From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS3215 2.6.0.0/16 X-Spam-Status: No, score=-3.4 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by dcvr.yhbt.net (Postfix) with ESMTP id 99A401F59D for ; Wed, 20 Jul 2022 21:23:13 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="lRwmg8QS"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231183AbiGTVXD (ORCPT ); Wed, 20 Jul 2022 17:23:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48786 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230505AbiGTVWc (ORCPT ); Wed, 20 Jul 2022 17:22:32 -0400 Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 643F75FACF for ; Wed, 20 Jul 2022 14:22:25 -0700 (PDT) Received: by mail-wr1-x431.google.com with SMTP id d16so27838740wrv.10 for ; Wed, 20 Jul 2022 14:22:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4hEB3FOkLUbhW9Cw6NCE4gIBdSUd92SP/2BOF7FodlE=; b=lRwmg8QSP/YUC4OWl40p4TLb8iTOD8xd9LoTg3dhb9HdclsIrAl+PTDinf8UJ+pWGs P2cY2VSpJ97zrhXL/C5W0bP1WvWiWzjIydP8n+fioAqBMwzO2aJFrxvsl2BGjudQlyBt ArA2WwSu60bsDF+Xk51mAYOPL6ZZhVfY+Ro91LYxE7WoCYF80Emqw1aKFEyZE6PaFROv dIxhldAAeYtKEmT4iE1qS7aNEh+JjOsf0nN+sAm7l/b9Hua6PzQ5mGYEN7BYSo0whffm vgsF3p3hSSFHTvykqdU9ytOp8AIRQsoF5VpYwh84LcbmKAZbjEpLhk6ccEVtlX4UizKK T9xA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4hEB3FOkLUbhW9Cw6NCE4gIBdSUd92SP/2BOF7FodlE=; b=YICeahO65TDEleRVE7F3uPM/zzeSR1dePOfq5CweyBIZtDJoWHXj/NtX+/bcgm65ZN L/pFdwVmTob4Ph0Gq4FG8wAfJUAZ1AApGUHmd/DIitpCW7gh6FObkxWU3u+lppaC6dbC fASVq8tbAbBGfXcmm3Dqh6oo2SeemHrQ8qMi3d3QsHjKvcNyErlslF8OY/PjIkfB3Axc aqWDzDgSTO8fS8FS9rBc9bysw8WO5lrYVW1sVz3yIfHzyukBTD6k71RmG6mGNRZKjZ9J mezaT24Ctjanus1b1i8G9eqYcSWsSOsBujIpWLPorLmyB5xNLmARh6iDB/BW0TsJ/iUZ 0oBQ== X-Gm-Message-State: AJIora+H5ZatBbksNF9Clla3X2mHnBIE3pUTLTQ8PWnsTzZ4j+vDtSuW AzM1BbSNgwosUv+GBMsndnvCUoFqyTWH2A== X-Google-Smtp-Source: AGRyM1uQF0V/laWjwrmbNvE32jQ5voZTz1a0Ls39hcV/8bCkAd0nHHExF9ECLwKFMGZifeZQIHadZA== X-Received: by 2002:adf:ef49:0:b0:21e:4688:5c66 with SMTP id c9-20020adfef49000000b0021e46885c66mr5173254wrp.145.1658352143640; Wed, 20 Jul 2022 14:22:23 -0700 (PDT) Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2]) by smtp.gmail.com with ESMTPSA id 8-20020a05600c024800b003a0375c4f73sm3605441wmj.44.2022.07.20.14.22.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Jul 2022 14:22:22 -0700 (PDT) From: =?UTF-8?q?=C3=86var=20Arnfj=C3=B6r=C3=B0=20Bjarmason?= To: git@vger.kernel.org Cc: Junio C Hamano , Derrick Stolee , =?UTF-8?q?=C3=86var=20Arnfj=C3=B6r=C3=B0=20Bjarmason?= Subject: [PATCH v2 13/14] upload-pack: fix a memory leak in create_pack_file() Date: Wed, 20 Jul 2022 23:21:51 +0200 Message-Id: X-Mailer: git-send-email 2.37.1.1064.gc96144cf387 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Fix a memory leak that's been reported by some versions of "gcc" since "output_state" became malloc'd in 55a9651d26a (upload-pack.c: increase output buffer size, 2021-12-14). In e75d2f7f734 (revisions API: have release_revisions() release "filter", 2022-04-13) it was correctly marked as leak-free, the only path through this function that doesn't reach the free(output_state) is if we "goto fail", and that will invoke "die()". Such leaks are not included with SANITIZE=leak (but e.g. valgrind will still report them), but under some gcc optimization (I have not been able to reproduce it with "clang") we'll report a leak here anyway. E.g. gcc v12 with "-O2" and above will trigger it, but not clang v13 with any "-On". The GitHub CI would also run into this leak if the "linux-leaks" job was made to run with "GIT_TEST_SANITIZE_LEAK_LOG=true". See [1] for a past case where gcc had similar trouble analyzing leaks involving a die() invocation in the function. 1. https://lore.kernel.org/git/patch-v3-5.6-9a44204c4c9-20211022T175227Z-avarab@gmail.com/ Signed-off-by: Ævar Arnfjörð Bjarmason --- t/t1060-object-corruption.sh | 1 + upload-pack.c | 1 + 2 files changed, 2 insertions(+) diff --git a/t/t1060-object-corruption.sh b/t/t1060-object-corruption.sh index e8a58b15897..5b8e47e346c 100755 --- a/t/t1060-object-corruption.sh +++ b/t/t1060-object-corruption.sh @@ -2,6 +2,7 @@ test_description='see how we handle various forms of corruption' +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh # convert "1234abcd" to ".git/objects/12/34abcd" diff --git a/upload-pack.c b/upload-pack.c index 3a851b36066..b3884d3f4de 100644 --- a/upload-pack.c +++ b/upload-pack.c @@ -455,6 +455,7 @@ static void create_pack_file(struct upload_pack_data *pack_data, return; fail: + free(output_state); send_client_data(3, abort_msg, sizeof(abort_msg), pack_data->use_sideband); die("git upload-pack: %s", abort_msg); -- 2.37.1.1064.gc96144cf387