1 files changed, 249 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch
new file mode 100644
index 0000000000..20137ea5f3
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch
@@ -0,0 +1,249 @@
+From be8834340a2d928ece82025463ae23dee2c333d0 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 4 Feb 2021 13:37:56 +0000
+Subject: [PATCH 02/11] gio: Use g_memdup2() instead of g_memdup() in obvious
+ places
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Convert all the call sites which use `g_memdup()`’s length argument
+trivially (for example, by passing a `sizeof()`), so that they use
+`g_memdup2()` instead.
+In almost all of these cases the use of `g_memdup()` would not have
+caused problems, but it will soon be deprecated, so best port away from
+it.
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+Helps: #2319
+Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz]
+CVE: CVE-2021-27219
+Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com>
+Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
+---
+ gio/gdbusconnection.c                 | 5 +++--
+ gio/gdbusinterfaceskeleton.c          | 3 ++-
+ gio/gfile.c                           | 7 ++++---
+ gio/gsettingsschema.c                 | 5 +++--
+ gio/gwin32registrykey.c               | 8 +++++---
+ gio/tests/async-close-output-stream.c | 6 ++++--
+ gio/tests/gdbus-export.c              | 5 +++--
+ gio/win32/gwinhttpfile.c              | 9 +++++----
+ 8 files changed, 29 insertions(+), 19 deletions(-)
+--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
+@@ -110,6 +110,7 @@
+ #include "gasyncinitable.h"
+ #include "giostream.h"
+ #include "gasyncresult.h"
+#include "gstrfuncsprivate.h"
+ #include "gtask.h"
+ #include "gmarshal-internal.h"
+ 
+@@ -4007,7 +4008,7 @@ _g_dbus_interface_vtable_copy (const GDB
+   /* Don't waste memory by copying padding - remember to update this
+    * when changing struct _GDBusInterfaceVTable in gdbusconnection.h
+    */
+-  return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
+  return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
+ }
+ 
+ static void
+@@ -4024,7 +4025,7 @@ _g_dbus_subtree_vtable_copy (const GDBus
+   /* Don't waste memory by copying padding - remember to update this
+    * when changing struct _GDBusSubtreeVTable in gdbusconnection.h
+    */
+-  return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
+  return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
+ }
+ 
+ static void
+--- a/gio/gdbusinterfaceskeleton.c
+++ b/gio/gdbusinterfaceskeleton.c
+@@ -28,6 +28,7 @@
+ #include "gdbusmethodinvocation.h"
+ #include "gdbusconnection.h"
+ #include "gmarshal-internal.h"
+#include "gstrfuncsprivate.h"
+ #include "gtask.h"
+ #include "gioerror.h"
+ 
+@@ -701,7 +702,7 @@ add_connection_locked (GDBusInterfaceSke
+        * properly before building the hooked_vtable, so we create it
+        * once at the last minute.
+        */
+-      interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
+      interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
+       interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call;
+     }
+ 
+--- a/gio/gfile.c
+++ b/gio/gfile.c
+@@ -60,6 +60,7 @@
+ #include "gasyncresult.h"
+ #include "gioerror.h"
+ #include "glibintl.h"
+#include "gstrfuncsprivate.h"
+ 
+ 
+ /**
+@@ -7854,7 +7855,7 @@ measure_disk_usage_progress (gboolean re
+   g_main_context_invoke_full (g_task_get_context (task),
+                               g_task_get_priority (task),
+                               measure_disk_usage_invoke_progress,
+-                              g_memdup (&progress, sizeof progress),
+                              g_memdup2 (&progress, sizeof progress),
+                               g_free);
+ }
+ 
+@@ -7872,7 +7873,7 @@ measure_disk_usage_thread (GTask
+                                  data->progress_callback ? measure_disk_usage_progress : NULL, task,
+                                  &result.disk_usage, &result.num_dirs, &result.num_files,
