[v2,06/21] http: refactor code to clarify memory ownership

Message ID	141cae2de1acb5a181d9c4f4c2a75dfab6b561af.1716541556.git.ps@pks.im (mailing list archive)
State	Superseded
Headers	show Received: from fhigh2-smtp.messagingengine.com (fhigh2-smtp.messagingengine.com [103.168.172.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DD30E83CCC for <git@vger.kernel.org>; Fri, 24 May 2024 10:03:42 +0000 (UTC) Feedback-ID: i197146af:Fastmail Date: Fri, 24 May 2024 12:03:38 +0200 From: Patrick Steinhardt <ps@pks.im> To: git@vger.kernel.org Cc: Eric Sunshine <sunshine@sunshineco.com>, Junio C Hamano <gitster@pobox.com> Subject: [PATCH v2 06/21] http: refactor code to clarify memory ownership Message-ID: <141cae2de1acb5a181d9c4f4c2a75dfab6b561af.1716541556.git.ps@pks.im> References: <cover.1716465556.git.ps@pks.im> <cover.1716541556.git.ps@pks.im> Precedence: bulk MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="+j+cZXDgYSI1hQOk" Content-Disposition: inline In-Reply-To: <cover.1716541556.git.ps@pks.im>
Series	Various memory leak fixes \| expand [v2,00/21] Various memory leak fixes [v2,01/21] ci: add missing dependency for TTY prereq [v2,02/21] t: mark a bunch of tests as leak-free [v2,03/21] transport-helper: fix leaking helper name [v2,04/21] strbuf: fix leak when `appendwholeline()` fails with EOF [v2,05/21] checkout: clarify memory ownership in `unique_tracking_name()` [v2,06/21] http: refactor code to clarify memory ownership [v2,07/21] config: clarify memory ownership in `git_config_pathname()` [v2,08/21] diff: refactor code to clarify memory ownership of prefixes [v2,09/21] convert: refactor code to clarify ownership of check_roundtrip_encoding [v2,10/21] builtin/log: stop using globals for log config [v2,11/21] builtin/log: stop using globals for format config [v2,12/21] config: clarify memory ownership in `git_config_string()` [v2,13/21] config: plug various memory leaks [v2,14/21] builtin/credential: clear credential before exit [v2,15/21] commit-reach: fix memory leak in `ahead_behind()` [v2,16/21] submodule: fix leaking memory for submodule entries [v2,17/21] strvec: add functions to replace and remove strings [v2,18/21] builtin/mv: refactor `add_slash()` to always return allocated strings [v2,19/21] builtin/mv duplicate string list memory [v2,20/21] builtin/mv: refactor to use `struct strvec` [v2,21/21] builtin/mv: fix leaks for submodule gitfile paths

Message ID

141cae2de1acb5a181d9c4f4c2a75dfab6b561af.1716541556.git.ps@pks.im (mailing list archive)

State

Superseded

Headers

Feedback-ID: i197146af:Fastmail
Date: Fri, 24 May 2024 12:03:38 +0200
From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Cc: Eric Sunshine <sunshine@sunshineco.com>,
	Junio C Hamano <gitster@pobox.com>
Subject: [PATCH v2 06/21] http: refactor code to clarify memory ownership
Message-ID: 
 <141cae2de1acb5a181d9c4f4c2a75dfab6b561af.1716541556.git.ps@pks.im>
References: <cover.1716465556.git.ps@pks.im>
 <cover.1716541556.git.ps@pks.im>
Precedence: bulk
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="+j+cZXDgYSI1hQOk"
Content-Disposition: inline
In-Reply-To: <cover.1716541556.git.ps@pks.im>

Series

Various memory leak fixes | expand

Commit Message

Patrick Steinhardt May 24, 2024, 10:03 a.m. UTC

There are various variables assigned via `git_config_string()` and
`git_config_pathname()` which are never free'd. This bug is relatable
because the out parameter of those functions are a `const char **`, even
though memory ownership is transferred to the caller.

We're about to adapt the functions to instead use `char **`. Prepare the
code accordingly. Note that the `(const char **)` casts will go away
once we have adapted the functions.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
 http.c | 62 ++++++++++++++++++++++++++++++----------------------------
 1 file changed, 32 insertions(+), 30 deletions(-)

diff --git a/http.c b/http.c
index 752c879c1f..db2e2f1d39 100644
--- a/http.c
+++ b/http.c
@@ -39,8 +39,8 @@  char curl_errorstr[CURL_ERROR_SIZE];
 static int curl_ssl_verify = -1;
 static int curl_ssl_try;
 static const char *curl_http_version = NULL;
-static const char *ssl_cert;
-static const char *ssl_cert_type;
+static char *ssl_cert;
+static char *ssl_cert_type;
 static const char *ssl_cipherlist;
 static const char *ssl_version;
 static struct {
@@ -59,23 +59,23 @@  static struct {
 	{ "tlsv1.3", CURL_SSLVERSION_TLSv1_3 },
 #endif
 };
-static const char *ssl_key;
-static const char *ssl_key_type;
-static const char *ssl_capath;
-static const char *curl_no_proxy;
+static char *ssl_key;
+static char *ssl_key_type;
+static char *ssl_capath;
+static char *curl_no_proxy;
 #ifdef GIT_CURL_HAVE_CURLOPT_PINNEDPUBLICKEY
 static const char *ssl_pinnedkey;
 #endif
-static const char *ssl_cainfo;
+static char *ssl_cainfo;
 static long curl_low_speed_limit = -1;
 static long curl_low_speed_time = -1;
 static int curl_ftp_no_epsv;
-static const char *curl_http_proxy;
-static const char *http_proxy_authmethod;
+static char *curl_http_proxy;
+static char *http_proxy_authmethod;
 
