From: Libor Pechacek <lpechacek@suse.cz>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>
Subject: Re: [PATCH v4] Sanity-check config variable names
Date: Fri, 11 Feb 2011 19:52:06 +0100 [thread overview]
Message-ID: <20110211185205.GB7406@localhost.suse.cz> (raw)
In-Reply-To: <7v7hd733q6.fsf@alter.siamese.dyndns.org>
On Thu 10-02-11 14:49:05, Junio C Hamano wrote:
> Libor Pechacek <lpechacek@suse.cz> writes:
>
> > diff --git a/builtin/config.c b/builtin/config.c
> > index ca4a0db..dd17029 100644
> > --- a/builtin/config.c
> > +++ b/builtin/config.c
> > @@ -168,17 +167,30 @@ static int get_value(const char *key_, const char *regex_)
> > ...
> > key_regexp = (regex_t*)xmalloc(sizeof(regex_t));
> > if (regcomp(key_regexp, key, REG_EXTENDED)) {
> > fprintf(stderr, "Invalid key pattern: %s\n", key_);
> > goto free_strings;
>
> This is not a new issue introduced by this series, but isn't this goto
> leaking "key" by jumping over free(key) later in the function but before
> its target?
Yes, sure and not only there. A few lines below there is the compilation of
the value regex. Freeing the memory allocated for key storage obviously needs
a little bit more work and I'd like to post the fix as a separate patch.
> > }
> > + } else {
> > + if (git_config_parse_key(key_, &key, NULL))
> > + goto free_strings;
>
> This seemingly has the same issue but is worse than that. You allocate
> and overwrite "key" in git_config_parse_key(), so by calling the function
> after allocating key in the caller, you immediately leak it. The new copy
> allocated inside the callee is freed at its end upon error return, so
> jumping over free(key) in the caller does not leak, though.
Negligence on my part, thanks for catching it.
> > @@ -1124,59 +1187,22 @@ int git_config_set(const char *key, const char *value)
> > ...
> > + ret = -git_config_parse_key(key, &store.key, &store.baselen);
> > + if (ret)
> > goto out_free;
>
> This '-' is very easy to miss; I'd rather see it spelled out with an
> explanation.
Agree. It would be yet better to get rid this weird transformation at all.
> But looking at the bigger picture, don't you think that an internal
> function like git_config_set() should return negative on error, and
> we should make it the caller's responsibility to turn it to a value
> suitable for feeding exit(3)? It obviously is a separate topic.
Agree and not only that. The exit codes are inconsistent between "set" and
"get" operation[1]. IMHO it's also questionable to feed exit(3) with negative
values.
Would you be in favor of getting the exit codes consistent and documented?
> Here is a minimum fix-up on top of your patch.
Squashed into my patch, with the exception of the memleak fix, which I'm going
to post separately.
> Thanks.
Thanks for the opportunity to contribute. :)
Libor
[1] $ ./git-config x.x x [; echo $?
error: invalid pattern: [
6
$ ./git-config --get x.x [; echo $?
Invalid pattern: [
255
--
Libor Pechacek
SUSE L3 Team, Prague
next prev parent reply other threads:[~2011-02-11 18:52 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-08 14:46 git-config does not check validity of variable names Libor Pechacek
2011-01-11 5:59 ` Jeff King
2011-01-19 10:01 ` Libor Pechacek
2011-01-19 14:11 ` [PATCH] Sanity-ckeck config " Libor Pechacek
2011-01-20 23:22 ` Jeff King
2011-01-21 0:06 ` Jeff King
2011-01-21 10:02 ` Libor Pechacek
2011-01-21 10:23 ` [PATCH v2] " Libor Pechacek
2011-01-21 16:23 ` Jeff King
2011-01-27 14:28 ` [PATCH v3] Sanity-check " Libor Pechacek
2011-01-27 22:45 ` Junio C Hamano
2011-01-28 14:53 ` Libor Pechacek
2011-01-30 19:40 ` [PATCH v4] " Libor Pechacek
2011-02-10 22:49 ` Junio C Hamano
2011-02-11 18:52 ` Libor Pechacek [this message]
2011-01-19 14:14 ` [PATCH] Documentation fixes in git-config Libor Pechacek
2011-01-21 0:27 ` Jeff King
2011-01-21 10:20 ` Libor Pechacek
2011-01-21 10:25 ` [PATCH v2] " Libor Pechacek
2011-01-21 16:25 ` Jeff King
2011-01-23 19:46 ` Libor Pechacek
2012-03-01 8:19 ` [PATCH v3] " Libor Pechacek
2012-03-01 9:08 ` Jeff King
2012-03-01 10:54 ` Libor Pechacek
2012-03-01 16:24 ` Junio C Hamano
2012-03-01 10:59 ` [PATCH v4] " Libor Pechacek
2011-01-27 14:52 ` [PATCH] Disallow empty section and variable names Libor Pechacek
2011-01-30 20:34 ` [PATCH v2] " Libor Pechacek
2011-01-31 7:48 ` Johannes Sixt
2011-01-31 9:17 ` Libor Pechacek
2011-01-31 9:29 ` Johannes Sixt
2011-01-31 13:08 ` [PATCH v3] " Libor Pechacek
2011-01-31 16:48 ` Jens Lehmann
2011-02-01 7:13 ` [PATCH v4] " Libor Pechacek
2011-02-10 22:49 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110211185205.GB7406@localhost.suse.cz \
--to=lpechacek@suse.cz \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.