+                                  &error))
+-    g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free);
+    g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free);
+   else
+     g_task_return_error (task, error);
+ }
+@@ -7896,7 +7897,7 @@ g_file_real_measure_disk_usage_async (GF
+ 
+   task = g_task_new (file, cancellable, callback, user_data);
+   g_task_set_source_tag (task, g_file_real_measure_disk_usage_async);
+-  g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free);
+  g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free);
+   g_task_set_priority (task, io_priority);
+ 
+   g_task_run_in_thread (task, measure_disk_usage_thread);
+--- a/gio/gsettingsschema.c
+++ b/gio/gsettingsschema.c
+@@ -20,6 +20,7 @@
+ 
+ #include "gsettingsschema-internal.h"
+ #include "gsettings.h"
+#include "gstrfuncsprivate.h"
+ 
+ #include "gvdb/gvdb-reader.h"
+ #include "strinfo.c"
+@@ -1067,9 +1068,9 @@ g_settings_schema_list_children (GSettin
+ 
+       if (g_str_has_suffix (key, "/"))
+         {
+-          gint length = strlen (key);
+          gsize length = strlen (key);
+ 
+-          strv[j] = g_memdup (key, length);
+          strv[j] = g_memdup2 (key, length);
+           strv[j][length - 1] = '\0';
+           j++;
+         }
+--- a/gio/gwin32registrykey.c
+++ b/gio/gwin32registrykey.c
+@@ -28,6 +28,8 @@
+ #include <ntstatus.h>
+ #include <winternl.h>
+ 
+#include "gstrfuncsprivate.h"
+
+ #ifndef _WDMDDK_
+ typedef enum _KEY_INFORMATION_CLASS {
+   KeyBasicInformation,
+@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const
+   new_iter->value_name_size = iter->value_name_size;
+ 
+   if (iter->value_data != NULL)
+-    new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size);
+    new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size);
+ 
+   new_iter->value_data_size = iter->value_data_size;
+ 
+@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const
+   new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize;
+ 
+   if (iter->value_data_expanded_u8 != NULL)
+-    new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8,
+-                                                 iter->value_data_expanded_charsize);
+    new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8,
+                                                  iter->value_data_expanded_charsize);
+ 
+   new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize;
+ 
+--- a/gio/tests/async-close-output-stream.c
+++ b/gio/tests/async-close-output-stream.c
+@@ -24,6 +24,8 @@
+ #include <stdlib.h>
+ #include <string.h>
+ 
+#include "gstrfuncsprivate.h"
+
+ #define DATA_TO_WRITE "Hello world\n"
+ 
+ typedef struct
+@@ -147,9 +149,9 @@ prepare_data (SetupData *data,
+ 
+   data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream));
+ 
+-  g_assert_cmpint (data->expected_size, >, 0);
+  g_assert_cmpuint (data->expected_size, >, 0);
+ 
+-  data->expected_output = g_memdup (written, (guint)data->expected_size);
+  data->expected_output = g_memdup2 (written, data->expected_size);
+ 
+   /* then recreate the streams and prepare them for the asynchronous close */
+   destroy_streams (data);
+--- a/gio/tests/gdbus-export.c
+++ b/gio/tests/gdbus-export.c
+@@ -23,6 +23,7 @@
+ #include <string.h>
+ 
+ #include "gdbus-tests.h"
+#include "gstrfuncsprivate.h"
+ 
+ /* all tests rely on a shared mainloop */
+ static GMainLoop *loop = NULL;
+@@ -671,7 +672,7 @@ subtree_introspect (GDBusConnection
+       g_assert_not_reached ();
+     }
+ 
+-  return g_memdup (interfaces, 2 * sizeof (void *));
+  return g_memdup2 (interfaces, 2 * sizeof (void *));
+ }
+ 
+ static const GDBusInterfaceVTable *
+@@ -727,7 +728,7 @@ dynamic_subtree_introspect (GDBusConnect
+ {
+   const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL };
+ 
+-  return g_memdup (interfaces, 2 * sizeof (void *));
+  return g_memdup2 (interfaces, 2 * sizeof (void *));
+ }
+ 
+ static const GDBusInterfaceVTable *
+--- a/gio/win32/gwinhttpfile.c
+++ b/gio/win32/gwinhttpfile.c
+@@ -29,6 +29,7 @@
+ #include "gio/gfile.h"
