From patchwork Tue Feb 4 21:17:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ren=C3=A9_Scharfe?= X-Patchwork-Id: 11365259 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D6A8D14B4 for ; Tue, 4 Feb 2020 21:17:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B5D95217BA for ; Tue, 4 Feb 2020 21:17:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=web.de header.i=@web.de header.b="J/i3Jiu+" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727543AbgBDVRI (ORCPT ); Tue, 4 Feb 2020 16:17:08 -0500 Received: from mout.web.de ([212.227.15.4]:50387 "EHLO mout.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727387AbgBDVRH (ORCPT ); Tue, 4 Feb 2020 16:17:07 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=dbaedf251592; t=1580851022; bh=xCa/Kt7YUUS3xzi6O3tgpqwkGEMIuv4RXsD0SZrMh58=; h=X-UI-Sender-Class:Subject:From:To:Cc:References:Date:In-Reply-To; b=J/i3Jiu+cRzgOv99zzfJwaIzJXJTTS4mZOD/CrEb+zcb4dBWaupny2lVA18GVKTdT d7uwJcv1ZqsUe9T8WGJYWnAZK1Vwx25FnZa+ipay3O7FAEPqJNueO2gya9IzaktJ/O 7bGVF3/FVzYkf13wgqyt0Xe9h2ALGjtc0HhUaZSY= X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9 Received: from [192.168.178.26] ([91.47.145.153]) by smtp.web.de (mrweb002 [213.165.67.108]) with ESMTPSA (Nemesis) id 0LfAfQ-1jIl8g1mfI-00ooJi; Tue, 04 Feb 2020 22:17:02 +0100 Subject: [PATCH 04/10] name-rev: don't leak path copy in name_ref() From: =?utf-8?q?Ren=C3=A9_Scharfe?= To: Git Mailing List Cc: =?utf-8?q?SZEDER_G=C3=A1bor?= , =?utf-8?q?Martin_?= =?utf-8?q?=C3=85gren?= , Junio C Hamano References: <084909f8-fefa-1fe0-b2ce-74eff47c4972@web.de> Message-ID: <32a0a2d6-3237-24e9-c647-6624cc2a1e89@web.de> Date: Tue, 4 Feb 2020 22:17:02 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <084909f8-fefa-1fe0-b2ce-74eff47c4972@web.de> Content-Language: en-US X-Provags-ID: V03:K1:/HMtlztfJqEhAHMiTORttagDJQPZp+u0Mp3oribW9NPuEK1L/hn Vsahs9OmYZZYRrXi+FFl1tXGZFMGd/vI6OQ/DLsUyZrH/HrrL7R9QLn9b8NHb5MJ5IVlqcr LPfozn9WA0ZBpDBy88u1r8dO/jaaHp+tn1vZMSgYYf2EsrGaPGAmyjK1OAuboSeogkuQoY0 idZXusDDqX+0Xp7pttQnQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:3R95lme07b8=:qdjqXsLD8veaagp2X9+QHr 0+EZ7GeG9+TXS9/QX4vTj0TZTurwr+djDc22DtMlMPpiMePxxOOnM5WffjWnL4WDWQRDCgCqG me3JWkN/uUxH7vweXxOzAg8Pu0vayzT0+w+3aLNM3xwWMd2NQh238NmrXzSeJbV3R1Vb/aQM9 XfJw4blncMN0x92txFh800Bpzt6t13yUO8FZ14JxJFm9GF0EcsDqcsk4hHlXf9nBG6NgWZju3 VG6GelbIj3EgCFxV/t2v7Hy50EEUTHHhyxWXxYW8z+3+S5ogsx1xOYNchV/uRydr+YEXYWyfs wpn3qw/LOnf3xzG/JxjJkptOv4AMil1A0phNhf7UioirlpXiAIJAsZXv66ohhgd1+eNclWPJC i+x6KublKcHjUul/UaNea1/gUI/KerNSl1YrkM9a4cMAOnlQYawDtTj+pOuXQ7n7cABPx+k8i xXnxXrHkBTBOc6dgnxgC596OANPKnShBLqcuauEk014VYiIxRcZdNk4VACd46VEBLgdyI0Z0f nHRbD6iWSe+OtMQdbOzemOFtSkqGP/4o6ZgvSnRy0dnY7mIHqzWQW9fxAKoeW6U+zj9qjI3wY VfLnDkJgbY/S7uB/wuLYJvYVSeWw2Xy+AVr2NcO63UPHdWbD0N996/dMmi84iuZdMckoVJVEn ULKIokU9Gv2OMHcGIOl8Iy4NWAdH071vvprWhnrVWd3cSkm/hCYCDZHgwTOpGYMH8FonVY/rR AnGASL5a0QufoZBSShpNqz20BbptNbxfVTPCGMrqAlIZsj+zeOIgSsmkrRE0cpzQQkHp84dLz WNCPTxGp2wEIEzrebP5lWoa3McQKiVrfrnQBBzNt34UJnA/t4JTtb11lN2QL82nLwriyTSt5E xJ66SZOqv4eW3Br30VEku3+c7v5FF/tZjM4pwQ+ztLqkLu0rRrE1wg41VnrV8rynK1AxgOjs/ KSlKWYiv+9ZMwa+sMDOsfAd2BZZ5EtIdzdUfgpZAsjHLKzC/uPZwMghXwKVijeI+TWk/hj8pZ 0Ug9VkRpoQFPFgHFcdU4FxMNjQfBNTYUNtJByxlWKs2nEadT6r3OnG+3aT/5hN0qOHH09c7SV qLZjDWCVLD5o5A/rxV2csWIM9NVIEZS8haTZWx7EQG4M3Vssza96wKsUzbZQ0kRSFcbA4tJr4 yCbZ5Hq34ElEH8hynczoYZ+MboiGjUF/iFWaXUAOAajvvA+2GqhPX/kKB/BKIApbNatzk1aDn bxoByJfM2Ghj3NLR2 Sender: git-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org name_ref() duplicates the path string and passes it to name_rev(), which either puts it into a commit slab or ignores it if there is already a better name, leaking it. Move the duplication to name_rev() and release the copy in the latter case. Signed-off-by: René Scharfe --- builtin/name-rev.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- 2.25.0 diff --git a/builtin/name-rev.c b/builtin/name-rev.c index 2e6820bd5b..3e22a0503e 100644 --- a/builtin/name-rev.c +++ b/builtin/name-rev.c @@ -121,6 +121,8 @@ static void name_rev(struct commit *start_commit, if (deref) tip_name = to_free = xstrfmt("%s^0", tip_name); + else + tip_name = to_free = xstrdup(tip_name); if (!create_or_update_name(start_commit, tip_name, taggerdate, 0, 0, from_tag)) { @@ -323,7 +325,7 @@ static int name_ref(const char *path, const struct object_id *oid, int flags, vo if (taggerdate == TIME_MAX) taggerdate = commit->date; path = name_ref_abbrev(path, can_abbreviate_output); - name_rev(commit, xstrdup(path), taggerdate, from_tag, deref); + name_rev(commit, path, taggerdate, from_tag, deref); } return 0; }