From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: git@vger.kernel.org
Cc: "Junio C Hamano" <gitster@pobox.com>,
"Elijah Newren" <newren@gmail.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: [PATCH v2 5/6] string-list API users: don't tweak "strdup_strings" to free dupes
Date: Thu, 21 Jul 2022 14:00:52 +0200 [thread overview]
Message-ID: <patch-v2-5.6-8c0ac6cbd96-20220721T111808Z-avarab@gmail.com> (raw)
In-Reply-To: <cover-v2-0.6-00000000000-20220721T111808Z-avarab@gmail.com>
Change code added in [1] and [2] used in notes.c and bisect.c to
initialize a "struct string_list" as "DUP" and append with "nodup",
rather than doing it the other way around.
Settings up a "struct string_list" as "NODUP" and then manually
freeing its items by flipping the "strdup_strings" breaks the
encapsulation of the "struct string_list". It's also both more verbose
than the alternative, and not as safe. If we miss one of the codepaths
that appends to the list we'll end up freeing a constant string.
It's better to declare it as "dup", and then when we insert into the
list declare that the particular string we're inserting should be
owned by the "struct string_list" with string_list_append_nodup(). The
worst case with that API use is that we'll miss a caller, end up
double-dup-ing the string, and have a memory leak as a result.
1. 92e0d42539a (revision.c: make --no-notes reset --notes list,
2011-03-29)
2. fb71a329964 (bisect--helper: `bisect_clean_state` shell function in
C, 2017-09-29)
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
bisect.c | 7 +++----
notes.c | 8 ++------
2 files changed, 5 insertions(+), 10 deletions(-)
diff --git a/bisect.c b/bisect.c
index b63669cc9d7..8412feb1f69 100644
--- a/bisect.c
+++ b/bisect.c
@@ -1159,7 +1159,7 @@ static int mark_for_removal(const char *refname, const struct object_id *oid,
{
struct string_list *refs = cb_data;
char *ref = xstrfmt("refs/bisect%s", refname);
- string_list_append(refs, ref);
+ string_list_append_nodup(refs, ref);
return 0;
}
@@ -1168,11 +1168,10 @@ int bisect_clean_state(void)
int result = 0;
/* There may be some refs packed during bisection */
- struct string_list refs_for_removal = STRING_LIST_INIT_NODUP;
+ struct string_list refs_for_removal = STRING_LIST_INIT_DUP;
for_each_ref_in("refs/bisect", mark_for_removal, (void *) &refs_for_removal);
- string_list_append(&refs_for_removal, xstrdup("BISECT_HEAD"));
+ string_list_append_nodup(&refs_for_removal, xstrdup("BISECT_HEAD"));
result = delete_refs("bisect: remove", &refs_for_removal, REF_NO_DEREF);
- refs_for_removal.strdup_strings = 1;
string_list_clear(&refs_for_removal, 0);
unlink_or_warn(git_path_bisect_expected_rev());
unlink_or_warn(git_path_bisect_ancestors_ok());
diff --git a/notes.c b/notes.c
index 7452e71cc8d..acc35b580b6 100644
--- a/notes.c
+++ b/notes.c
@@ -1064,19 +1064,15 @@ void enable_ref_display_notes(struct display_notes_opt *opt, int *show_notes,
struct strbuf buf = STRBUF_INIT;
strbuf_addstr(&buf, ref);
expand_notes_ref(&buf);
- string_list_append(&opt->extra_notes_refs,
- strbuf_detach(&buf, NULL));
+ string_list_append_nodup(&opt->extra_notes_refs,
+ strbuf_detach(&buf, NULL));
*show_notes = 1;
}
void disable_display_notes(struct display_notes_opt *opt, int *show_notes)
{
opt->use_default_notes = -1;
- /* we have been strdup'ing ourselves, so trick
- * string_list into free()ing strings */
- opt->extra_notes_refs.strdup_strings = 1;
string_list_clear(&opt->extra_notes_refs, 0);
- opt->extra_notes_refs.strdup_strings = 0;
*show_notes = 0;
}
--
2.37.1.1095.g64a1e8362fd
next prev parent reply other threads:[~2022-07-21 12:01 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-21 6:39 [PATCH 0/2] string_list API users: use alloc + init, not calloc + strdup_strings Ævar Arnfjörð Bjarmason
2022-07-21 6:39 ` [PATCH 1/2] string_list API users + cocci: use string_list_init_dup() Ævar Arnfjörð Bjarmason
2022-07-21 6:39 ` [PATCH 2/2] string-list API users: manually use string_list_init_*() Ævar Arnfjörð Bjarmason
2022-07-21 7:48 ` Elijah Newren
2022-07-21 12:00 ` [PATCH v2 0/6] string-list API user: fix API use, some with coccinelle Ævar Arnfjörð Bjarmason
2022-07-21 12:00 ` [PATCH v2 1/6] string_list API users + cocci: use string_list_init_dup() Ævar Arnfjörð Bjarmason
2022-07-21 12:00 ` [PATCH v2 2/6] cocci: apply string_list.cocci with --disable-worth-trying-opt Ævar Arnfjörð Bjarmason
2022-07-21 12:00 ` [PATCH v2 3/6] reflog-walk.c: use string_list_init_dup() Ævar Arnfjörð Bjarmason
2022-07-21 12:00 ` [PATCH v2 4/6] cocci: add "string_list" rule to swap "DUP" <-> "NODUP" Ævar Arnfjörð Bjarmason
2022-07-21 12:00 ` Ævar Arnfjörð Bjarmason [this message]
2022-07-21 12:00 ` [PATCH v2 6/6] notes.c: make "struct string_list display_notes_refs" non-static Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=patch-v2-5.6-8c0ac6cbd96-20220721T111808Z-avarab@gmail.com \
--to=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=newren@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).