-static const char *http_proxy_ssl_cert;
-static const char *http_proxy_ssl_key;
-static const char *http_proxy_ssl_ca_info;
+static char *http_proxy_ssl_cert;
+static char *http_proxy_ssl_key;
+static char *http_proxy_ssl_ca_info;
 static struct credential proxy_cert_auth = CREDENTIAL_INIT;
 static int proxy_ssl_cert_password_required;
 
@@ -112,7 +112,7 @@  static const char *curl_cookie_file;
 static int curl_save_cookies;
 struct credential http_auth = CREDENTIAL_INIT;
 static int http_proactive_auth;
-static const char *user_agent;
+static char *user_agent;
 static int curl_empty_auth = -1;
 
 enum http_follow_config http_follow_config = HTTP_FOLLOW_INITIAL;
@@ -381,17 +381,17 @@  static int http_options(const char *var, const char *value,
 	if (!strcmp("http.sslversion", var))
 		return git_config_string(&ssl_version, var, value);
 	if (!strcmp("http.sslcert", var))
-		return git_config_pathname(&ssl_cert, var, value);
+		return git_config_pathname((const char **)&ssl_cert, var, value);
 	if (!strcmp("http.sslcerttype", var))
-		return git_config_string(&ssl_cert_type, var, value);
+		return git_config_string((const char **)&ssl_cert_type, var, value);
 	if (!strcmp("http.sslkey", var))
-		return git_config_pathname(&ssl_key, var, value);
+		return git_config_pathname((const char **)&ssl_key, var, value);
 	if (!strcmp("http.sslkeytype", var))
-		return git_config_string(&ssl_key_type, var, value);
+		return git_config_string((const char **)&ssl_key_type, var, value);
 	if (!strcmp("http.sslcapath", var))
-		return git_config_pathname(&ssl_capath, var, value);
+		return git_config_pathname((const char **)&ssl_capath, var, value);
 	if (!strcmp("http.sslcainfo", var))
-		return git_config_pathname(&ssl_cainfo, var, value);
+		return git_config_pathname((const char **)&ssl_cainfo, var, value);
 	if (!strcmp("http.sslcertpasswordprotected", var)) {
 		ssl_cert_password_required = git_config_bool(var, value);
 		return 0;
@@ -440,19 +440,19 @@  static int http_options(const char *var, const char *value,
 		return 0;
 	}
 	if (!strcmp("http.proxy", var))
-		return git_config_string(&curl_http_proxy, var, value);
+		return git_config_string((const char **)&curl_http_proxy, var, value);
 
 	if (!strcmp("http.proxyauthmethod", var))
-		return git_config_string(&http_proxy_authmethod, var, value);
+		return git_config_string((const char **)&http_proxy_authmethod, var, value);
 
 	if (!strcmp("http.proxysslcert", var))
-		return git_config_string(&http_proxy_ssl_cert, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_cert, var, value);
 
 	if (!strcmp("http.proxysslkey", var))
-		return git_config_string(&http_proxy_ssl_key, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_key, var, value);
 
 	if (!strcmp("http.proxysslcainfo", var))
-		return git_config_string(&http_proxy_ssl_ca_info, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_ca_info, var, value);
 
 	if (!strcmp("http.proxysslcertpasswordprotected", var)) {
 		proxy_ssl_cert_password_required = git_config_bool(var, value);
@@ -476,7 +476,7 @@  static int http_options(const char *var, const char *value,
 	}
 
 	if (!strcmp("http.useragent", var))
-		return git_config_string(&user_agent, var, value);
+		return git_config_string((const char **)&user_agent, var, value);
 
 	if (!strcmp("http.emptyauth", var)) {
 		if (value && !strcmp("auto", value))
@@ -592,10 +592,10 @@  static void init_curl_http_auth(CURL *result)
 }
 
 /* *var must be free-able */
-static void var_override(const char **var, char *value)
+static void var_override(char **var, char *value)
 {
 	if (value) {
-		free((void *)*var);
+		free(*var);
 		*var = xstrdup(value);
 	}
 }
@@ -1233,11 +1233,13 @@  static CURL *get_curl_handle(void)
 	return result;
 }
 
-static void set_from_env(const char **var, const char *envname)
+static void set_from_env(char **var, const char *envname)
 {
 	const char *val = getenv(envname);
-	if (val)
-		*var = val;
+	if (val) {
+		FREE_AND_NULL(*var);
+		*var = xstrdup(val);
+	}
 }
 
 void http_init(struct remote *remote, const char *url, int proactive_auth)

[v2,06/21] http: refactor code to clarify memory ownership

Commit Message

Patch