[v2,03/23] git: fix leaking argv when handling builtins

Message ID	ea3dd851add1eeb5d53063847b73480b5f6245ed.1727351062.git.ps@pks.im (mailing list archive)
State	Accepted
Commit	3aef7a05adb2868118181eb5605fffa65a9af2c8
Headers	show Received: from fhigh-a7-smtp.messagingengine.com (fhigh-a7-smtp.messagingengine.com [103.168.172.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D8410175D2F for <git@vger.kernel.org>; Thu, 26 Sep 2024 11:46:10 +0000 (UTC) Feedback-ID: i197146af:Fastmail Date: Thu, 26 Sep 2024 13:46:06 +0200 From: Patrick Steinhardt <ps@pks.im> To: git@vger.kernel.org Cc: Justin Tobler <jltobler@gmail.com>, Junio C Hamano <gitster@pobox.com> Subject: [PATCH v2 03/23] git: fix leaking argv when handling builtins Message-ID: <ea3dd851add1eeb5d53063847b73480b5f6245ed.1727351062.git.ps@pks.im> References: <cover.1726484308.git.ps@pks.im> <cover.1727351062.git.ps@pks.im> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <cover.1727351062.git.ps@pks.im>
Series	Memory leak fixes (pt.7) \| expand [v2,00/23] Memory leak fixes (pt.7) [v2,01/23] builtin/help: fix dangling reference to `html_path` [v2,02/23] builtin/help: fix leaking `html_path` when reading config multiple times [v2,03/23] git: fix leaking argv when handling builtins [v2,04/23] submodule: fix leaking update strategy [v2,05/23] builtin/submodule--helper: clear child process when not running it [v2,06/23] builtin/submodule--helper: fix leaking error buffer [v2,07/23] t/helper: fix leaking subrepo in nested submodule config helper [v2,08/23] builtin/submodule--helper: fix leaking remote ref on errors [v2,09/23] dir: fix off by one errors for ignored and untracked entries [v2,10/23] builtin/pull: fix leaking "ff" option [v2,11/23] diff: fix leaking orderfile option [v2,12/23] parse-options: free previous value of `OPTION_FILENAME` [v2,13/23] diffcore-order: fix leaking buffer when parsing orderfiles [v2,14/23] builtin/repack: fix leaking configuration [v2,15/23] builtin/difftool: plug several trivial memory leaks [v2,16/23] trace2: destroy context stored in thread-local storage [v2,17/23] submodule: fix leaking submodule ODB paths [v2,18/23] grep: fix leaking grep pattern [v2,19/23] promisor-remote: fix leaking partial clone filter [v2,20/23] builtin/maintenance: fix leaking config string [v2,21/23] builtin/maintenance: fix leak in `get_schedule_cmd()` [v2,22/23] revision: fix leaking parents when simplifying commits [v2,23/23] diffcore-break: fix leaking filespecs when merging broken pairs

Message ID

ea3dd851add1eeb5d53063847b73480b5f6245ed.1727351062.git.ps@pks.im (mailing list archive)

State

Accepted

Commit

3aef7a05adb2868118181eb5605fffa65a9af2c8

Headers

Feedback-ID: i197146af:Fastmail
Date: Thu, 26 Sep 2024 13:46:06 +0200
From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Cc: Justin Tobler <jltobler@gmail.com>, Junio C Hamano <gitster@pobox.com>
Subject: [PATCH v2 03/23] git: fix leaking argv when handling builtins
Message-ID: 
 <ea3dd851add1eeb5d53063847b73480b5f6245ed.1727351062.git.ps@pks.im>
References: <cover.1726484308.git.ps@pks.im>
 <cover.1727351062.git.ps@pks.im>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cover.1727351062.git.ps@pks.im>

Series

Memory leak fixes (pt.7) | expand

Commit Message

Patrick Steinhardt Sept. 26, 2024, 11:46 a.m. UTC

In `handle_builtin()` we may end up creating an ad-hoc argv array in
case we see that the command line contains the "--help" parameter. In
this case we observe two memory leaks though:

  - We leak the `struct strvec` itself because we directly exit after
    calling `run_builtin()`, without bothering about any cleanups.

  - Even if we free'd that vector we'd end up leaking some of its
    strings because `run_builtin()` will modify the array.

Plug both of these leaks.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
 git.c           | 22 +++++++++++++++++++---
 t/t0012-help.sh |  1 +
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/git.c b/git.c
index 9a618a2740..3c7fabfda2 100644
--- a/git.c
+++ b/git.c
@@ -711,6 +711,7 @@  static void strip_extension(const char **argv)
 static void handle_builtin(int argc, const char **argv)
 {
 	struct strvec args = STRVEC_INIT;
+	const char **argv_copy = NULL;
 	const char *cmd;
 	struct cmd_struct *builtin;
 
@@ -731,13 +732,28 @@  static void handle_builtin(int argc, const char **argv)
 		}
 
 		argc++;
-		argv = args.v;
+
+		/*
+		 * `run_builtin()` will modify the argv array, so we need to
+		 * create a shallow copy such that we can free all of its
+		 * strings.
+		 */
+		CALLOC_ARRAY(argv_copy, argc + 1);
+		COPY_ARRAY(argv_copy, args.v, argc);
+
+		argv = argv_copy;
 	}
 
 	builtin = get_builtin(cmd);
-	if (builtin)
-		exit(run_builtin(builtin, argc, argv));
+	if (builtin) {
+		int ret = run_builtin(builtin, argc, argv);
+		strvec_clear(&args);
+		free(argv_copy);
+		exit(ret);
+	}
+
 	strvec_clear(&args);
+	free(argv_copy);
 }
 
 static void execv_dashed_external(const char **argv)
diff --git a/t/t0012-help.sh b/t/t0012-help.sh
index 1d273d91c2..9eae0d8356 100755
--- a/t/t0012-help.sh
+++ b/t/t0012-help.sh
@@ -2,6 +2,7 @@ 
 
 test_description='help'
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 
 configure_help () {

[v2,03/23] git: fix leaking argv when handling builtins

Commit Message

Patch