From: "Lidong Yan via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Patrick Steinhardt <ps@pks.im>,
Phillip Wood <phillip.wood123@gmail.com>,
Lidong Yan <502024330056@smail.nju.edu.cn>,
Lidong Yan <502024330056@smail.nju.edu.cn>
Subject: [PATCH v3] parse-options: fix memory leak when calling `parse_options`
Date: Fri, 09 May 2025 14:28:32 +0000 [thread overview]
Message-ID: <pull.1954.v3.git.git.1746800913128.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1954.v2.git.git.1746624294017.gitgitgadget@gmail.com>
From: Lidong Yan <502024330056@smail.nju.edu.cn>
call parse_options twice and occasionally meet unknown option
in the same place would cause memory leak, since the second `xstrdup`
in `parse_options_step` would make the first `xstrdup` unreachable.
One solution is allocate one more magic byte for the unknown option to
indicate that argv[?] stores a heap allocated arg. Assume for all
arg, `*((char *)arg - 1)` is valid, we could put a magic number before
the unknown option. Next time calling "xstrdup" will check the magic
number first, and frees the previous heap allocated memory.
Signed-off-by: Lidong Yan <502024330056@smail.nju.edu.cn>
---
fix xstrdup leak in parse_short_opt
Pass a user defined strdup-like function in parse_opt_ctx to avoid
memory leak.
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1954%2Fbrandb97%2Ffix-parse-option-leak-v3
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1954/brandb97/fix-parse-option-leak-v3
Pull-Request: https://github.com/git/git/pull/1954
Range-diff vs v2:
1: e7b4465b83e < -: ----------- parse-options: fix xstrdup leak in parse_options_step parse-options:984
-: ----------- > 1: 475f7b5b1bd parse-options: fix memory leak when calling `parse_options`
parse-options.c | 12 +++++++++++-
parse-options.h | 2 ++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/parse-options.c b/parse-options.c
index a9a39ecaef6..84f6ae90c77 100644
--- a/parse-options.c
+++ b/parse-options.c
@@ -886,6 +886,8 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
const char * const usagestr[])
{
int internal_help = !(ctx->flags & PARSE_OPT_NO_INTERNAL_HELP);
+ char *magic_ptr = NULL;
+ size_t opt_sz = 0;
/* we must reset ->opt, unknown short option leave it dangling */
ctx->opt = NULL;
@@ -981,7 +983,15 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
*
* This is leaky, too bad.
*/
- ctx->argv[0] = xstrdup(ctx->opt - 1);
+ magic_ptr = (char *)ctx->argv[0] - 1;
+ if (*magic_ptr == OPT_MAGIC)
+ free(magic_ptr);
+ opt_sz = strlen(ctx->opt - 1) + 1;
+ magic_ptr = xmalloc(opt_sz + 1);
+ *magic_ptr = OPT_MAGIC;
+ ctx->argv[0] = magic_ptr + 1;
+ memcpy((char *)ctx->argv[0],
+ ctx->opt - 1, opt_sz);
*(char *)ctx->argv[0] = '-';
goto unknown;
case PARSE_OPT_NON_OPTION:
diff --git a/parse-options.h b/parse-options.h
index 91c3e3c29b3..7fdd2e1097a 100644
--- a/parse-options.h
+++ b/parse-options.h
@@ -477,6 +477,8 @@ static inline void die_for_incompatible_opt2(int opt1, const char *opt1_name,
BUG("option callback expects an argument"); \
} while(0)
+#define OPT_MAGIC ((char)(0xee))
+
/*----- incremental advanced APIs -----*/
struct parse_opt_cmdmode_list;
base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75
--
gitgitgadget
prev parent reply other threads:[~2025-05-09 14:28 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-07 2:33 [PATCH 0/3] fix xstrdup leak in parse_short_opt Lidong Yan via GitGitGadget
2025-05-07 2:33 ` [PATCH 1/3] " Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 2:33 ` [PATCH 2/3] fix: replace bug where int was incorrectly used as bool Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 2:33 ` [PATCH 3/3] fix: use strvec_push_wrapper to prevent ubsan failure Lidong Yan via GitGitGadget
2025-05-07 7:54 ` Patrick Steinhardt
2025-05-07 12:19 ` lidongyan
2025-05-07 13:24 ` [PATCH v2] parse-options: fix xstrdup leak in parse_options_step parse-options:984 Lidong Yan via GitGitGadget
2025-05-09 6:19 ` Patrick Steinhardt
2025-05-09 7:35 ` lidongyan
2025-05-09 13:08 ` Phillip Wood
2025-05-09 13:43 ` lidongyan
2025-05-09 14:28 ` Lidong Yan via GitGitGadget [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1954.v3.git.git.1746800913128.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=502024330056@smail.nju.edu.cn \
--cc=git@vger.kernel.org \
--cc=phillip.wood123@gmail.com \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).