From: Junio C Hamano <gitster@pobox.com>
To: "Carlo Marcelo Arenas Belón" <carenas@gmail.com>
Cc: git@vger.kernel.org, me@m28.io, derrickstolee@github.com,
Johannes.Schindelin@gmx.de
Subject: Re: [PATCH] setup: avoid uninitialized use of is_safe in ensure_valid_ownership
Date: Wed, 27 Apr 2022 09:35:10 -0700 [thread overview]
Message-ID: <xmqq8rrqo56p.fsf@gitster.g> (raw)
In-Reply-To: <20220427080412.37766-1-carenas@gmail.com> ("Carlo Marcelo Arenas Belón"'s message of "Wed, 27 Apr 2022 01:04:12 -0700")
Carlo Marcelo Arenas Belón <carenas@gmail.com> writes:
> 8959555cee7 (setup_git_directory(): add an owner check for the top-level
> directory, 2022-03-02) adds this member as part of a newly created
> structure that then gets initialized during the callback, but bb50ec3cc30
> (setup: fix safe.directory key not being checked, 2022-04-13) add a
> quick exit from the callback that avoids this initialization unless the
> callback is called with the relevant key.
>
> This leads to this variable not being initialized UNLESS the global config
> has at least one key for safe.directory, so instead initialize it in the
> caller.
>
> Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
> ---
> setup.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/setup.c b/setup.c
> index a7b36f3ffbf..17c7f5fc1dc 100644
> --- a/setup.c
> +++ b/setup.c
> @@ -1122,7 +1122,7 @@ static int safe_directory_cb(const char *key, const char *value, void *d)
>
> static int ensure_valid_ownership(const char *path)
> {
> - struct safe_directory_data data = { .path = path };
> + struct safe_directory_data data = { .path = path, .is_safe = 0 };
This is not wrong per-se but is not necessary. Once you have an
initializer, the struct is zero initialized except for members whose
initial values are explicitly mentioned in the initializer.
Sometimes an explicit initialization is a good way to make the
intention of the code clear, and because setting of the .is_safe
member is done inside a callback function, out of sight from the
reader of this function, while the return value does depend on
having a valid value in the .is_safe member, I do not think we mind
this change, though.
But if we were to take it, the justification must be rewritten. It
is an OK change to clarify the code to human readers. It is not a
fix to a bug that left a struct member uninitialized.
>
> if (!git_env_bool("GIT_TEST_ASSUME_DIFFERENT_OWNER", 0) &&
> is_path_owned_by_current_user(path))
prev parent reply other threads:[~2022-04-27 16:35 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-27 8:04 [PATCH] setup: avoid uninitialized use of is_safe in ensure_valid_ownership Carlo Marcelo Arenas Belón
[not found] ` <CA+zfrf-6c7BG-PDehHKh6_8zWdu=NeM9gL6zN8Ug+oT9fAOfqw@mail.gmail.com>
2022-04-27 8:31 ` Carlo Arenas
[not found] ` <CA+zfrf_mHfDXk-1VhU564YeCTW7rgDeeuORdTT61LkTESmC5Og@mail.gmail.com>
2022-04-27 9:16 ` Carlo Arenas
2022-04-27 14:04 ` Derrick Stolee
2022-04-27 16:35 ` Junio C Hamano [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq8rrqo56p.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=carenas@gmail.com \
--cc=derrickstolee@github.com \
--cc=git@vger.kernel.org \
--cc=me@m28.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).