[v3,06/21] http: refactor code to clarify memory ownership

Message ID	fa91a3942edd2c26389a25bb2a5c1737151e7c12.1716810168.git.ps@pks.im (mailing list archive)
State	Accepted
Commit	f962ffc392fe1831d047a10a28a55710d987d746
Headers	show Received: from wfout5-smtp.messagingengine.com (wfout5-smtp.messagingengine.com [64.147.123.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8888713A3EF for <git@vger.kernel.org>; Mon, 27 May 2024 11:46:15 +0000 (UTC) Feedback-ID: i197146af:Fastmail Date: Mon, 27 May 2024 13:46:10 +0200 From: Patrick Steinhardt <ps@pks.im> To: git@vger.kernel.org Cc: Eric Sunshine <sunshine@sunshineco.com>, Junio C Hamano <gitster@pobox.com>, Karthik Nayak <karthik.188@gmail.com>, Jeff King <peff@peff.net> Subject: [PATCH v3 06/21] http: refactor code to clarify memory ownership Message-ID: <fa91a3942edd2c26389a25bb2a5c1737151e7c12.1716810168.git.ps@pks.im> References: <cover.1716465556.git.ps@pks.im> <cover.1716810168.git.ps@pks.im> Precedence: bulk MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="/+LqOqW05K904s00" Content-Disposition: inline In-Reply-To: <cover.1716810168.git.ps@pks.im>
Series	Various memory leak fixes \| expand [v3,00/21] Various memory leak fixes [v3,01/21] ci: add missing dependency for TTY prereq [v3,02/21] t: mark a bunch of tests as leak-free [v3,03/21] transport-helper: fix leaking helper name [v3,04/21] strbuf: fix leak when `appendwholeline()` fails with EOF [v3,05/21] checkout: clarify memory ownership in `unique_tracking_name()` [v3,06/21] http: refactor code to clarify memory ownership [v3,07/21] config: clarify memory ownership in `git_config_pathname()` [v3,08/21] diff: refactor code to clarify memory ownership of prefixes [v3,09/21] convert: refactor code to clarify ownership of check_roundtrip_encoding [v3,10/21] builtin/log: stop using globals for log config [v3,11/21] builtin/log: stop using globals for format config [v3,12/21] config: clarify memory ownership in `git_config_string()` [v3,13/21] config: plug various memory leaks [v3,14/21] builtin/credential: clear credential before exit [v3,15/21] commit-reach: fix memory leak in `ahead_behind()` [v3,16/21] submodule: fix leaking memory for submodule entries [v3,17/21] strvec: add functions to replace and remove strings [v3,18/21] builtin/mv: refactor `add_slash()` to always return allocated strings [v3,19/21] builtin/mv duplicate string list memory [v3,20/21] builtin/mv: refactor to use `struct strvec` [v3,21/21] builtin/mv: fix leaks for submodule gitfile paths

Message ID

fa91a3942edd2c26389a25bb2a5c1737151e7c12.1716810168.git.ps@pks.im (mailing list archive)

State

Accepted

Commit

f962ffc392fe1831d047a10a28a55710d987d746

Headers

Feedback-ID: i197146af:Fastmail
Date: Mon, 27 May 2024 13:46:10 +0200
From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Cc: Eric Sunshine <sunshine@sunshineco.com>,
	Junio C Hamano <gitster@pobox.com>,
	Karthik Nayak <karthik.188@gmail.com>, Jeff King <peff@peff.net>
Subject: [PATCH v3 06/21] http: refactor code to clarify memory ownership
Message-ID: 
 <fa91a3942edd2c26389a25bb2a5c1737151e7c12.1716810168.git.ps@pks.im>
References: <cover.1716465556.git.ps@pks.im>
 <cover.1716810168.git.ps@pks.im>
Precedence: bulk
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="/+LqOqW05K904s00"
Content-Disposition: inline
In-Reply-To: <cover.1716810168.git.ps@pks.im>

Series

Various memory leak fixes | expand

Commit Message

Patrick Steinhardt May 27, 2024, 11:46 a.m. UTC

There are various variables assigned via `git_config_string()` and
`git_config_pathname()` which are never free'd. This bug is relatable
because the out parameter of those functions are a `const char **`, even
though memory ownership is transferred to the caller.

We're about to adapt the functions to instead use `char **`. Prepare the
code accordingly. Note that the `(const char **)` casts will go away
once we have adapted the functions.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
 http.c | 62 ++++++++++++++++++++++++++++++----------------------------
 1 file changed, 32 insertions(+), 30 deletions(-)

diff --git a/http.c b/http.c
index 752c879c1f..db2e2f1d39 100644
--- a/http.c
+++ b/http.c
@@ -39,8 +39,8 @@  char curl_errorstr[CURL_ERROR_SIZE];
 static int curl_ssl_verify = -1;
 static int curl_ssl_try;
 static const char *curl_http_version = NULL;
-static const char *ssl_cert;
-static const char *ssl_cert_type;
+static char *ssl_cert;
+static char *ssl_cert_type;
 static const char *ssl_cipherlist;
 static const char *ssl_version;
 static struct {
@@ -59,23 +59,23 @@  static struct {
 	{ "tlsv1.3", CURL_SSLVERSION_TLSv1_3 },
 #endif
 };
-static const char *ssl_key;
-static const char *ssl_key_type;
-static const char *ssl_capath;
-static const char *curl_no_proxy;
+static char *ssl_key;
+static char *ssl_key_type;
+static char *ssl_capath;
+static char *curl_no_proxy;
 #ifdef GIT_CURL_HAVE_CURLOPT_PINNEDPUBLICKEY
 static const char *ssl_pinnedkey;
 #endif
-static const char *ssl_cainfo;
+static char *ssl_cainfo;
 static long curl_low_speed_limit = -1;
 static long curl_low_speed_time = -1;
 static int curl_ftp_no_epsv;
-static const char *curl_http_proxy;
-static const char *http_proxy_authmethod;
+static char *curl_http_proxy;
+static char *http_proxy_authmethod;
 