+ #include "gio/gfileattribute.h"
+ #include "gio/gfileinfo.h"
+#include "gstrfuncsprivate.h"
+ #include "gwinhttpfile.h"
+ #include "gwinhttpfileinputstream.h"
+ #include "gwinhttpfileoutputstream.h"
+@@ -393,10 +394,10 @@
+   child = g_object_new (G_TYPE_WINHTTP_FILE, NULL);
+   child->vfs = winhttp_file->vfs;
+   child->url = winhttp_file->url;
+-  child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
+-  child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
+-  child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
+-  child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
+  child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
+  child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
+  child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
+  child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
+   child->url.lpszUrlPath = wnew_path;
+   child->url.dwUrlPathLength = wcslen (wnew_path);
+   child->url.lpszExtraInfo = NULL;

diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch new file mode 100644 index 0000000000..20137ea5f3 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-02.patch
@@ -0,0 +1,249 @@
	1	From be8834340a2d928ece82025463ae23dee2c333d0 Mon Sep 17 00:00:00 2001
	2	From: Philip Withnall <pwithnall@endlessos.org>
	3	Date: Thu, 4 Feb 2021 13:37:56 +0000
	4	Subject: [PATCH 02/11] gio: Use g_memdup2() instead of g_memdup() in obvious
	5	places
	6	MIME-Version: 1.0
	7	Content-Type: text/plain; charset=UTF-8
	8	Content-Transfer-Encoding: 8bit
	9
	10	Convert all the call sites which use `g_memdup()`’s length argument
	11	trivially (for example, by passing a `sizeof()`), so that they use
	12	`g_memdup2()` instead.
	13
	14	In almost all of these cases the use of `g_memdup()` would not have
	15	caused problems, but it will soon be deprecated, so best port away from
	16	it.
	17
	18	Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
	19	Helps: #2319
	20
	21	Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz]
	22	CVE: CVE-2021-27219
	23	Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com>
	24	Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
	25
	26	---
	27	gio/gdbusconnection.c \| 5 +++--
	28	gio/gdbusinterfaceskeleton.c \| 3 ++-
	29	gio/gfile.c \| 7 ++++---
	30	gio/gsettingsschema.c \| 5 +++--
	31	gio/gwin32registrykey.c \| 8 +++++---
	32	gio/tests/async-close-output-stream.c \| 6 ++++--
	33	gio/tests/gdbus-export.c \| 5 +++--
	34	gio/win32/gwinhttpfile.c \| 9 +++++----
	35	8 files changed, 29 insertions(+), 19 deletions(-)
	36
	37	--- a/gio/gdbusconnection.c
	38	+++ b/gio/gdbusconnection.c
	39	@@ -110,6 +110,7 @@
	40	#include "gasyncinitable.h"
	41	#include "giostream.h"
	42	#include "gasyncresult.h"
	43	+#include "gstrfuncsprivate.h"
	44	#include "gtask.h"
	45	#include "gmarshal-internal.h"
	46
	47	@@ -4007,7 +4008,7 @@ _g_dbus_interface_vtable_copy (const GDB
	48	/* Don't waste memory by copying padding - remember to update this
	49	* when changing struct _GDBusInterfaceVTable in gdbusconnection.h
	50	*/
	51	- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
	52	+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
	53	}
	54
	55	static void
	56	@@ -4024,7 +4025,7 @@ _g_dbus_subtree_vtable_copy (const GDBus
	57	/* Don't waste memory by copying padding - remember to update this
	58	* when changing struct _GDBusSubtreeVTable in gdbusconnection.h
	59	*/
	60	- return g_memdup ((gconstpointer) vtable, 3 * sizeof (gpointer));
	61	+ return g_memdup2 ((gconstpointer) vtable, 3 * sizeof (gpointer));
	62	}
	63
	64	static void
	65	--- a/gio/gdbusinterfaceskeleton.c
	66	+++ b/gio/gdbusinterfaceskeleton.c
	67	@@ -28,6 +28,7 @@
	68	#include "gdbusmethodinvocation.h"
	69	#include "gdbusconnection.h"
	70	#include "gmarshal-internal.h"
	71	+#include "gstrfuncsprivate.h"
	72	#include "gtask.h"
	73	#include "gioerror.h"
	74
	75	@@ -701,7 +702,7 @@ add_connection_locked (GDBusInterfaceSke
	76	* properly before building the hooked_vtable, so we create it
	77	* once at the last minute.
