diff mbox series

[Outreachy,v2] bisect--helper: avoid free-after-use

Message ID 20191209103923.21659-1-mirucam@gmail.com (mailing list archive)
State New, archived
Headers show
Series [Outreachy,v2] bisect--helper: avoid free-after-use | expand

Commit Message

Miriam R. Dec. 9, 2019, 10:39 a.m. UTC
From: Tanushree Tumane <tanushreetumane@gmail.com>

In 5e82c3dd22a (bisect--helper: `bisect_reset` shell function in C,
2019-01-02), the `git bisect reset` subcommand was ported to C. When the
call to `git checkout` failed, an error message was reported to the
user.

However, this error message used the `strbuf` that had just been
released already. Let's switch that around: first use it, then release
it.

Mentored-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Mentored-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Tanushree Tumane <tanushreetumane@gmail.com>
Signed-off-by: Miriam Rubio <mirucam@gmail.com>
---
This patch is a new version of
https://public-inbox.org/git/20191208172813.16518-1-mirucam@gmail.com/
which itself has been sent previously by Tanushree
(https://public-inbox.org/git/64117cde718f0d56ebfa4c30f4d8fe2155f5cf65.1551003074.git.gitgitgadget@gmail.com/).

 builtin/bisect--helper.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

Comments

Junio C Hamano Dec. 11, 2019, 5:17 p.m. UTC | #1
Miriam Rubio <mirucam@gmail.com> writes:

> From: Tanushree Tumane <tanushreetumane@gmail.com>
>
> In 5e82c3dd22a (bisect--helper: `bisect_reset` shell function in C,
> 2019-01-02), the `git bisect reset` subcommand was ported to C. When the
> call to `git checkout` failed, an error message was reported to the
> user.
>
> However, this error message used the `strbuf` that had just been
> released already. Let's switch that around: first use it, then release
> it.
>
> Mentored-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
> Mentored-by: Christian Couder <chriscool@tuxfamily.org>
> Signed-off-by: Tanushree Tumane <tanushreetumane@gmail.com>
> Signed-off-by: Miriam Rubio <mirucam@gmail.com>
> ---
> This patch is a new version of
> https://public-inbox.org/git/20191208172813.16518-1-mirucam@gmail.com/
> which itself has been sent previously by Tanushree
> (https://public-inbox.org/git/64117cde718f0d56ebfa4c30f4d8fe2155f5cf65.1551003074.git.gitgitgadget@gmail.com/).
>
>  builtin/bisect--helper.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/builtin/bisect--helper.c b/builtin/bisect--helper.c
> index 1fbe156e67..3055b2bb50 100644
> --- a/builtin/bisect--helper.c
> +++ b/builtin/bisect--helper.c
> @@ -169,11 +169,12 @@ static int bisect_reset(const char *commit)
>  
>  		argv_array_pushl(&argv, "checkout", branch.buf, "--", NULL);
>  		if (run_command_v_opt(argv.argv, RUN_GIT_CMD)) {
> +			error(_("could not check out original"
> +				" HEAD '%s'. Try 'git bisect"
> +				" reset <commit>'."), branch.buf);
>  			strbuf_release(&branch);
>  			argv_array_clear(&argv);
> -			return error(_("could not check out original"
> -				       " HEAD '%s'. Try 'git bisect"
> -				       " reset <commit>'."), branch.buf);

The original obviously was bad X-<.  Will queue.  Thanks.

> +			return -1;
>  		}
>  		argv_array_clear(&argv);
>  	}
Junio C Hamano Dec. 11, 2019, 5:24 p.m. UTC | #2
Junio C Hamano <gitster@pobox.com> writes:

> Subject: Re: [Outreachy] [PATCH v2] bisect--helper: avoid free-after-use

It is surprising with multiple mentors, nobody noticed free-after-use
is perfectly fine---it is use-after-free we would want to avoid.

> Miriam Rubio <mirucam@gmail.com> writes:
>
>> From: Tanushree Tumane <tanushreetumane@gmail.com>
>>
>> In 5e82c3dd22a (bisect--helper: `bisect_reset` shell function in C,
>> 2019-01-02), the `git bisect reset` subcommand was ported to C. When the
>> call to `git checkout` failed, an error message was reported to the
>> user.
>>
>> However, this error message used the `strbuf` that had just been
>> released already. Let's switch that around: first use it, then release
>> it.
>>
>> Mentored-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
>> Mentored-by: Christian Couder <chriscool@tuxfamily.org>
>> Signed-off-by: Tanushree Tumane <tanushreetumane@gmail.com>
>> Signed-off-by: Miriam Rubio <mirucam@gmail.com>
>> ---
>> This patch is a new version of
>> https://public-inbox.org/git/20191208172813.16518-1-mirucam@gmail.com/
>> which itself has been sent previously by Tanushree
>> (https://public-inbox.org/git/64117cde718f0d56ebfa4c30f4d8fe2155f5cf65.1551003074.git.gitgitgadget@gmail.com/).
>>
>>  builtin/bisect--helper.c | 7 ++++---
>>  1 file changed, 4 insertions(+), 3 deletions(-)
>>
>> diff --git a/builtin/bisect--helper.c b/builtin/bisect--helper.c
>> index 1fbe156e67..3055b2bb50 100644
>> --- a/builtin/bisect--helper.c
>> +++ b/builtin/bisect--helper.c
>> @@ -169,11 +169,12 @@ static int bisect_reset(const char *commit)
>>  
>>  		argv_array_pushl(&argv, "checkout", branch.buf, "--", NULL);
>>  		if (run_command_v_opt(argv.argv, RUN_GIT_CMD)) {
>> +			error(_("could not check out original"
>> +				" HEAD '%s'. Try 'git bisect"
>> +				" reset <commit>'."), branch.buf);
>>  			strbuf_release(&branch);
>>  			argv_array_clear(&argv);
>> -			return error(_("could not check out original"
>> -				       " HEAD '%s'. Try 'git bisect"
>> -				       " reset <commit>'."), branch.buf);
>
> The original obviously was bad X-<.  Will queue.  Thanks.
>
>> +			return -1;
>>  		}
>>  		argv_array_clear(&argv);
>>  	}
Miriam R. Dec. 11, 2019, 7:14 p.m. UTC | #3
El mié., 11 dic. 2019 a las 18:24, Junio C Hamano
(<gitster@pobox.com>) escribió:
>
> Junio C Hamano <gitster@pobox.com> writes:
>
> > Subject: Re: [Outreachy] [PATCH v2] bisect--helper: avoid free-after-use
>
> It is surprising with multiple mentors, nobody noticed free-after-use
> is perfectly fine---it is use-after-free we would want to avoid.
>

