From: Toon Claes <toon@iotcl.com>
To: Patrick Steinhardt <ps@pks.im>, git@vger.kernel.org
Cc: "Rubén Justo" <rjusto@gmail.com>
Subject: Re: [PATCH v2 11/27] git: refactor builtin handling to use a `struct strvec`
Date: Wed, 20 Nov 2024 11:38:47 +0100 [thread overview]
Message-ID: <8734jmtcjs.fsf@iotcl.com> (raw)
In-Reply-To: <20241111-b4-pks-leak-fixes-pt10-v2-11-6154bf91f0b0@pks.im>
Patrick Steinhardt <ps@pks.im> writes:
> Similar as with the preceding commit, `handle_builtin()` does not
> properly track lifetimes of the `argv` array and its strings. As it may
> end up modifying the array this can lead to memory leaks in case it
> contains allocated strings.
>
> Refactor the function to use a `struct strvec` instead.
>
> Signed-off-by: Patrick Steinhardt <ps@pks.im>
> ---
> git.c | 66 ++++++++++++++++++++++++--------------------------
> t/t0211-trace2-perf.sh | 2 +-
> 2 files changed, 32 insertions(+), 36 deletions(-)
>
> diff --git a/git.c b/git.c
> index 88356afe5fb568ccc147f055e3ab253c53a1befa..159dd45b08204c4a89d1dc4ab6990978e2454eb6 100644
> --- a/git.c
> +++ b/git.c
> @@ -696,63 +696,57 @@ void load_builtin_commands(const char *prefix, struct cmdnames *cmds)
> }
>
> #ifdef STRIP_EXTENSION
> -static void strip_extension(const char **argv)
> +static void strip_extension(struct strvec *args)
> {
> size_t len;
>
> - if (strip_suffix(argv[0], STRIP_EXTENSION, &len))
> - argv[0] = xmemdupz(argv[0], len);
> + if (strip_suffix(args->v[0], STRIP_EXTENSION, &len)) {
> + char *stripped = xmemdupz(args->v[0], len);
> + strvec_replace(args, 0, stripped);
> + free(stripped);
> + }
> }
> #else
> #define strip_extension(cmd)
> #endif
>
> -static void handle_builtin(int argc, const char **argv)
> +static void handle_builtin(struct strvec *args)
> {
> - struct strvec args = STRVEC_INIT;
> - const char **argv_copy = NULL;
> const char *cmd;
> struct cmd_struct *builtin;
>
> - strip_extension(argv);
> - cmd = argv[0];
> + strip_extension(args);
> + cmd = args->v[0];
>
> /* Turn "git cmd --help" into "git help --exclude-guides cmd" */
> - if (argc > 1 && !strcmp(argv[1], "--help")) {
> - int i;
> -
> - argv[1] = argv[0];
> - argv[0] = cmd = "help";
> -
> - for (i = 0; i < argc; i++) {
> - strvec_push(&args, argv[i]);
> - if (!i)
> - strvec_push(&args, "--exclude-guides");
> - }
> + if (args->nr > 1 && !strcmp(args->v[1], "--help")) {
> + const char *exclude_guides_arg[] = { "--exclude-guides" };
> +
> + strvec_replace(args, 1, args->v[0]);
> + strvec_replace(args, 0, "help");
> + cmd = "help";
> + strvec_splice(args, 2, 0, exclude_guides_arg,
> + ARRAY_SIZE(exclude_guides_arg));
> + }
>
> - argc++;
> + builtin = get_builtin(cmd);
> + if (builtin) {
> + const char **argv_copy = NULL;
> + int ret;
>
> /*
> * `run_builtin()` will modify the argv array, so we need to
> * create a shallow copy such that we can free all of its
> * strings.
