[PATCH v2 10/18] bisect: copy filename string obtained from git_path()

[mhagger@alum.mit.edu]

From: Michael Haggerty <mhagger@alum.mit.edu>

Prevent the string from being overwritten by other callers of
git_path() and friends before we are done using it.

Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
---

Otherwise, this bug will be triggered by later patches in the series.

I didn't do a careful code audit of this problem, but it seems very
plausible that that check_ancestors() and/or check_merge_bases() are
guilty.  They certainly do a lot more than should be done while
holding on to a pointer to a statically-allocated buffer.

I cursorily checked other code in the neighborhood for similar abuses,
but it would be good for an expert to look it over.

 bisect.c |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/bisect.c b/bisect.c
index 6e186e2..48acf73 100644
--- a/bisect.c
+++ b/bisect.c
@@ -833,7 +833,7 @@ static int check_ancestors(const char *prefix)
  */
 static void check_good_are_ancestors_of_bad(const char *prefix, int no_checkout)
 {
-	const char *filename = git_path("BISECT_ANCESTORS_OK");
+	char *filename = xstrdup(git_path("BISECT_ANCESTORS_OK"));
 	struct stat st;
 	int fd;
 
@@ -842,11 +842,11 @@ static void check_good_are_ancestors_of_bad(const char *prefix, int no_checkout)
 
 	/* Check if file BISECT_ANCESTORS_OK exists. */
 	if (!stat(filename, &st) && S_ISREG(st.st_mode))
-		return;
+		goto done;
 
 	/* Bisecting with no good rev is ok. */
 	if (good_revs.nr == 0)
-		return;
+		goto done;
 
 	/* Check if all good revs are ancestor of the bad rev. */
 	if (check_ancestors(prefix))
@@ -859,6 +859,8 @@ static void check_good_are_ancestors_of_bad(const char *prefix, int no_checkout)
 			filename, strerror(errno));
 	else
 		close(fd);
+ done:
+	free(filename);
 }
 
 /*
-- 
1.7.10