Re: [PATCH v3] remote-curl: send Accept-Language header to server

Junio C Hamano <gitster@xxxxxxxxx> · Mon, 13 Jun 2022 15:08:47 -0700

Junio C Hamano <gitster@xxxxxxxxx> writes:

>> +	accept_language = http_get_accept_language_header();
>> +	if (accept_language)
>> +		rpc.hdr_accept_language = xstrfmt("%s", accept_language);
>
> Isn't rpc.hdr_accept_language left uninitialized garbage if
> accept_language is NULL?  It is the same bug I pointed out earlier,
> whose fix may have to be different.
>
> Has this been tested?  I got immediate segfault with this patch in
> 'seen'.

Having said all that, I wonder if we want to use something like this
to make it hard to use an uninitialized data.

The smart-http is quite outside of my area of expertise, and I do
not know what Shawn was thinking when de1a2fdd (Smart push over
HTTP: client side, 2009-10-30) was written (it could be that filling
all members explicitly was the more prevalent stype back then?).
I'd appreciate input from folks who regularly deal with smart-http
on the approach.

Thanks.

 remote-curl.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git i/remote-curl.c w/remote-curl.c
index 251d4ee64f..ba6f76a0c1 100644
--- i/remote-curl.c
+++ w/remote-curl.c
@@ -608,6 +608,8 @@ struct rpc_state {
 	unsigned flush_read_but_not_sent : 1;
 };
 
+#define RPC_STATE_INIT { 0, }
+
 /*
  * Appends the result of reading from rpc->out to the string represented by
  * rpc->buf and rpc->len if there is enough space. Returns 1 if there was
@@ -1161,7 +1163,7 @@ static int fetch_dumb(int nr_heads, struct ref **to_fetch)
 static int fetch_git(struct discovery *heads,
 	int nr_heads, struct ref **to_fetch)
 {
-	struct rpc_state rpc;
+	struct rpc_state rpc = RPC_STATE_INIT;
 	struct strbuf preamble = STRBUF_INIT;
 	int i, err;
 	struct strvec args = STRVEC_INIT;
@@ -1307,7 +1309,7 @@ static int push_dav(int nr_spec, const char **specs)
 
 static int push_git(struct discovery *heads, int nr_spec, const char **specs)
 {
-	struct rpc_state rpc;
+	struct rpc_state rpc = RPC_STATE_INIT;
 	int i, err;
 	struct strvec args;
 	struct string_list_item *cas_option;
@@ -1406,7 +1408,7 @@ static void parse_push(struct strbuf *buf)
 static int stateless_connect(const char *service_name)
 {
 	struct discovery *discover;
-	struct rpc_state rpc;
+	struct rpc_state rpc = RPC_STATE_INIT;
 	struct strbuf buf = STRBUF_INIT;
 	const char *accept_language;
 