> */
> - CALLOC_ARRAY(argv_copy, argc + 1);
> - COPY_ARRAY(argv_copy, args.v, argc);
> + if (args->nr)
> + DUP_ARRAY(argv_copy, args->v, args->nr + 1);
>
> - argv = argv_copy;
> - }
> -
> - builtin = get_builtin(cmd);
> - if (builtin) {
> - int ret = run_builtin(builtin, argc, argv, the_repository);
> - strvec_clear(&args);
> + ret = run_builtin(builtin, args->nr, argv_copy, the_repository);
> + strvec_clear(args);
> free(argv_copy);
> exit(ret);
> }
> -
> - strvec_clear(&args);
> - free(argv_copy);
> }
Just want to give you a little shout out how you've reorganized the code
and it now makes a lot more sense how `argv_copy` is used by putting
it inside the `if (builtin)` code block.
--
Toon
next prev parent reply other threads:[~2024-11-20 10:39 UTC|newest]
Thread overview: 117+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-06 15:10 [PATCH 00/26] Memory leak fixes (pt.10, final) Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 01/26] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 02/26] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 03/26] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 04/26] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 05/26] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 06/26] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 07/26] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 08/26] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 09/26] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-10 21:39 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 10/26] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-10 21:41 ` Rubén Justo
2024-11-06 15:10 ` [PATCH 11/26] git: refactor builtin " Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 12/26] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-10 21:45 ` Rubén Justo
2024-11-06 15:10 ` [PATCH 13/26] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 14/26] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 15/26] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-10 21:46 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 16/26] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 17/26] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 18/26] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-06 15:11 ` [PATCH 19/26] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-06 15:11 ` [PATCH 20/26] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 21/26] git-compat-util: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 22/26] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 23/26] t: mark some tests as leak free Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 24/26] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 25/26] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 26/26] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-10 21:48 ` [PATCH 00/26] Memory leak fixes (pt.10, final) Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 00/27] " Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 01/27] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 02/27] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 03/27] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 04/27] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 05/27] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 06/27] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 07/27] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-20 10:32 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 08/27] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 09/27] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-20 8:37 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-20 23:13 ` Junio C Hamano
2024-11-21 8:11 ` Jeff King
2024-11-21 8:22 ` Jeff King
2024-11-21 10:23 ` Doxygen-styled comments [was: Re: [PATCH v2 09/27] strvec: introduce new `strvec_splice()` function] Toon Claes
2024-11-21 10:32 ` Jeff King
2024-11-11 10:38 ` [PATCH v2 10/27] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 11/27] git: refactor builtin " Patrick Steinhardt
2024-11-20 10:38 ` Toon Claes [this message]
2024-11-11 10:38 ` [PATCH v2 12/27] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 13/27] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 14/27] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 15/27] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 16/27] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 17/27] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 18/27] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 19/27] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 20/27] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 21/27] global: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-12 8:26 ` Jeff King
2024-11-12 8:53 ` Patrick Steinhardt
2024-11-12 9:03 ` Jeff King
2024-11-11 10:38 ` [PATCH v2 22/27] git-compat-util: drop now-unused `UNLEAK()` macro Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 23/27] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 24/27] t: mark some tests as leak free Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 25/27] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 26/27] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 27/27] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-20 10:40 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-11 23:33 ` [PATCH v2 00/27] Memory leak fixes (pt.10, final) Rubén Justo
2024-11-12 8:06 ` Rubén Justo
2024-11-20 13:39 ` [PATCH v3 " Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 01/27] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 02/27] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 03/27] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 04/27] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 05/27] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 06/27] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 07/27] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-25 11:27 ` Jeff King
2024-11-25 12:38 ` Patrick Steinhardt
2024-11-25 13:17 ` Jeff King
2024-11-25 14:08 ` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 08/27] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 09/27] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 10/27] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 11/27] git: refactor builtin " Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 12/27] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 13/27] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 14/27] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 15/27] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 16/27] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 17/27] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 18/27] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 19/27] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 20/27] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 21/27] global: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 22/27] git-compat-util: drop now-unused `UNLEAK()` macro Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 23/27] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 24/27] t: mark some tests as leak free Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 25/27] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 26/27] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 27/27] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-21 10:32 ` [PATCH v3 00/27] Memory leak fixes (pt.10, final) Toon Claes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8734jmtcjs.fsf@iotcl.com \
--to=toon@iotcl.com \
--cc=git@vger.kernel.org \
--cc=ps@pks.im \
--cc=rjusto@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).