[PATCH] sequencer: fix memory leak if `todo_list_rearrange

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed
@ 2025-05-14 13:53 Lidong Yan via GitGitGadget
  2025-05-15 10:08 ` Phillip Wood
  0 siblings, 1 reply; 4+ messages in thread
From: Lidong Yan via GitGitGadget @ 2025-05-14 13:53 UTC (permalink / raw)
  To: git; +Cc: Lidong Yan, Lidong Yan

From: Lidong Yan <502024330056@smail.nju.edu.cn>

In sequencer.c:todo_list_rearrange_squash, if it fails, memory
allocated in `next`, `tail`, `subjects` and `subject2item` will leak.
Jump to cleanup label before return could fix this leak problem.

Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
---
    sequencer: fix memory leak if todo_list_rearrange_squash() failed
    
    In sequencer.c:todo_list_rearrange_squash, if it fails, memory allocated
    in next, tail, subjects and subject2item will leak. Jump to cleanup
    label before return could fix this leak problem.

Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1965%2Fbrandb97%2Ffix-sequencer-todo-leak-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1965/brandb97/fix-sequencer-todo-leak-v1
Pull-Request: https://github.com/git/git/pull/1965

 sequencer.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/sequencer.c b/sequencer.c
index b5c4043757e..5fb7b68a7ab 100644
--- a/sequencer.c
+++ b/sequencer.c
@@ -6596,6 +6596,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
 	char **subjects;
 	struct commit_todo_item commit_todo;
 	struct todo_item *items = NULL;
+	int ret = 0;
 
 	init_commit_todo_item(&commit_todo);
 	/*
@@ -6626,8 +6627,8 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
 		}
 
 		if (is_fixup(item->command)) {
-			clear_commit_todo_item(&commit_todo);
-			return error(_("the script was already rearranged."));
+			ret = error(_("the script was already rearranged."));
+			goto cleanup;
 		}
 
 		repo_parse_commit(the_repository, item->commit);
@@ -6729,6 +6730,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
 		todo_list->items = items;
 	}
 
+cleanup:
 	free(next);
 	free(tail);
 	for (i = 0; i < todo_list->nr; i++)
@@ -6738,7 +6740,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
 
 	clear_commit_todo_item(&commit_todo);
 
-	return 0;
+	return ret;
 }
 
 int sequencer_determine_whence(struct repository *r, enum commit_whence *whence)

base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75
-- 
gitgitgadget

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed
  2025-05-14 13:53 [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed Lidong Yan via GitGitGadget
@ 2025-05-15 10:08 ` Phillip Wood
  2025-05-15 10:45   ` lidongyan
  2025-05-15 16:37   ` Junio C Hamano
  0 siblings, 2 replies; 4+ messages in thread
From: Phillip Wood @ 2025-05-15 10:08 UTC (permalink / raw)
  To: Lidong Yan via GitGitGadget, git; +Cc: Lidong Yan

On 14/05/2025 14:53, Lidong Yan via GitGitGadget wrote:
> From: Lidong Yan <502024330056@smail.nju.edu.cn>
> 
> In sequencer.c:todo_list_rearrange_squash, if it fails, memory
> allocated in `next`, `tail`, `subjects` and `subject2item` will leak.
> Jump to cleanup label before return could fix this leak problem.

You could mention that you're adding the cleanup label.

I suspect reaching this condition is a bug as well because we should 
only rearrange the todo list when the rebase starts. However I'm not 
100% sure that it is impossible to trigger this condition so lets free 
it as you suggest. The code changes look good.

Out of interest how are you finding these leaks?

