grep_buffer creates a struct grep_source gs and calls grep_source()
with it. However, gs.name is null, which eventually produces a
segmentation fault in grep_source()->grep_source_1()->show_line()
when grep_opt.status_only is not set.
This seems to be unreachable from existing commands but is reachable in
the event that someone rolls their own revision walk and neglects to set
rev_info->grep_filter->status_only. Conceivably, someone might want to
print all changed lines of all commits which match some regex.
To futureproof, give developers a heads-up if grep_source() is called
and a valid name field is expected but not given. This path should be
unreachable now, but in the future may become reachable if developers
want to add the ability to use grep_buffer() in prepared in-core data
and provide hints to the user about where the data came from.
Signed-off-by: Emily Shaffer <emilyshaffer@xxxxxxxxxx>
---
I think Peff and Jonathan are right. If someone does want to hack away
on something in the very early stages, the BUG() line gives a pretty
clear indicator of what to modify to make it work.
I also moved the BUG() to grep_source_1() to keep it close to the error
itself and reflowed the commit message.
- Emily
grep.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grep.c b/grep.c
index 0d50598acd..f7c3a5803e 100644
--- a/grep.c
+++ b/grep.c
@@ -1780,6 +1780,10 @@ static int grep_source_1(struct grep_opt *opt, struct grep_source *gs, int colle
enum grep_context ctx = GREP_CONTEXT_HEAD;
xdemitconf_t xecfg;
+ if (!opt->status_only && gs->name == NULL)
+ BUG("grep call which could print a name requires "
+ "grep_source.name be non-NULL");
+
if (!opt->output)
opt->output = std_output;
--
2.21.0.1020.gf2820cf01a-goog
