From: "Lidong Yan via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Patrick Steinhardt <ps@pks.im>,
Phillip Wood <phillip.wood123@gmail.com>,
Lidong Yan <502024330056@smail.nju.edu.cn>,
Lidong Yan <502024330056@smail.nju.edu.cn>
Subject: [PATCH v3] parse-options: fix memory leak when calling `parse_options`
Date: Fri, 09 May 2025 14:28:32 +0000 [thread overview]
Message-ID: <pull.1954.v3.git.git.1746800913128.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1954.v2.git.git.1746624294017.gitgitgadget@gmail.com>
From: Lidong Yan <502024330056@smail.nju.edu.cn>
call parse_options twice and occasionally meet unknown option
in the same place would cause memory leak, since the second `xstrdup`
in `parse_options_step` would make the first `xstrdup` unreachable.
One solution is allocate one more magic byte for the unknown option to
indicate that argv[?] stores a heap allocated arg. Assume for all
arg, `*((char *)arg - 1)` is valid, we could put a magic number before
the unknown option. Next time calling "xstrdup" will check the magic
number first, and frees the previous heap allocated memory.
Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
---
fix xstrdup leak in parse_short_opt
Pass a user defined strdup-like function in parse_opt_ctx to avoid
memory leak.
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1954%2Fbrandb97%2Ffix-parse-option-leak-v3
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1954/brandb97/fix-parse-option-leak-v3
Pull-Request: https://github.com/git/git/pull/1954
Range-diff vs v2:
1: e7b4465b83e < -: ----------- parse-options: fix xstrdup leak in parse_options_step parse-options:984
-: ----------- > 1: 475f7b5b1bd parse-options: fix memory leak when calling `parse_options`
parse-options.c | 12 +++++++++++-
parse-options.h | 2 ++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/parse-options.c b/parse-options.c
index a9a39ecaef6..84f6ae90c77 100644
--- a/parse-options.c
+++ b/parse-options.c
@@ -886,6 +886,8 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
const char * const usagestr[])
{
int internal_help = !(ctx->flags & PARSE_OPT_NO_INTERNAL_HELP);
+ char *magic_ptr = NULL;
+ size_t opt_sz = 0;
/* we must reset ->opt, unknown short option leave it dangling */
ctx->opt = NULL;
@@ -981,7 +983,15 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
*
* This is leaky, too bad.
*/
- ctx->argv[0] = xstrdup(ctx->opt - 1);
+ magic_ptr = (char *)ctx->argv[0] - 1;
+ if (*magic_ptr == OPT_MAGIC)
+ free(magic_ptr);
+ opt_sz = strlen(ctx->opt - 1) + 1;
+ magic_ptr = xmalloc(opt_sz + 1);
+ *magic_ptr = OPT_MAGIC;
+ ctx->argv[0] = magic_ptr + 1;
+ memcpy((char *)ctx->argv[0],
+ ctx->opt - 1, opt_sz);
*(char *)ctx->argv[0] = '-';
goto unknown;
case PARSE_OPT_NON_OPTION:
diff --git a/parse-options.h b/parse-options.h
index 91c3e3c29b3..7fdd2e1097a 100644
--- a/parse-options.h
+++ b/parse-options.h
@@ -477,6 +477,8 @@ static inline void die_for_incompatible_opt2(int opt1, const char *opt1_name,
BUG("option callback expects an argument"); \
} while(0)
+#define OPT_MAGIC ((char)(0xee))
+
/*----- incremental advanced APIs -----*/
struct parse_opt_cmdmode_list;
base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75
--
gitgitgadget
prev parent reply other threads:[~2025-05-09 14:28 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-07 2:33 [PATCH 0/3] fix xstrdup leak in parse_short_opt Lidong Yan via GitGitGadget
2025-05-07 2:33 ` [PATCH 1/3] " Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 2:33 ` [PATCH 2/3] fix: replace bug where int was incorrectly used as bool Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 2:33 ` [PATCH 3/3] fix: use strvec_push_wrapper to prevent ubsan failure Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 12:19 ` lidongyan
2025-05-07 13:24 ` [PATCH v2] parse-options: fix xstrdup leak in parse_options_step parse-options:984 Lidong Yan via GitGitGadget
2025-05-09 6:19 ` Patrick Steinhardt
2025-05-09 7:35 ` lidongyan
2025-05-09 13:08 ` Phillip Wood
2025-05-09 13:43 ` lidongyan
2025-05-09 14:28 ` Lidong Yan via GitGitGadget [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1954.v3.git.git.1746800913128.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=502024330056@smail.nju.edu.cn \
--cc=git@vger.kernel.org \
--cc=phillip.wood123@gmail.com \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.