	78	*/
	79	- interface_->priv->hooked_vtable = g_memdup (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
	80	+ interface_->priv->hooked_vtable = g_memdup2 (g_dbus_interface_skeleton_get_vtable (interface_), sizeof (GDBusInterfaceVTable));
	81	interface_->priv->hooked_vtable->method_call = skeleton_intercept_handle_method_call;
	82	}
	83
	84	--- a/gio/gfile.c
	85	+++ b/gio/gfile.c
	86	@@ -60,6 +60,7 @@
	87	#include "gasyncresult.h"
	88	#include "gioerror.h"
	89	#include "glibintl.h"
	90	+#include "gstrfuncsprivate.h"
	91
	92
	93	/**
	94	@@ -7854,7 +7855,7 @@ measure_disk_usage_progress (gboolean re
	95	g_main_context_invoke_full (g_task_get_context (task),
	96	g_task_get_priority (task),
	97	measure_disk_usage_invoke_progress,
	98	- g_memdup (&progress, sizeof progress),
	99	+ g_memdup2 (&progress, sizeof progress),
	100	g_free);
	101	}
	102
	103	@@ -7872,7 +7873,7 @@ measure_disk_usage_thread (GTask
	104	data->progress_callback ? measure_disk_usage_progress : NULL, task,
	105	&result.disk_usage, &result.num_dirs, &result.num_files,
	106	&error))
	107	- g_task_return_pointer (task, g_memdup (&result, sizeof result), g_free);
	108	+ g_task_return_pointer (task, g_memdup2 (&result, sizeof result), g_free);
	109	else
	110	g_task_return_error (task, error);
	111	}
	112	@@ -7896,7 +7897,7 @@ g_file_real_measure_disk_usage_async (GF
	113
	114	task = g_task_new (file, cancellable, callback, user_data);
	115	g_task_set_source_tag (task, g_file_real_measure_disk_usage_async);
	116	- g_task_set_task_data (task, g_memdup (&data, sizeof data), g_free);
	117	+ g_task_set_task_data (task, g_memdup2 (&data, sizeof data), g_free);
	118	g_task_set_priority (task, io_priority);
	119
	120	g_task_run_in_thread (task, measure_disk_usage_thread);
	121	--- a/gio/gsettingsschema.c
	122	+++ b/gio/gsettingsschema.c
	123	@@ -20,6 +20,7 @@
	124
	125	#include "gsettingsschema-internal.h"
	126	#include "gsettings.h"
	127	+#include "gstrfuncsprivate.h"
	128
	129	#include "gvdb/gvdb-reader.h"
	130	#include "strinfo.c"
	131	@@ -1067,9 +1068,9 @@ g_settings_schema_list_children (GSettin
	132
	133	if (g_str_has_suffix (key, "/"))
	134	{
	135	- gint length = strlen (key);
	136	+ gsize length = strlen (key);
	137
	138	- strv[j] = g_memdup (key, length);
	139	+ strv[j] = g_memdup2 (key, length);
	140	strv[j][length - 1] = '\0';
	141	j++;
	142	}
	143	--- a/gio/gwin32registrykey.c
	144	+++ b/gio/gwin32registrykey.c
	145	@@ -28,6 +28,8 @@
	146	#include <ntstatus.h>
	147	#include <winternl.h>
	148
	149	+#include "gstrfuncsprivate.h"
	150	+
	151	#ifndef _WDMDDK_
	152	typedef enum _KEY_INFORMATION_CLASS {
	153	KeyBasicInformation,
	154	@@ -247,7 +249,7 @@ g_win32_registry_value_iter_copy (const
	155	new_iter->value_name_size = iter->value_name_size;
	156
	157	if (iter->value_data != NULL)
	158	- new_iter->value_data = g_memdup (iter->value_data, iter->value_data_size);
	159	+ new_iter->value_data = g_memdup2 (iter->value_data, iter->value_data_size);
	160
	161	new_iter->value_data_size = iter->value_data_size;
	162
	163	@@ -268,8 +270,8 @@ g_win32_registry_value_iter_copy (const
	164	new_iter->value_data_expanded_charsize = iter->value_data_expanded_charsize;
	165
	166	if (iter->value_data_expanded_u8 != NULL)
	167	- new_iter->value_data_expanded_u8 = g_memdup (iter->value_data_expanded_u8,
