diff mbox series

[16/28] http: stop leaking buffer in http_get_info_packs()

Message ID	20240924220227.GP1143820@coredump.intra.peff.net (mailing list archive)
State	Accepted
Commit	75f4acc98125a9e9f5b3051c0dc6690839830e25
Headers	show Received: from cloud.peff.net (cloud.peff.net [104.130.231.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0692780043 for <git@vger.kernel.org>; Tue, 24 Sep 2024 22:02:28 +0000 (UTC) Date: Tue, 24 Sep 2024 18:02:27 -0400 From: Jeff King <peff@peff.net> To: git@vger.kernel.org Cc: Patrick Steinhardt <ps@pks.im> Subject: [PATCH 16/28] http: stop leaking buffer in http_get_info_packs() Message-ID: <20240924220227.GP1143820@coredump.intra.peff.net> References: <20240924214930.GA1143523@coredump.intra.peff.net> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20240924214930.GA1143523@coredump.intra.peff.net>
Series	leak fixes for http fetch/push \| expand [0/28] leak fixes for http fetch/push [01/28] http-fetch: clear leaking git-index-pack(1) arguments [02/28] shallow: fix leak when unregistering last shallow root [03/28] fetch-pack: fix leaking sought refs [04/28] connect: clear child process before freeing in diagnostic mode [05/28] fetch-pack: free object filter before exiting [06/28] fetch-pack, send-pack: clean up shallow oid array [07/28] commit: avoid leaking already-saved buffer [08/28] send-pack: free cas options before exit [09/28] transport-helper: fix strbuf leak in push_refs_with_push() [10/28] fetch: free "raw" string when shrinking refspec [11/28] fetch-pack: clear pack lockfiles list [12/28] transport-helper: fix leak of dummy refs_list [13/28] http: fix leak when redacting cookies from curl trace [14/28] http: fix leak of http_object_request struct [15/28] http: call git_inflate_end() when releasing http_object_request [16/28] http: stop leaking buffer in http_get_info_packs() [17/28] remote-curl: free HEAD ref with free_one_ref() [18/28] http-walker: free fake packed_git list [19/28] http-push: clear refspecs before exiting [20/28] http-push: free repo->url string [21/28] http-push: free curl header lists [22/28] http-push: free transfer_request dest field [23/28] http-push: free transfer_request strbuf [24/28] http-push: free remote_ls_ctx.dentry_name [25/28] http-push: free xml_ctx.cdata after use [26/28] http-push: clean up objects list [27/28] http-push: clean up loose request when falling back to packed [28/28] http-push: clean up local_refs at exit

Commit Message

Jeff King Sept. 24, 2024, 10:02 p.m. UTC

We use http_get_strbuf() to fetch the remote info/packs content into a
strbuf, but never free it, causing a leak. There's no need to hold onto
it, as we've already parsed it completely.

This lets us mark t5619 as leak-free.

Signed-off-by: Jeff King <peff@peff.net>
---
 http.c                                     | 1 +
 t/t5619-clone-local-ambiguous-transport.sh | 1 +
 2 files changed, 2 insertions(+)

diff mbox series

Patch

diff --git a/http.c b/http.c
index 4d841becca..54463770b4 100644
--- a/http.c
+++ b/http.c
@@ -2475,6 +2475,7 @@  int http_get_info_packs(const char *base_url, struct packed_git **packs_head)
 
 cleanup:
 	free(url);
+	strbuf_release(&buf);
 	return ret;
 }
 
diff --git a/t/t5619-clone-local-ambiguous-transport.sh b/t/t5619-clone-local-ambiguous-transport.sh
index cce62bf78d..1d4efe414d 100755
--- a/t/t5619-clone-local-ambiguous-transport.sh
+++ b/t/t5619-clone-local-ambiguous-transport.sh
@@ -2,6 +2,7 @@ 
 
 test_description='test local clone with ambiguous transport'
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 . "$TEST_DIRECTORY/lib-httpd.sh"