Thanks

Phillip

> Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
> ---
>      sequencer: fix memory leak if todo_list_rearrange_squash() failed
>      
>      In sequencer.c:todo_list_rearrange_squash, if it fails, memory allocated
>      in next, tail, subjects and subject2item will leak. Jump to cleanup
>      label before return could fix this leak problem.
> 
> Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1965%2Fbrandb97%2Ffix-sequencer-todo-leak-v1
> Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1965/brandb97/fix-sequencer-todo-leak-v1
> Pull-Request: https://github.com/git/git/pull/1965
> 
>   sequencer.c | 8 +++++---
>   1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/sequencer.c b/sequencer.c
> index b5c4043757e..5fb7b68a7ab 100644
> --- a/sequencer.c
> +++ b/sequencer.c
> @@ -6596,6 +6596,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
>   	char **subjects;
>   	struct commit_todo_item commit_todo;
>   	struct todo_item *items = NULL;
> +	int ret = 0;
>   
>   	init_commit_todo_item(&commit_todo);
>   	/*
> @@ -6626,8 +6627,8 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
>   		}
>   
>   		if (is_fixup(item->command)) {
> -			clear_commit_todo_item(&commit_todo);
> -			return error(_("the script was already rearranged."));
> +			ret = error(_("the script was already rearranged."));
> +			goto cleanup;
>   		}
>   
>   		repo_parse_commit(the_repository, item->commit);
> @@ -6729,6 +6730,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
>   		todo_list->items = items;
>   	}
>   
> +cleanup:
>   	free(next);
>   	free(tail);
>   	for (i = 0; i < todo_list->nr; i++)
> @@ -6738,7 +6740,7 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
>   
>   	clear_commit_todo_item(&commit_todo);
>   
> -	return 0;
> +	return ret;
>   }
>   
>   int sequencer_determine_whence(struct repository *r, enum commit_whence *whence)
> 
> base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed
  2025-05-15 10:08 ` Phillip Wood
@ 2025-05-15 10:45   ` lidongyan
  2025-05-15 16:37   ` Junio C Hamano
  1 sibling, 0 replies; 4+ messages in thread
From: lidongyan @ 2025-05-15 10:45 UTC (permalink / raw)
  To: Phillip Wood; +Cc: Lidong Yan via GitGitGadget, git

2025/5/15 18:08，Phillip Wood <phillip.wood123@gmail.com> 写道：
> 
> On 14/05/2025 14:53, Lidong Yan via GitGitGadget wrote:
>> From: Lidong Yan <502024330056@smail.nju.edu.cn>
>> In sequencer.c:todo_list_rearrange_squash, if it fails, memory
>> allocated in `next`, `tail`, `subjects` and `subject2item` will leak.
>> Jump to cleanup label before return could fix this leak problem.
> 
> You could mention that you're adding the cleanup label.

Understood. I will pay attention to this in future patches.

> Out of interest how are you finding these leaks?

I am a graduate student at Nanjing University, working in 
collaboration with Professor [Qingkai Shi](https://qingkaishi.github.io/). 
We are currently developing a tool for statically analyzing
memory leaks in C programs, and I am testing this tool on Git.
To ensure the validity of our testing results, we are submitting
patches to Git and seeking confirmation from you developers.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed
  2025-05-15 10:08 ` Phillip Wood
  2025-05-15 10:45   ` lidongyan
@ 2025-05-15 16:37   ` Junio C Hamano
  1 sibling, 0 replies; 4+ messages in thread
From: Junio C Hamano @ 2025-05-15 16:37 UTC (permalink / raw)
  To: Phillip Wood; +Cc: Lidong Yan via GitGitGadget, git, Lidong Yan

Phillip Wood <phillip.wood123@gmail.com> writes:

> On 14/05/2025 14:53, Lidong Yan via GitGitGadget wrote:
>> From: Lidong Yan <502024330056@smail.nju.edu.cn>
>> In sequencer.c:todo_list_rearrange_squash, if it fails, memory
>> allocated in `next`, `tail`, `subjects` and `subject2item` will leak.
>> Jump to cleanup label before return could fix this leak problem.
>
> You could mention that you're adding the cleanup label.
>
> I suspect reaching this condition is a bug as well because we should
> only rearrange the todo list when the rebase starts. However I'm not
> 100% sure that it is impossible to trigger this condition so lets free
> it as you suggest. The code changes look good.

I wonder if there is a way (sort of using BUG("") but not as severe
as killing the program) for us to mark "we do not expect this code
path to be taken" and ask static analysis or fuzzers to disprove
such assertions.

The message being an error(), without a silent return doing nothing,
smells like a good enough sign, at least to me, that the original
author intended not to call this helper function on a list that was
already rearranged, so turning this into BUG("") may be something we
would want to consider doing in the longer term.

>> @@ -6626,8 +6627,8 @@ int todo_list_rearrange_squash(struct todo_list *todo_list)
>>   		}
>>     		if (is_fixup(item->command)) {
>> -			clear_commit_todo_item(&commit_todo);
>> -			return error(_("the script was already rearranged."));
>> +			ret = error(_("the script was already rearranged."));
>> +			goto cleanup;
>>   		}

Thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-05-15 16:37 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-14 13:53 [PATCH] sequencer: fix memory leak if `todo_list_rearrange_squash()` failed Lidong Yan via GitGitGadget
2025-05-15 10:08 ` Phillip Wood
2025-05-15 10:45   ` lidongyan
2025-05-15 16:37   ` Junio C Hamano

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).