From: "René Scharfe" <l.s.r@web.de>
To: Junio C Hamano <gitster@pobox.com>, Jeff King <peff@peff.net>
Cc: "Git Mailing List" <git@vger.kernel.org>,
"Karsten Blees" <karsten.blees@gmail.com>,
"Nguyễn Thái Ngọc Duy" <pclouds@gmail.com>
Subject: Re: [PATCH v3 05/10] abspath: convert real_path_internal() to strbuf
Date: Tue, 29 Jul 2014 02:04:59 +0200 [thread overview]
Message-ID: <53D6E52B.1050006@web.de> (raw)
In-Reply-To: <xmqqiomh40ui.fsf@gitster.dls.corp.google.com>
Am 28.07.2014 um 23:42 schrieb Junio C Hamano:
> Jeff King <peff@peff.net> writes:
>
>> On Mon, Jul 28, 2014 at 08:28:30PM +0200, René Scharfe wrote:
>>
>>> @@ -60,26 +58,22 @@ static const char *real_path_internal(const char *path, int die_on_error)
>>> goto error_out;
>>> }
>>>
>>> - if (strlcpy(buf, path, PATH_MAX) >= PATH_MAX) {
>>> - if (die_on_error)
>>> - die("Too long path: %.*s", 60, path);
>>> - else
>>> - goto error_out;
>>> - }
>>> + strbuf_init(&sb, 0);
>>> + strbuf_addstr(&sb, path);
>>
>> As with the other patch I just mentioned, should this be strbuf_reset,
>> not strbuf_init? We want to reset the static buffer back to zero-size,
>> not throw it away and leak whatever was there.
>>
>> -Peff
>
> Yes, this one seems to be leaking.
>
> "Next call to the function invalidates the return value the last
> caller received" feels like playing with fire. Most existing
> callers are safe in that the first thing they do to the returned
> string is xstrdup() it, but we would need to check all the other
> callers.
That's the price we pay for using static variables, no? Callers need to
consume them as long as they're fresh and multi-threading is not
allowed. Before, callers could use wrong buffer contents, after the
patch they could still have a pointer to freed memory, which should be
more noticeable in tests.
Getting a strbuf_add_real_path() in order to avoid static variables
would be nice. And it would also be nice if it worked without calling
chdir(). Nice topics for follow-up patches. :)
> I briefly thought it is not OK for set_git_work_tree(), which gets
> new_work_tree, calls real_path() to receive the value from the
> function, and then calls real_path() again on it. The "We've
> already done it" optimization is the only thing that makes it safe,
> which feels overly fragile.
It wasn't introduced as an optimization, but to silence valgrind
(1d679de5: make_absolute_path: return the input path if it points to our
buffer). set_git_work_tree() calls real_path() only once in each of its
two branches. However, one caller (init) hands it a path returned by
real_path(); we can change that (sent a patch).
René
next prev parent reply other threads:[~2014-07-29 0:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-28 18:21 [PATCH v3 0/10] getcwd without PATH_MAX René Scharfe
2014-07-28 18:24 ` [PATCH v3 01/10] strbuf: add strbuf_getcwd() René Scharfe
2014-07-28 18:25 ` [PATCH v3 02/10] unix-sockets: use strbuf_getcwd() René Scharfe
2014-07-28 18:51 ` Jeff King
2014-07-28 18:26 ` [PATCH v3 03/10] setup: convert setup_git_directory_gently_1 et al. to strbuf René Scharfe
2014-07-28 23:23 ` Eric Sunshine
2014-08-16 20:14 ` Torsten Bögershausen
2014-08-16 21:48 ` René Scharfe
2014-08-18 16:50 ` Junio C Hamano
2014-07-28 18:27 ` [PATCH 04/10] abspath: use strbuf_getcwd() to remember original working directory René Scharfe
2014-07-28 18:28 ` [PATCH v3 05/10] abspath: convert real_path_internal() to strbuf René Scharfe
2014-07-28 19:09 ` Jeff King
2014-07-28 22:20 ` René Scharfe
2014-07-28 19:16 ` Jeff King
2014-07-28 21:42 ` Junio C Hamano
2014-07-29 0:04 ` René Scharfe [this message]
2014-07-29 16:44 ` Junio C Hamano
2014-07-29 0:05 ` fixup for 05/10: plug leak René Scharfe
2014-07-28 18:29 ` [PATCH v3 06/10] wrapper: add xgetcwd() René Scharfe
2014-07-28 18:30 ` [PATCH v3 07/10] use xgetcwd() to get the current directory or die René Scharfe
2014-07-28 18:31 ` [PATCH v3 08/10] use xgetcwd() to set $GIT_DIR René Scharfe
2014-07-28 18:33 ` [PATCH v3 09/10] abspath: convert absolute_path() to strbuf René Scharfe
2014-07-28 19:15 ` Jeff King
2014-07-28 22:34 ` René Scharfe
2014-07-29 0:05 ` fixup for 09/10: plug leak René Scharfe
2014-07-28 18:34 ` [PATCH v3 10/10] use strbuf_add_absolute_path() to add absolute paths René Scharfe
2014-07-28 18:37 ` [PATCH v3 04/10] abspath: use strbuf_getcwd() to remember original working directory René Scharfe
2014-07-28 19:19 ` [PATCH v3 0/10] getcwd without PATH_MAX Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53D6E52B.1050006@web.de \
--to=l.s.r@web.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=karsten.blees@gmail.com \
--cc=pclouds@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).