[10/12] builtin/merge: free found_ref when done

Message ID	20210620151204.19260-11-andrzej@ahunt.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <git-owner@kernel.org> From: andrzej@ahunt.org To: git@vger.kernel.org Cc: andrzej@ahunt.org Subject: [PATCH 10/12] builtin/merge: free found_ref when done Date: Sun, 20 Jun 2021 17:12:02 +0200 Message-Id: <20210620151204.19260-11-andrzej@ahunt.org> In-Reply-To: <20210620151204.19260-1-andrzej@ahunt.org> References: <20210620151204.19260-1-andrzej@ahunt.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Fix all leaks in tests t0002-t0099: Part 2 \| expand [00/12] Fix all leaks in tests t0002-t0099: Part 2 [01/12] fmt-merge-msg: free newly allocated temporary strings when done [02/12] environment: move strbuf into block to plug leak [03/12] builtin/submodule--helper: release unused strbuf to avoid leak [04/12] builtin/for-each-repo: remove unnecessary argv copy to plug leak [05/12] diffcore-rename: move old_dir/new_dir definition to plug leak [06/12] ref-filter: also free head for ATOM_HEAD to avoid leak [07/12] read-cache: call diff_setup_done to avoid leak [08/12] convert: release strbuf to avoid leak [09/12] builtin/mv: free or UNLEAK multiple pointers at end of cmd_mv [10/12] builtin/merge: free found_ref when done [11/12] builtin/rebase: fix options.strategy memory lifecycle [12/12] reset: clear_unpack_trees_porcelain to plug leak

Message ID

20210620151204.19260-11-andrzej@ahunt.org (mailing list archive)

State

New, archived

Headers

From: andrzej@ahunt.org
To: git@vger.kernel.org
Cc: andrzej@ahunt.org
Subject: [PATCH 10/12] builtin/merge: free found_ref when done
Date: Sun, 20 Jun 2021 17:12:02 +0200
Message-Id: <20210620151204.19260-11-andrzej@ahunt.org>
In-Reply-To: <20210620151204.19260-1-andrzej@ahunt.org>
References: <20210620151204.19260-1-andrzej@ahunt.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Fix all leaks in tests t0002-t0099: Part 2 | expand

Commit Message

Andrzej Hunt June 20, 2021, 3:12 p.m. UTC

From: Andrzej Hunt <ajrhunt@google.com>

merge_name() calls dwim_ref(), which allocates a new string into
found_ref. Therefore add a free() to avoid leaking found_ref.

LSAN output from t0021:

Direct leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x486804 in strdup ../projects/compiler-rt/lib/asan/asan_interceptors.cpp:452:3
    #1 0xa8beb8 in xstrdup wrapper.c:29:14
    #2 0x954054 in expand_ref refs.c:671:12
    #3 0x953cb6 in repo_dwim_ref refs.c:644:22
    #4 0x5d3759 in dwim_ref refs.h:162:9
    #5 0x5d3759 in merge_name builtin/merge.c:517:6
    #6 0x5d3759 in collect_parents builtin/merge.c:1214:5
    #7 0x5cf60d in cmd_merge builtin/merge.c:1458:16
    #8 0x4ce83e in run_builtin git.c:475:11
    #9 0x4ccafe in handle_builtin git.c:729:3
    #10 0x4cb01c in run_argv git.c:818:4
    #11 0x4cb01c in cmd_main git.c:949:19
    #12 0x6bdbfd in main common-main.c:52:11
    #13 0x7f0430502349 in __libc_start_main (/lib64/libc.so.6+0x24349)

SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).

Signed-off-by: Andrzej Hunt <andrzej@ahunt.org>
---
 builtin/merge.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Elijah Newren June 21, 2021, 9:27 p.m. UTC | #1

On Sun, Jun 20, 2021 at 8:15 AM <andrzej@ahunt.org> wrote:
>
> From: Andrzej Hunt <ajrhunt@google.com>
>
> merge_name() calls dwim_ref(), which allocates a new string into
> found_ref. Therefore add a free() to avoid leaking found_ref.
>
> LSAN output from t0021:
>
> Direct leak of 16 byte(s) in 1 object(s) allocated from:
>     #0 0x486804 in strdup ../projects/compiler-rt/lib/asan/asan_interceptors.cpp:452:3
>     #1 0xa8beb8 in xstrdup wrapper.c:29:14
>     #2 0x954054 in expand_ref refs.c:671:12
>     #3 0x953cb6 in repo_dwim_ref refs.c:644:22
>     #4 0x5d3759 in dwim_ref refs.h:162:9
>     #5 0x5d3759 in merge_name builtin/merge.c:517:6
>     #6 0x5d3759 in collect_parents builtin/merge.c:1214:5
>     #7 0x5cf60d in cmd_merge builtin/merge.c:1458:16
>     #8 0x4ce83e in run_builtin git.c:475:11
>     #9 0x4ccafe in handle_builtin git.c:729:3
>     #10 0x4cb01c in run_argv git.c:818:4
>     #11 0x4cb01c in cmd_main git.c:949:19
>     #12 0x6bdbfd in main common-main.c:52:11
>     #13 0x7f0430502349 in __libc_start_main (/lib64/libc.so.6+0x24349)
>
> SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
>
> Signed-off-by: Andrzej Hunt <andrzej@ahunt.org>
> ---
>  builtin/merge.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/builtin/merge.c b/builtin/merge.c
> index a8a843b1f5..7ad85c044a 100644
> --- a/builtin/merge.c
> +++ b/builtin/merge.c
> @@ -503,7 +503,7 @@ static void merge_name(const char *remote, struct strbuf *msg)
>         struct strbuf bname = STRBUF_INIT;
>         struct merge_remote_desc *desc;
>         const char *ptr;
> -       char *found_ref;
> +       char *found_ref = NULL;
>         int len, early;
>
>         strbuf_branchname(&bname, remote, 0);
> @@ -586,6 +586,7 @@ static void merge_name(const char *remote, struct strbuf *msg)
>         strbuf_addf(msg, "%s\t\tcommit '%s'\n",
>                 oid_to_hex(&remote_head->object.oid), remote);
>  cleanup:
> +       free(found_ref);
>         strbuf_release(&buf);
>         strbuf_release(&bname);
>  }
> --
> 2.26.2

Makes sense, and a quick grep through the code doesn't suggest any
other obvious leaks from using dwim_ref().

diff --git a/builtin/merge.c b/builtin/merge.c
index a8a843b1f5..7ad85c044a 100644
--- a/builtin/merge.c
+++ b/builtin/merge.c
@@ -503,7 +503,7 @@  static void merge_name(const char *remote, struct strbuf *msg)
 	struct strbuf bname = STRBUF_INIT;
 	struct merge_remote_desc *desc;
 	const char *ptr;
-	char *found_ref;
+	char *found_ref = NULL;
 	int len, early;
 
 	strbuf_branchname(&bname, remote, 0);
@@ -586,6 +586,7 @@  static void merge_name(const char *remote, struct strbuf *msg)
 	strbuf_addf(msg, "%s\t\tcommit '%s'\n",
 		oid_to_hex(&remote_head->object.oid), remote);
 cleanup:
+	free(found_ref);
 	strbuf_release(&buf);
 	strbuf_release(&bname);
 }

[10/12] builtin/merge: free found_ref when done

Commit Message

Comments

Patch