On Fri, Jun 13, 2014 at 11:44:28AM +0200, Michael J Gruber wrote:
> > Perhaps this is a sign that we need a "signature_check_clear()" helper?
>
> ... or simply switch to language which has (or can overload) free for an
> object :)
I hear somebody has reimplemented git in pure javascript. ;P
> Do we have prior art for such helpers so that the new one would be
> analogous?
I was thinking of credential_clear, string_list_clear, etc. Literally
just:
void signature_check_clear(struct signature_check *s)
{
free(s->gpg_output);
free(s->gpg_status);
free(s->signer);
free(s->key);
}
Your first commit fixed a leak on gpg_status. Did it also need to handle
the "key" field there?
For some structs, we'd also do:
memset(s, 0, sizeof(*s));
to get us back to a usable, initialized state so the struct can be
reused. However, check_commit_signature doesn't care if the struct is
initialized or not (i.e., there is no initialized state). Doing so does
help detect use-after-free conditions, though.
-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html