From: Taylor Blau <me@ttaylorr.com>
To: Derrick Stolee <derrickstolee@github.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH 1/7] pack-write.c: plug a leak in stage_tmp_packfiles()
Date: Tue, 11 Apr 2023 17:25:12 -0400 [thread overview]
Message-ID: <ZDXQOIRqHdV7ONcN@nand.local> (raw)
In-Reply-To: <423b5c5c-ef86-198a-16f7-c836ed78928c@github.com>
On Tue, Apr 11, 2023 at 09:23:31AM -0400, Derrick Stolee wrote:
> On 4/10/2023 6:53 PM, Taylor Blau wrote:
>
> > Instead, simply free() `rev_tmp_name` at the end of
> > `stage_tmp_packfiles()`.
>
> > @@ -568,6 +568,8 @@ void stage_tmp_packfiles(struct strbuf *name_buffer,
> > rename_tmp_packfile(name_buffer, rev_tmp_name, "rev");
> > if (mtimes_tmp_name)
> > rename_tmp_packfile(name_buffer, mtimes_tmp_name, "mtimes");
> > +
> > + free((char *)rev_tmp_name);
>
> Just cut off from the context is a "if (rev_tmp_name)", so it might be
> good to group this into that block, since we have the condition, anyway.
Definitely possible, though FWIW it's fine to have this free()
positioned at the end of the function, since we initialize rev_tmp_name
to NULL (making this a noop when not writing an on-disk reverse index).
> But I was also thinking about how we like to use "const" as an indicator
> as "I am not responsible for free()ing this". And this comes from the
> public write_rev_file() method. Based on the API prototype, we could
> think that this string is held by a static strbuf (making the method
> not reentrant, but that happens sometimes in our methods). But generally,
> I wanted to inspect what it would take to make the API reflect the fact
> that it can return a "new" string.
>
> But there are two issues:
>
> 1. The actual logic is inside write_rev_file_order(), so that API
> needs to change, too.
>
> 2. The "new" string is created only if the rev_name parameter is
> NULL, which is somewhat understandable but still requires
> inside knowledge about the implementation to make that choice.
>
> 3. If we inspect the callers to these methods, only one caller
> passes a non-null name: builtin/index-pack.c. The rest pass NULL,
> including write_midx_reverse_index() (which then leaks the name).
>
> The below diff includes my attempt to change the API to return a
> non-const string that must be freed by the callers.
I like this direction. I think that all things being equal (and unless
you feel strongly about it in the meantime), I'd just as soon pursue
this as a "fast follow" to avoid intermixing this API change with the
primary intent of this series.
In the meantime, dropping the const via a cast down to "char *" works
fine to plug the leak here.
Thanks,
Taylor
next prev parent reply other threads:[~2023-04-11 21:25 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-10 22:53 [PATCH 0/7] pack-revindex: enable on-disk reverse indexes by default Taylor Blau
2023-04-10 22:53 ` [PATCH 1/7] pack-write.c: plug a leak in stage_tmp_packfiles() Taylor Blau
2023-04-11 13:23 ` Derrick Stolee
2023-04-11 21:25 ` Taylor Blau [this message]
2023-04-10 22:53 ` [PATCH 2/7] t5325: mark as leak-free Taylor Blau
2023-04-10 22:53 ` [PATCH 3/7] pack-revindex: make `load_pack_revindex` take a repository Taylor Blau
2023-04-11 13:45 ` Derrick Stolee
2023-04-11 21:30 ` Taylor Blau
2023-04-12 17:33 ` Derrick Stolee
2023-04-10 22:53 ` [PATCH 4/7] pack-revindex: introduce GIT_TEST_REV_INDEX_DIE_ON_DISK Taylor Blau
2023-04-10 22:53 ` [PATCH 5/7] pack-revindex: introduce `pack.readReverseIndex` Taylor Blau
2023-04-10 22:53 ` [PATCH 6/7] config: enable `pack.writeReverseIndex` by default Taylor Blau
2023-04-13 16:14 ` Junio C Hamano
2023-04-10 22:53 ` [PATCH 7/7] t: invert `GIT_TEST_WRITE_REV_INDEX` Taylor Blau
2023-04-11 13:51 ` Derrick Stolee
2023-04-11 21:33 ` Taylor Blau
2023-04-12 17:37 ` Derrick Stolee
2023-04-11 13:54 ` [PATCH 0/7] pack-revindex: enable on-disk reverse indexes by default Derrick Stolee
2023-04-11 21:40 ` Taylor Blau
2023-04-12 17:39 ` Derrick Stolee
2023-04-12 22:20 ` [PATCH v2 " Taylor Blau
2023-04-12 22:20 ` [PATCH v2 1/7] pack-write.c: plug a leak in stage_tmp_packfiles() Taylor Blau
2023-04-12 22:20 ` [PATCH v2 2/7] t5325: mark as leak-free Taylor Blau
2023-04-12 22:20 ` [PATCH v2 3/7] pack-revindex: make `load_pack_revindex` take a repository Taylor Blau
2023-04-12 22:20 ` [PATCH v2 4/7] pack-revindex: introduce GIT_TEST_REV_INDEX_DIE_ON_DISK Taylor Blau
2023-04-12 22:20 ` [PATCH v2 5/7] pack-revindex: introduce `pack.readReverseIndex` Taylor Blau
2023-04-12 22:20 ` [PATCH v2 6/7] config: enable `pack.writeReverseIndex` by default Taylor Blau
2023-04-12 22:20 ` [PATCH v2 7/7] t: invert `GIT_TEST_WRITE_REV_INDEX` Taylor Blau
2023-04-13 13:40 ` [PATCH v2 0/7] pack-revindex: enable on-disk reverse indexes by default Derrick Stolee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZDXQOIRqHdV7ONcN@nand.local \
--to=me@ttaylorr.com \
--cc=derrickstolee@github.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).