[16/20] remote: fix leaks when matching refspecs

Message ID	e1d0be37636a1ec46b4fe52613582ba71a47868b.1724159575.git.ps@pks.im (mailing list archive)
State	Superseded
Headers	show Received: from fhigh8-smtp.messagingengine.com (fhigh8-smtp.messagingengine.com [103.168.172.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C17F5191F93 for <git@vger.kernel.org>; Tue, 20 Aug 2024 14:05:52 +0000 (UTC) Feedback-ID: i197146af:Fastmail Date: Tue, 20 Aug 2024 16:05:49 +0200 From: Patrick Steinhardt <ps@pks.im> To: git@vger.kernel.org Subject: [PATCH 16/20] remote: fix leaks when matching refspecs Message-ID: <e1d0be37636a1ec46b4fe52613582ba71a47868b.1724159575.git.ps@pks.im> References: <cover.1724159575.git.ps@pks.im> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <cover.1724159575.git.ps@pks.im>
Series	Memory leak fixes (pt.5) \| expand [00/20] Memory leak fixes (pt.5) [01/20] mailinfo: fix leaking header data [02/20] convert: fix leaks when resetting attributes [03/20] pretty: fix memory leaks when parsing pretty formats [04/20] pretty: fix leaking key/value separator buffer [05/20] builtin/merge-tree: fix leaking `-X` strategy options [06/20] builtin/upload-archive: fix leaking args passed to `write_archive()` [07/20] builtin/archive: fix leaking `OPT_FILENAME()` value [08/20] midx-write: fix leaking hashfile on error cases [09/20] builtin/repack: fix leaks when computing packs to repack [10/20] t/helper: fix leaking multi-pack-indices in "read-midx" [11/20] transport: fix leaking OID arrays in git:// transport data [12/20] builtin/send-pack: fix leaking refspecs [13/20] sideband: fix leaks when configuring sideband colors [14/20] builtin/fetch-pack: fix leaking refs [15/20] remote: fix leaking config strings [16/20] remote: fix leaks when matching refspecs [17/20] remote: fix leaking peer ref when expanding refmap [18/20] builtin/fetch: fix leaking transaction with `--atomic` [19/20] transport: fix leaking arguments when fetching from bundle [20/20] transport: fix leaking negotiation tips

Message ID

e1d0be37636a1ec46b4fe52613582ba71a47868b.1724159575.git.ps@pks.im (mailing list archive)

State

Superseded

Headers

Feedback-ID: i197146af:Fastmail
Date: Tue, 20 Aug 2024 16:05:49 +0200
From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Subject: [PATCH 16/20] remote: fix leaks when matching refspecs
Message-ID: 
 <e1d0be37636a1ec46b4fe52613582ba71a47868b.1724159575.git.ps@pks.im>
References: <cover.1724159575.git.ps@pks.im>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cover.1724159575.git.ps@pks.im>

Series

Memory leak fixes (pt.5) | expand

Commit Message

Patrick Steinhardt Aug. 20, 2024, 2:05 p.m. UTC

In `match_explicit()`, we try to match a source ref with a destination
ref according to a refspec item. This matching sometimes requires us to
allocate a new source spec so that it looks like we expect. And while we
in some end up assigning this allocated ref as `peer_ref`, which hands
over ownership of it to the caller, in other cases we don't. We neither
free it though, causing a memory leak.

Fix the leak by creating a common exit path where we can easily free the
source ref in case it is allocated and hasn't been handed over to the
caller.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
 remote.c          | 43 +++++++++++++++++++++++++++++--------------
 t/t5505-remote.sh |  1 +
 2 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/remote.c b/remote.c
index 3087437bc61..892a47086db 100644
--- a/remote.c
+++ b/remote.c
@@ -1325,18 +1325,21 @@  static int match_explicit(struct ref *src, struct ref *dst,
 			  struct ref ***dst_tail,
 			  struct refspec_item *rs)
 {
-	struct ref *matched_src, *matched_dst;
-	int allocated_src;
+	struct ref *matched_src = NULL, *matched_dst = NULL;
+	int allocated_src = 0, ret;
 
 	const char *dst_value = rs->dst;
 	char *dst_guess;
 
-	if (rs->pattern || rs->matching || rs->negative)
-		return 0;
+	if (rs->pattern || rs->matching || rs->negative) {
+		ret = 0;
+		goto out;
+	}
 
-	matched_src = matched_dst = NULL;
-	if (match_explicit_lhs(src, rs, &matched_src, &allocated_src) < 0)
-		return -1;
+	if (match_explicit_lhs(src, rs, &matched_src, &allocated_src) < 0) {
+		ret = -1;
+		goto out;
+	}
 
 	if (!dst_value) {
 		int flag;
@@ -1375,18 +1378,30 @@  static int match_explicit(struct ref *src, struct ref *dst,
 		      dst_value);
 		break;
 	}
-	if (!matched_dst)
-		return -1;
-	if (matched_dst->peer_ref)
-		return error(_("dst ref %s receives from more than one src"),
-			     matched_dst->name);
-	else {
+
+	if (!matched_dst) {
+		ret = -1;
+		goto out;
+	}
+
+	if (matched_dst->peer_ref) {
+		ret = error(_("dst ref %s receives from more than one src"),
+			    matched_dst->name);
+		goto out;
+	} else {
 		matched_dst->peer_ref = allocated_src ?
 					matched_src :
 					copy_ref(matched_src);
 		matched_dst->force = rs->force;
+		matched_src = NULL;
 	}
-	return 0;
+
+	ret = 0;
+
+out:
+	if (allocated_src)
+		free_one_ref(matched_src);
+	return ret;
 }
 
 static int match_explicit_refs(struct ref *src, struct ref *dst,
diff --git a/t/t5505-remote.sh b/t/t5505-remote.sh
index 08424e878e1..532035933f3 100755
--- a/t/t5505-remote.sh
+++ b/t/t5505-remote.sh
@@ -2,6 +2,7 @@ 
 
 test_description='git remote porcelain-ish'
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 
 setup_repository () {

[16/20] remote: fix leaks when matching refspecs

Commit Message

Patch