Invalid UTF-8 GLib warning when running specially crafted command with pkexec

[vejkse]

Describe the bug

If I pass specially crafted arguments with some non-ASCII characters to programs run with pkexec, I get this warning:

(process:43224): GLib-CRITICAL **: 12:37:52.308: g_variant_new_string(): requires valid UTF-8

This doesn’t prevent authentication and/or the normal execution of the command.

To Reproduce

Steps to reproduce the behavior:

1. Create an empty executable /usr/local/bin/abcdefghi.
2. Run pkexec abcdefghi __________________ö____________________é______________
3. The warning (process:49007): GLib-CRITICAL **: 13:07:10.968: g_variant_new_string(): requires valid UTF-8 appears twice, then I’m asked to authenticate myself.

Notes:

• The program full path must have at least 24 characters.
• The special argument can also be the second, the third, etc.
• The special argument must have exactly 54 characters (a bit less or a bit more and I cannot reproduce the bug — it’s possible that very different lengths would work).
• The special argument must have a non-ASCII character in the 19th position, and another non-ASCII character in any of the following positions. The other characters can be “anything”.
• The program /usr/local/bin/abcdefghi must exists, if it doesn’t, the warning doesn’t appear.
• The warning appears twice if an authentication is required, but only once if not.
• The program runs afterward, so this is not a blocking error.

(I was quite lucky to stumble upon an argument that matches these conditions!)

Expected behavior

No such warning.

Desktop (please complete the following information):

• OS (including version): Linux 6.14.3-arch1-1
• Desktop Environment [Gnome, KDE, ...]: XMonad
• Version of polkit: 126

Please...

Here’s the output of journalctl -u polkit.service for one such run (the failure of authentication is because I cancelled):

Apr 30 13:13:34 arckse2 polkitd[1010]: Registered Authentication Agent for unix-process:49886:2140794 (system bus name :1.855 [pkexec abcdefghi __________________ö____________________é______________], object path /org/freedesktop/PolicyKi>
Apr 30 13:13:35 arckse2 polkitd[1010]: Unregistered Authentication Agent for unix-process:49886:2140794 (system bus name :1.855, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Apr 30 13:13:35 arckse2 polkitd[1010]: Operator of unix-process:49886:2140794 FAILED to authenticate to gain authorization for action org.freedesktop.policykit.exec for unix-process:49886:2140794 [/bin/bash] (owned by unix-user:vejkse)