-static const char *http_proxy_ssl_cert;
-static const char *http_proxy_ssl_key;
-static const char *http_proxy_ssl_ca_info;
+static char *http_proxy_ssl_cert;
+static char *http_proxy_ssl_key;
+static char *http_proxy_ssl_ca_info;
 static struct credential proxy_cert_auth = CREDENTIAL_INIT;
 static int proxy_ssl_cert_password_required;
 
@@ -112,7 +112,7 @@  static const char *curl_cookie_file;
 static int curl_save_cookies;
 struct credential http_auth = CREDENTIAL_INIT;
 static int http_proactive_auth;
-static const char *user_agent;
+static char *user_agent;
 static int curl_empty_auth = -1;
 
 enum http_follow_config http_follow_config = HTTP_FOLLOW_INITIAL;
@@ -381,17 +381,17 @@  static int http_options(const char *var, const char *value,
 	if (!strcmp("http.sslversion", var))
 		return git_config_string(&ssl_version, var, value);
 	if (!strcmp("http.sslcert", var))
-		return git_config_pathname(&ssl_cert, var, value);
+		return git_config_pathname((const char **)&ssl_cert, var, value);
 	if (!strcmp("http.sslcerttype", var))
-		return git_config_string(&ssl_cert_type, var, value);
+		return git_config_string((const char **)&ssl_cert_type, var, value);
 	if (!strcmp("http.sslkey", var))
-		return git_config_pathname(&ssl_key, var, value);
+		return git_config_pathname((const char **)&ssl_key, var, value);
 	if (!strcmp("http.sslkeytype", var))
-		return git_config_string(&ssl_key_type, var, value);
+		return git_config_string((const char **)&ssl_key_type, var, value);
 	if (!strcmp("http.sslcapath", var))
-		return git_config_pathname(&ssl_capath, var, value);
+		return git_config_pathname((const char **)&ssl_capath, var, value);
 	if (!strcmp("http.sslcainfo", var))
-		return git_config_pathname(&ssl_cainfo, var, value);
+		return git_config_pathname((const char **)&ssl_cainfo, var, value);
 	if (!strcmp("http.sslcertpasswordprotected", var)) {
 		ssl_cert_password_required = git_config_bool(var, value);
 		return 0;
@@ -440,19 +440,19 @@  static int http_options(const char *var, const char *value,
 		return 0;
 	}
 	if (!strcmp("http.proxy", var))
-		return git_config_string(&curl_http_proxy, var, value);
+		return git_config_string((const char **)&curl_http_proxy, var, value);
 
 	if (!strcmp("http.proxyauthmethod", var))
-		return git_config_string(&http_proxy_authmethod, var, value);
+		return git_config_string((const char **)&http_proxy_authmethod, var, value);
 
 	if (!strcmp("http.proxysslcert", var))
-		return git_config_string(&http_proxy_ssl_cert, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_cert, var, value);
 
 	if (!strcmp("http.proxysslkey", var))
-		return git_config_string(&http_proxy_ssl_key, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_key, var, value);
 
 	if (!strcmp("http.proxysslcainfo", var))
-		return git_config_string(&http_proxy_ssl_ca_info, var, value);
+		return git_config_string((const char **)&http_proxy_ssl_ca_info, var, value);
 
 	if (!strcmp("http.proxysslcertpasswordprotected", var)) {
 		proxy_ssl_cert_password_required = git_config_bool(var, value);
@@ -476,7 +476,7 @@  static int http_options(const char *var, const char *value,
 	}
 
 	if (!strcmp("http.useragent", var))
-		return git_config_string(&user_agent, var, value);
+		return git_config_string((const char **)&user_agent, var, value);
 
 	if (!strcmp("http.emptyauth", var)) {
 		if (value && !strcmp("auto", value))
@@ -592,10 +592,10 @@  static void init_curl_http_auth(CURL *result)
 }
 
 /* *var must be free-able */
-static void var_override(const char **var, char *value)
+static void var_override(char **var, char *value)
 {
 	if (value) {
-		free((void *)*var);
+		free(*var);
 		*var = xstrdup(value);
 	}
 }
@@ -1233,11 +1233,13 @@  static CURL *get_curl_handle(void)
 	return result;
 }
 
-static void set_from_env(const char **var, const char *envname)
+static void set_from_env(char **var, const char *envname)
 {
 	const char *val = getenv(envname);
-	if (val)
-		*var = val;
+	if (val) {
+		FREE_AND_NULL(*var);
+		*var = xstrdup(val);
+	}
 }
 
 void http_init(struct remote *remote, const char *url, int proactive_auth)

[v3,06/21] http: refactor code to clarify memory ownership

Commit Message

Patch