From: "René Scharfe" <l.s.r@web.de>
To: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>
Cc: "Git Mailing List" <git@vger.kernel.org>,
"Karsten Blees" <karsten.blees@gmail.com>,
"Nguyễn Thái Ngọc Duy" <pclouds@gmail.com>
Subject: Re: [PATCH v3 05/10] abspath: convert real_path_internal() to strbuf
Date: Tue, 29 Jul 2014 02:04:59 +0200 [thread overview]
Message-ID: <53D6E52B.1050006@web.de> (raw)
In-Reply-To: <xmqqiomh40ui.fsf@gitster.dls.corp.google.com>
Am 28.07.2014 um 23:42 schrieb Junio C Hamano:
> Jeff King <peff@peff.net> writes:
>
>> On Mon, Jul 28, 2014 at 08:28:30PM +0200, René Scharfe wrote:
>>
>>> @@ -60,26 +58,22 @@ static const char *real_path_internal(const char *path, int die_on_error)
>>> goto error_out;
>>> }
>>>
>>> - if (strlcpy(buf, path, PATH_MAX) >= PATH_MAX) {
>>> - if (die_on_error)
>>> - die("Too long path: %.*s", 60, path);
>>> - else
>>> - goto error_out;
>>> - }
>>> + strbuf_init(&sb, 0);
>>> + strbuf_addstr(&sb, path);
>>
>> As with the other patch I just mentioned, should this be strbuf_reset,
>> not strbuf_init? We want to reset the static buffer back to zero-size,
>> not throw it away and leak whatever was there.
>>
>> -Peff
>
> Yes, this one seems to be leaking.
>
> "Next call to the function invalidates the return value the last
> caller received" feels like playing with fire. Most existing
> callers are safe in that the first thing they do to the returned
> string is xstrdup() it, but we would need to check all the other
> callers.
That's the price we pay for using static variables, no? Callers need to
consume them as long as they're fresh and multi-threading is not
allowed. Before, callers could use wrong buffer contents, after the
patch they could still have a pointer to freed memory, which should be
more noticeable in tests.
Getting a strbuf_add_real_path() in order to avoid static variables
would be nice. And it would also be nice if it worked without calling
chdir(). Nice topics for follow-up patches. :)
> I briefly thought it is not OK for set_git_work_tree(), which gets
> new_work_tree, calls real_path() to receive the value from the
> function, and then calls real_path() again on it. The "We've
> already done it" optimization is the only thing that makes it safe,
> which feels overly fragile.
It wasn't introduced as an optimization, but to silence valgrind
(1d679de5: make_absolute_path: return the input path if it points to our
buffer). set_git_work_tree() calls real_path() only once in each of its
two branches. However, one caller (init) hands it a path returned by
real_path(); we can change that (sent a patch).
René
next prev parent reply other threads:[~2014-07-29 0:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-28 18:21 [PATCH v3 0/10] getcwd without PATH_MAX René Scharfe
2014-07-28 18:24 ` [PATCH v3 01/10] strbuf: add strbuf_getcwd() René Scharfe
2014-07-28 18:25 ` [PATCH v3 02/10] unix-sockets: use strbuf_getcwd() René Scharfe
2014-07-28 18:51 ` Jeff King
2014-07-28 18:26 ` [PATCH v3 03/10] setup: convert setup_git_directory_gently_1 et al. to strbuf René Scharfe
2014-07-28 23:23 ` Eric Sunshine
2014-08-16 20:14 ` Torsten Bögershausen
2014-08-16 21:48 ` René Scharfe
2014-08-18 16:50 ` Junio C Hamano
2014-07-28 18:27 ` [PATCH 04/10] abspath: use strbuf_getcwd() to remember original working directory René Scharfe
2014-07-28 18:28 ` [PATCH v3 05/10] abspath: convert real_path_internal() to strbuf René Scharfe
2014-07-28 19:09 ` Jeff King
2014-07-28 22:20 ` René Scharfe
2014-07-28 19:16 ` Jeff King
2014-07-28 21:42 ` Junio C Hamano
2014-07-29 0:04 ` René Scharfe [this message]
2014-07-29 16:44 ` Junio C Hamano
2014-07-29 0:05 ` fixup for 05/10: plug leak René Scharfe
2014-07-28 18:29 ` [PATCH v3 06/10] wrapper: add xgetcwd() René Scharfe
2014-07-28 18:30 ` [PATCH v3 07/10] use xgetcwd() to get the current directory or die René Scharfe
2014-07-28 18:31 ` [PATCH v3 08/10] use xgetcwd() to set $GIT_DIR René Scharfe
2014-07-28 18:33 ` [PATCH v3 09/10] abspath: convert absolute_path() to strbuf René Scharfe
2014-07-28 19:15 ` Jeff King
2014-07-28 22:34 ` René Scharfe
2014-07-29 0:05 ` fixup for 09/10: plug leak René Scharfe
2014-07-28 18:34 ` [PATCH v3 10/10] use strbuf_add_absolute_path() to add absolute paths René Scharfe
2014-07-28 18:37 ` [PATCH v3 04/10] abspath: use strbuf_getcwd() to remember original working directory René Scharfe
2014-07-28 19:19 ` [PATCH v3 0/10] getcwd without PATH_MAX Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53D6E52B.1050006@web.de \
--to=l.s.r@web.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=karsten.blees@gmail.com \
--cc=pclouds@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.