From: Jeff King <peff@peff.net>
To: Stefan Beller <sbeller@google.com>
Cc: Johannes Schindelin <johannes.schindelin@gmx.de>,
"git@vger.kernel.org" <git@vger.kernel.org>,
Junio C Hamano <gitster@pobox.com>,
David Aguilar <davvid@gmail.com>,
Dennis Kaarsemaker <dennis@kaarsemaker.net>,
Paul Sbarra <sbarra.paul@gmail.com>
Subject: Re: [PATCH v4 1/4] Avoid Coverity warning about unfree()d git_exec_path()
Date: Tue, 3 Jan 2017 20:13:43 -0500 [thread overview]
Message-ID: <20170104011343.oq374uffgiltqzeo@sigill.intra.peff.net> (raw)
In-Reply-To: <CAGZ79kZ--jp08pK+xwn1N2VQQr8bA5+DveE2HsoY90R1gR6c_A@mail.gmail.com>
On Tue, Jan 03, 2017 at 12:11:25PM -0800, Stefan Beller wrote:
> On Mon, Jan 2, 2017 at 8:22 AM, Johannes Schindelin
> <johannes.schindelin@gmx.de> wrote:
> > Technically, it is correct that git_exec_path() returns a possibly
> > malloc()ed string. Practically, it is *sometimes* not malloc()ed. So
> > let's just use a static variable to make it a singleton. That'll shut
> > Coverity up, hopefully.
>
> I picked up this patch and applied it to the coverity branch
> that I maintain at github/stefanbeller/git.
>
> I'd love to see this patch upstream as it reduces my maintenance
> burden of the coverity branch by a patch.
There is another lurking issue in that function, which is that the
return value of getenv() is not guaranteed to last beyond more calls to
getenv() or setenv(). It should probably xstrdup() that result, too.
At that point 2 out of 3 of the return cases would be malloc'd strings,
so we _could_ switch the third and say "caller must free the result".
But I think I prefer something like Dscho's solution (more on that
below).
> Early on when Git was new to coverity, some arguments were made
> that patches like these only clutter the main code base which is read
> by a lot of people, hence we want these quirks for coverity not upstream.
> And I think that still holds.
>
> If this patch is only to appease coverity (as the commit message eludes
> to) I think this may be a bad idea for upstream. If this patch fixes an
> actual problem, then the commit message needs to spell that out.
This is a real leak, though in all cases the program typically exits
soon afterwards. But we leak from list_commands(), for example, and it
is not immediately obvious that this is only called right before
exiting.
But I think more important is that caching the result in a static
variable communicates something (both to Coverity and to a reader of the
code). This is a value we expect to live through the life of the
program, and it is OK for it to "leak" when it goes out of scope by the
program exiting.
So even though the behavior does not really change, the annotation has
value.
-Peff
next prev parent reply other threads:[~2017-01-04 1:13 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-22 17:01 [PATCH 0/2] Show Git Mailing List: a builtin difftool Johannes Schindelin
2016-11-22 17:01 ` [PATCH 1/2] difftool: add the builtin Johannes Schindelin
2016-11-23 8:08 ` David Aguilar
2016-11-23 11:34 ` Johannes Schindelin
2016-11-22 17:01 ` [PATCH 2/2] difftool: add a feature flag for the builtin vs scripted version Johannes Schindelin
2016-11-23 14:51 ` Dennis Kaarsemaker
2016-11-23 17:29 ` Johannes Schindelin
2016-11-23 17:40 ` Junio C Hamano
2016-11-23 18:18 ` Junio C Hamano
2016-11-23 19:55 ` Johannes Schindelin
2016-11-23 20:04 ` Junio C Hamano
2016-11-23 22:01 ` Johannes Schindelin
2016-11-23 22:03 ` [PATCH v2 0/1] Show Git Mailing List: a builtin difftool Johannes Schindelin
2016-11-23 22:03 ` [PATCH v2 1/1] difftool: add the builtin Johannes Schindelin
2016-11-23 22:25 ` Junio C Hamano
2016-11-23 22:30 ` Junio C Hamano
2016-11-24 10:38 ` Johannes Schindelin
