From: Jeff King <peff@peff.net>
To: Derrick Stolee <stolee@gmail.com>
Cc: Mike Hommey <mh@glandium.org>, Junio C Hamano <gitster@pobox.com>,
git@vger.kernel.org
Subject: Re: [PATCH] Fix leak in credential_apply_config
Date: Fri, 20 Aug 2021 13:56:20 -0400 [thread overview]
Message-ID: <YR/sxISzR0RebVMZ@coredump.intra.peff.net> (raw)
In-Reply-To: <ffa1786e-f69f-3d76-98dc-7fa5cdbd31c0@gmail.com>
On Fri, Aug 20, 2021 at 10:58:56AM -0400, Derrick Stolee wrote:
> On 8/20/2021 4:44 AM, Mike Hommey wrote:
> > normalized_url = url_normalize(url.buf, &config.url);
> >
> > git_config(urlmatch_config_entry, &config);
> > + string_list_clear(&config.vars, 1);
> > free(normalized_url);
> > strbuf_release(&url);
>
> A good find! This is obviously correct and a valuable change
> to make. If you are interested in doing a little extra work,
> then I think there is something more we could do here.
>
> I took a look at the rest of "struct urlmatch_config" to see
> if anything else needed to be cleared, and it turns out that
> config.url.url is an allocated string, but happens to be
> equal to normalized_url, which is freed here.
>
> Perhaps the optimal organization would be to have a
> clear_urlmatch_config() method that clears all allocated data
> within the config, and change things like url_normalize()
> return a 'const char *' to make it clear that the url should
> be freed somewhere else.
Yeah, I had the same thought; it feels like we're peeking into details
of how url_config works (especially the knowledge that we we should be
passing free_util).
> It would help unify the handling of code that is somewhat
> duplicated (but slightly different each time) across
> credential_apply_config(), http_init(), get_urlmatch(),
> and cmd__urlmatch_normalization().
Agreed. It looks like http_init() has the same leak that is fixed here.
-Peff
next prev parent reply other threads:[~2021-08-20 17:56 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-20 8:44 [PATCH] Fix leak in credential_apply_config Mike Hommey
2021-08-20 14:58 ` Derrick Stolee
2021-08-20 17:56 ` Jeff King [this message]
2021-08-20 17:57 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YR/sxISzR0RebVMZ@coredump.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mh@glandium.org \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.