	168	- iter->value_data_expanded_charsize);
	169	+ new_iter->value_data_expanded_u8 = g_memdup2 (iter->value_data_expanded_u8,
	170	+ iter->value_data_expanded_charsize);
	171
	172	new_iter->value_data_expanded_u8_size = iter->value_data_expanded_charsize;
	173
	174	--- a/gio/tests/async-close-output-stream.c
	175	+++ b/gio/tests/async-close-output-stream.c
	176	@@ -24,6 +24,8 @@
	177	#include <stdlib.h>
	178	#include <string.h>
	179
	180	+#include "gstrfuncsprivate.h"
	181	+
	182	#define DATA_TO_WRITE "Hello world\n"
	183
	184	typedef struct
	185	@@ -147,9 +149,9 @@ prepare_data (SetupData *data,
	186
	187	data->expected_size = g_memory_output_stream_get_data_size (G_MEMORY_OUTPUT_STREAM (data->data_stream));
	188
	189	- g_assert_cmpint (data->expected_size, >, 0);
	190	+ g_assert_cmpuint (data->expected_size, >, 0);
	191
	192	- data->expected_output = g_memdup (written, (guint)data->expected_size);
	193	+ data->expected_output = g_memdup2 (written, data->expected_size);
	194
	195	/* then recreate the streams and prepare them for the asynchronous close */
	196	destroy_streams (data);
	197	--- a/gio/tests/gdbus-export.c
	198	+++ b/gio/tests/gdbus-export.c
	199	@@ -23,6 +23,7 @@
	200	#include <string.h>
	201
	202	#include "gdbus-tests.h"
	203	+#include "gstrfuncsprivate.h"
	204
	205	/* all tests rely on a shared mainloop */
	206	static GMainLoop *loop = NULL;
	207	@@ -671,7 +672,7 @@ subtree_introspect (GDBusConnection
	208	g_assert_not_reached ();
	209	}
	210
	211	- return g_memdup (interfaces, 2 * sizeof (void *));
	212	+ return g_memdup2 (interfaces, 2 * sizeof (void *));
	213	}
	214
	215	static const GDBusInterfaceVTable *
	216	@@ -727,7 +728,7 @@ dynamic_subtree_introspect (GDBusConnect
	217	{
	218	const GDBusInterfaceInfo *interfaces[2] = { &dyna_interface_info, NULL };
	219
	220	- return g_memdup (interfaces, 2 * sizeof (void *));
	221	+ return g_memdup2 (interfaces, 2 * sizeof (void *));
	222	}
	223
	224	static const GDBusInterfaceVTable *
	225	--- a/gio/win32/gwinhttpfile.c
	226	+++ b/gio/win32/gwinhttpfile.c
	227	@@ -29,6 +29,7 @@
	228	#include "gio/gfile.h"
	229	#include "gio/gfileattribute.h"
	230	#include "gio/gfileinfo.h"
	231	+#include "gstrfuncsprivate.h"
	232	#include "gwinhttpfile.h"
	233	#include "gwinhttpfileinputstream.h"
	234	#include "gwinhttpfileoutputstream.h"
	235	@@ -393,10 +394,10 @@
	236	child = g_object_new (G_TYPE_WINHTTP_FILE, NULL);
	237	child->vfs = winhttp_file->vfs;
	238	child->url = winhttp_file->url;
	239	- child->url.lpszScheme = g_memdup (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
	240	- child->url.lpszHostName = g_memdup (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
	241	- child->url.lpszUserName = g_memdup (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
	242	- child->url.lpszPassword = g_memdup (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
	243	+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2);
	244	+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2);
	245	+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2);
	246	+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2);
	247	child->url.lpszUrlPath = wnew_path;
	248	child->url.dwUrlPathLength = wcslen (wnew_path);
	249	child->url.lpszExtraInfo = NULL;