Yes, you are right. I will send another version with the correct title.

Thank you,
Miriam

> > Miriam Rubio <mirucam@gmail.com> writes:
> >
> >> From: Tanushree Tumane <tanushreetumane@gmail.com>
> >>
> >> In 5e82c3dd22a (bisect--helper: `bisect_reset` shell function in C,
> >> 2019-01-02), the `git bisect reset` subcommand was ported to C. When the
> >> call to `git checkout` failed, an error message was reported to the
> >> user.
> >>
> >> However, this error message used the `strbuf` that had just been
> >> released already. Let's switch that around: first use it, then release
> >> it.
> >>
> >> Mentored-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
> >> Mentored-by: Christian Couder <chriscool@tuxfamily.org>
> >> Signed-off-by: Tanushree Tumane <tanushreetumane@gmail.com>
> >> Signed-off-by: Miriam Rubio <mirucam@gmail.com>
> >> ---
> >> This patch is a new version of
> >> https://public-inbox.org/git/20191208172813.16518-1-mirucam@gmail.com/
> >> which itself has been sent previously by Tanushree
> >> (https://public-inbox.org/git/64117cde718f0d56ebfa4c30f4d8fe2155f5cf65.1551003074.git.gitgitgadget@gmail.com/).
> >>
> >>  builtin/bisect--helper.c | 7 ++++---
> >>  1 file changed, 4 insertions(+), 3 deletions(-)
> >>
> >> diff --git a/builtin/bisect--helper.c b/builtin/bisect--helper.c
> >> index 1fbe156e67..3055b2bb50 100644
> >> --- a/builtin/bisect--helper.c
> >> +++ b/builtin/bisect--helper.c
> >> @@ -169,11 +169,12 @@ static int bisect_reset(const char *commit)
> >>
> >>              argv_array_pushl(&argv, "checkout", branch.buf, "--", NULL);
> >>              if (run_command_v_opt(argv.argv, RUN_GIT_CMD)) {
> >> +                    error(_("could not check out original"
> >> +                            " HEAD '%s'. Try 'git bisect"
> >> +                            " reset <commit>'."), branch.buf);
> >>                      strbuf_release(&branch);
> >>                      argv_array_clear(&argv);
> >> -                    return error(_("could not check out original"
> >> -                                   " HEAD '%s'. Try 'git bisect"
> >> -                                   " reset <commit>'."), branch.buf);
> >
> > The original obviously was bad X-<.  Will queue.  Thanks.
> >
> >> +                    return -1;
> >>              }
> >>              argv_array_clear(&argv);
> >>      }
Johannes Schindelin Dec. 12, 2019, 7:16 p.m. UTC | #4
Hi Junio,

On Wed, 11 Dec 2019, Junio C Hamano wrote:

> Junio C Hamano <gitster@pobox.com> writes:
>
> > Subject: Re: [Outreachy] [PATCH v2] bisect--helper: avoid free-after-use
>
> It is surprising with multiple mentors, nobody noticed free-after-use
> is perfectly fine---it is use-after-free we would want to avoid.

Wow. It is totally my fault, and the only thing I can blame is the
mind-numbing work I did on those security fixes. So glad that's over.

Sorry for the mistake,
Dscho
diff mbox series

Patch

diff --git a/builtin/bisect--helper.c b/builtin/bisect--helper.c
index 1fbe156e67..3055b2bb50 100644
--- a/builtin/bisect--helper.c
+++ b/builtin/bisect--helper.c
@@ -169,11 +169,12 @@  static int bisect_reset(const char *commit)
 
 		argv_array_pushl(&argv, "checkout", branch.buf, "--", NULL);
 		if (run_command_v_opt(argv.argv, RUN_GIT_CMD)) {
+			error(_("could not check out original"
+				" HEAD '%s'. Try 'git bisect"
+				" reset <commit>'."), branch.buf);
 			strbuf_release(&branch);
 			argv_array_clear(&argv);
-			return error(_("could not check out original"
-				       " HEAD '%s'. Try 'git bisect"
-				       " reset <commit>'."), branch.buf);
+			return -1;
 		}
 		argv_array_clear(&argv);
 	}