Re: [PATCH 1/2] remote.c: don't leak the base branch name in format_tracking_info

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stefan Beller <stefanbeller@xxxxxxxxx> writes:

> On 10.08.2014 15:57, Stefan Beller wrote:
>> Found by scan.coverity.com (Id: 1127809)
>> 
>> Signed-off-by: Stefan Beller <stefanbeller@xxxxxxxxx>
>> ---
>>  remote.c | 1 +
>>  1 file changed, 1 insertion(+)
>> 
>> diff --git a/remote.c b/remote.c
>> index 3d6c86a..2c1458f 100644
>> --- a/remote.c
>> +++ b/remote.c
>> @@ -1983,6 +1983,7 @@ int format_tracking_info(struct branch *branch, struct strbuf *sb)
>>  			strbuf_addf(sb,
>>  				_("  (use \"git pull\" to merge the remote branch into yours)\n"));
>>  	}
>> +	free(base);
>>  	return 1;
>>  }
>>  
>> 
>
> Upon testing this one again, I get a warning
> remote.c: In function ‘format_tracking_info’:
> remote.c:1986:2: warning: passing argument 1 of ‘free’ discards ‘const’ qualifier from pointer target type [enabled by default]
>   free(base);
>   ^
> ...
> Please ignore this patch.

It is perfectly fine to cast it to (char *) in this case, I think.

The real culprit is that the functionà reuses the same "base" (which
is a pointer into a constant region of memory) to receive the new
copy allocated by shorten_unambiguous_ref(); the piece of memory
returned by the callee belongs to this function, and it is perfectly
fine if this function modifies the contents of it (which it doesn't
happen to do).  Storing the returned value to a variable of type
"const char *" does not absolve it from the responsibility to free
it (hence your patch).


--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]