 contexts (suppressed: 0 from 0)
Change-Id: I391eabfb1ef6eadbad100273445794172b2cb1fd
Fixes https://github.com/fwupd/fwupd/issues/4366
Based on a patch by Daniel Campello <campello@chromium.org>, many thanks.
tristate features will automatically disable if dependencies marked
as required are missing.
Packagers can manually override using `auto_features`.
Link: https://mesonbuild.com/Build-options.html#features
Current behavior is that only first checksum is used from metadata if no
<artifacts> section is present. Change this to process all checksums
available.
Change-Id: I03771971bee0fb7960460094bf0790d29bf11e0a
Although we can compile against older versions, we can't actually work
as current firmware.jcat metadata from the LVFS needs these commits:
109399e1f2583df67e3e
If it helps, 0.1.4 was released in October *2020*.
This allows us to show in the tools if a device is currently affected
by a specific CVE. For instance, we could inform the user that a device
requires a critical firmware update that is being actively exploited.
Note, this also means we can show the user a firmware update is now
required, even though the firmware may not be available on the LVFS.
Also show the issue in the `fwupdmgr security` output, e.g.
There are devices with issues:
Samsung — MZVLB2T0HALB-000L7:
• CVE-2022-12345
• CVE-2022-54321
This adds support for optionally using a UNIX domain socket where a
D-Bus daemon may not be running.
To use this, launch the daemon and clients with something like
`FWUPD_DBUS_SOCKET=/var/run/fwupd.sock fwupdmgr get-devices`
This makes it easier to test the fwupd in the installed tests:
sudo gdbus call --system \
--dest org.freedesktop.fwupd \
--object-path / \
--method org.freedesktop.fwupd.Quit