2016-11-24 20:55 ` [PATCH v3 0/2] Show Git Mailing List: a builtin difftool Johannes Schindelin
2016-11-24 20:55 ` [PATCH v3 1/2] difftool: add a skeleton for the upcoming builtin Johannes Schindelin
2016-11-24 21:08 ` Jeff King
2016-11-24 21:56 ` Johannes Schindelin
2016-11-25 3:18 ` Jeff King
2016-11-25 11:05 ` Johannes Schindelin
2016-11-25 17:19 ` Jeff King
2016-11-25 17:41 ` Johannes Schindelin
2016-11-25 17:47 ` Jeff King
2016-11-26 12:22 ` Johannes Schindelin
2016-11-26 16:19 ` Jeff King
2016-11-26 13:01 ` Johannes Schindelin
2016-11-27 16:50 ` Jeff King
2016-11-28 17:06 ` Junio C Hamano
2016-11-28 17:34 ` Johannes Schindelin
2016-11-28 19:27 ` Junio C Hamano
2016-11-29 20:36 ` Johannes Schindelin
2016-11-29 20:49 ` Jeff King
2016-11-30 12:30 ` Johannes Schindelin
2016-11-30 12:35 ` Jeff King
2016-11-29 20:55 ` Junio C Hamano
2016-11-30 12:30 ` Johannes Schindelin
2016-12-01 23:33 ` Junio C Hamano
2016-12-05 10:36 ` Johannes Schindelin
2016-12-05 18:37 ` Junio C Hamano
2016-12-06 13:16 ` Johannes Schindelin
2016-12-06 13:36 ` Jeff King
2016-12-06 14:48 ` Johannes Schindelin
2016-12-06 15:09 ` Jeff King
2016-12-06 18:22 ` Stefan Beller
2016-12-06 18:35 ` Jeff King
2017-01-18 22:38 ` Brandon Williams
2016-11-30 16:02 ` Jakub Narębski
2016-11-30 18:39 ` Junio C Hamano
2016-11-24 20:55 ` [PATCH v3 2/2] difftool: implement the functionality in the builtin Johannes Schindelin
2016-11-25 21:24 ` Jakub Narębski
2016-11-27 11:10 ` Johannes Schindelin
2016-11-27 11:20 ` Jakub Narębski
2017-01-02 16:16 ` [PATCH v4 0/4] Show Git Mailing List: a builtin difftool Johannes Schindelin
2017-01-02 16:22 ` [PATCH v4 1/4] Avoid Coverity warning about unfree()d git_exec_path() Johannes Schindelin
2017-01-03 20:11 ` Stefan Beller
2017-01-03 21:33 ` Johannes Schindelin
2017-01-04 18:09 ` Stefan Beller
2017-01-04 1:13 ` Jeff King [this message]
2017-01-09 1:25 ` Junio C Hamano
2017-01-09 6:00 ` Jeff King
2017-01-09 7:49 ` Johannes Schindelin
2017-01-09 19:21 ` Stefan Beller
2017-01-02 16:22 ` [PATCH v4 2/4] difftool: add a skeleton for the upcoming builtin Johannes Schindelin
2017-01-02 16:22 ` [PATCH v4 3/4] difftool: implement the functionality in the builtin Johannes Schindelin
2017-01-02 16:24 ` [PATCH v4 4/4] t7800: run both builtin and scripted difftool, for now Johannes Schindelin
2017-01-09 1:38 ` Junio C Hamano
2017-01-09 7:56 ` Johannes Schindelin
2017-01-09 9:46 ` Junio C Hamano
2017-01-17 15:54 ` [PATCH v5 0/3] Turn the difftool into a builtin Johannes Schindelin
2017-01-17 15:54 ` [PATCH v5 1/3] difftool: add a skeleton for the upcoming builtin Johannes Schindelin
2017-01-17 15:55 ` [PATCH v5 2/3] difftool: implement the functionality in the builtin Johannes Schindelin
2017-01-17 15:55 ` [PATCH v5 3/3] Retire the scripted difftool Johannes Schindelin
2017-01-17 21:46 ` Junio C Hamano
2017-01-18 12:33 ` Johannes Schindelin
2017-01-18 19:15 ` Junio C Hamano
2017-01-19 16:30 ` Johannes Schindelin
2017-01-19 17:56 ` Junio C Hamano
2017-01-19 20:32 ` Johannes Schindelin
2017-01-17 21:31 ` [PATCH v5 0/3] Turn the difftool into a builtin Junio C Hamano
2017-01-19 20:30 ` [PATCH v6 " Johannes Schindelin
2017-01-19 20:30 ` [PATCH v6 1/3] difftool: add a skeleton for the upcoming builtin Johannes Schindelin
2017-01-19 20:30 ` [PATCH v6 2/3] difftool: implement the functionality in the builtin Johannes Schindelin
2017-01-19 20:30 ` [PATCH v6 3/3] Retire the scripted difftool Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170104011343.oq374uffgiltqzeo@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=davvid@gmail.com \
--cc=dennis@kaarsemaker.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=johannes.schindelin@gmx.de \
--cc=sbarra.paul@gmail.com \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).