From: Junio C Hamano <gitster@pobox.com>
To: "Kleber Tarcísio via GitGitGadget" <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, "Kleber Tarcísio" <klebertarcisio@yahoo.com.br>
Subject: Re: [PATCH] fix null pointer dereference
Date: Sun, 21 Mar 2021 10:25:09 -0700 [thread overview]
Message-ID: <xmqqft0oberu.fsf@gitster.g> (raw)
In-Reply-To: <pull.983.git.git.1616323936790.gitgitgadget@gmail.com> ("Kleber Tarcísio via GitGitGadget"'s message of "Sun, 21 Mar 2021 10:52:16 +0000")
"Kleber Tarcísio via GitGitGadget" <gitgitgadget@gmail.com> writes:
> From: =?UTF-8?q?Kleber=20Tarc=C3=ADsio?= <klebertarcisio@yahoo.com.br>
> Subject: Re: [PATCH] fix null pointer dereference
Thanks, but see Documentation/SubmittingPatches for general guidelines.
Our commit title begins with "<area>:" so that when this change is
buried among hundreds of other commits in "git shortlog --no-merges",
the readers can tell what it is about.
Subject: [PATCH] submodule-helper: avoid unchecked malloc()
perhaps.
> The malloc function can return null when the memory allocation fails. This commit adds a condition to handle these cases properly. https://cwe.mitre.org/data/definitions/476.html
Overlong line. Also when you can say something without forcing
readers to refer to external material, do so (and if you do not
think you can, try harder ;-).
In this case, I think you do not need to say
anything more than
submodule-helper.c::submodule_summary_callback() calls
malloc() and uses the returned value without checking for
NULLness. Use xmalloc() instaed.
> diff --git a/builtin/submodule--helper.c b/builtin/submodule--helper.c
> index 9d505a6329c8..92349d715a78 100644
> --- a/builtin/submodule--helper.c
> +++ b/builtin/submodule--helper.c
> @@ -1215,6 +1215,8 @@ static void submodule_summary_callback(struct diff_queue_struct *q,
> if (!S_ISGITLINK(p->one->mode) && !S_ISGITLINK(p->two->mode))
> continue;
> temp = (struct module_cb*)malloc(sizeof(struct module_cb));
> + if (!temp)
> + die(_("out of memory"));
And this should be just
- temp = (struct module_cb*)malloc(sizeof(struct module_cb));
+ temp = (struct module_cb*)xmalloc(sizeof(struct module_cb));
without any "check and die" on its own.
Note that if this were a new code that adds a call to xmalloc(),
competent reviewers would say it should be spelled more like so:
temp = xmalloc(sizeof(*temp));
to lose unnecessary cast and to prepare for future evolution of the
code (e.g. the type of 'temp' may change from 'struct module_cb' to
somethng else). But for this "malloc is wrong, use xmalloc instead"
fix, we do not mix such a code improvement in the same patch.
Thanks.
prev parent reply other threads:[~2021-03-21 17:26 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-21 10:52 [PATCH] fix null pointer dereference Kleber Tarcísio via GitGitGadget
2021-03-21 12:43 ` Ævar Arnfjörð Bjarmason
2021-03-21 14:47 ` Matheus Tavares Bernardino
2021-03-21 17:25 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqft0oberu.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=klebertarcisio@yahoo.com.br \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.