From: Taylor Blau <me@ttaylorr.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Taylor Blau <me@ttaylorr.com>,
git@vger.kernel.org, avarab@gmail.com, dstolee@microsoft.com,
peff@peff.net
Subject: Re: [PATCH v2 5/9] builtin/repack.c: avoid leaking child arguments
Date: Thu, 28 Oct 2021 16:25:48 -0400 [thread overview]
Message-ID: <YXsHTKGBYYeDsdhh@nand.local> (raw)
In-Reply-To: <xmqqzgqut4lr.fsf@gitster.g>
On Wed, Oct 27, 2021 at 04:44:48PM -0700, Junio C Hamano wrote:
> Taylor Blau <me@ttaylorr.com> writes:
>
> > @@ -586,8 +588,10 @@ static int write_midx_included_packs(struct string_list *include,
> > strvec_pushf(&cmd.args, "--refs-snapshot=%s", refs_snapshot);
> >
> > ret = start_command(&cmd);
> > - if (ret)
> > + if (ret) {
> > + child_process_clear(&cmd);
> > return ret;
> > + }
>
> This happens only when start_command() returns an error. But the
> function always calls child_process_clear() before doing so.
>
> So I am not sure if this hunk is needed. It didn't exist in v1, if
> I recall correctly. Am I missing something obvious?
No, it was the person replying to you missing something obvious ;).
Any hunks like this that call child_process_clear() after
start_command() returns a non-zero value are unnecessary. But the one in
repack_promisor_objects() is good, and does prevent the leak that had
led me in this direction in the first place.
Here is a suitable replacement for this patch (I believe that everything
else in this version is fine as-is):
--- >8 ---
Subject: [PATCH] builtin/repack.c: avoid leaking child arguments
`git repack` invokes a handful of child processes: one to write the
actual pack, and optionally ones to repack promisor objects and update
the MIDX.
Most of these are freed automatically by calling `start_command()` (which
invokes it on error) and `finish_command()` which calls it
automatically.
But repack_promisor_objects() can initialize a child_process, populate
its array of arguments, and then return from the function before even
calling start_command().
Make sure that the prepared list of arguments is freed by calling
child_process_clear() ourselves to avoid leaking memory along this path.
Signed-off-by: Taylor Blau <me@ttaylorr.com>
---
builtin/repack.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/builtin/repack.c b/builtin/repack.c
index 0b2d1e5d82..9b74e0d468 100644
--- a/builtin/repack.c
+++ b/builtin/repack.c
@@ -258,9 +258,11 @@ static void repack_promisor_objects(const struct pack_objects_args *args,
for_each_packed_object(write_oid, &cmd,
FOR_EACH_OBJECT_PROMISOR_ONLY);
- if (cmd.in == -1)
+ if (cmd.in == -1) {
/* No packed objects; cmd was never started */
+ child_process_clear(&cmd);
return;
+ }
close(cmd.in);
--
2.33.0.96.g73915697e6
next prev parent reply other threads:[~2021-10-28 20:25 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-26 21:01 [PATCH v2 0/9] midx: clean up t5319 under 'SANITIZE=leak' Taylor Blau
2021-10-26 21:01 ` [PATCH v2 1/9] midx.c: clean up chunkfile after reading the MIDX Taylor Blau
2021-10-26 21:01 ` [PATCH v2 2/9] midx.c: don't leak MIDX from verify_midx_file Taylor Blau
2021-10-26 21:01 ` [PATCH v2 3/9] t/helper/test-read-midx.c: free MIDX within read_midx_file() Taylor Blau
2021-10-26 21:01 ` [PATCH v2 4/9] builtin/pack-objects.c: don't leak memory via arguments Taylor Blau
2021-10-26 21:01 ` [PATCH v2 5/9] builtin/repack.c: avoid leaking child arguments Taylor Blau
2021-10-27 23:44 ` Junio C Hamano
2021-10-28 20:25 ` Taylor Blau [this message]
2021-10-26 21:01 ` [PATCH v2 6/9] builtin/multi-pack-index.c: don't leak concatenated options Taylor Blau
2021-10-26 21:01 ` [PATCH v2 7/9] midx.c: write MIDX filenames to strbuf Taylor Blau
2021-10-26 21:01 ` [PATCH v2 8/9] pack-bitmap.c: don't leak type-level bitmaps Taylor Blau
2021-10-26 21:01 ` [PATCH v2 9/9] pack-bitmap.c: more aggressively free in free_bitmap_index() Taylor Blau
2021-10-27 23:49 ` [PATCH v2 0/9] midx: clean up t5319 under 'SANITIZE=leak' Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YXsHTKGBYYeDsdhh@nand.local \
--to=me@ttaylorr.com \
--cc=avarab@gmail.com \
--cc=dstolee@microsoft.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.