W dniu 31.08.2016 o 22:12, Junio C Hamano pisze:
> Jakub Narębski <jnareb@xxxxxxxxx> writes:
>> Johannes Schindelin wrote:
>>> + else {
>>> + opts->gpg_sign = buf.buf + 2;
>>> + strbuf_detach(&buf, NULL);
>>
>> Wouldn't we leak 2 characters that got skipped? Maybe xstrdup would
>> be better (if it is leaked, and not reattached)?
>
> An attempt to avoid leaking by calling free(opts->gpg_sign) would
> make it crash, which would be even worse ;-).
Actually, from C standard:
"If ptr [in free(ptr)] does not point to a block of memory allocated
with the above functions [malloc(), etc.], it causes undefined behavior."
^^^^^^^^^
Which is even worse if it does not lead to crash.
Note that if the last line was
+ sequencer_entrust(opts, strbuf_detach(&buf, NULL));
we can make it not leak. A bit tricksy, though.
Though xstrdup(buf.buf + 2) followed by strbuf_release(&buf) would
make free(opts->gpg_sign) possible without crash. That is we can
work without *_entrust() mechanism at the cost of strdups.
--
Jakub Narębski