When redacting headers for GIT_TRACE_CURL, we build up a redacted cookie header in a local strbuf, and then copy it into the output. But we forget to release the temporary strbuf, leaking it for every cookie header we show. The other redacted headers don't run into this problem, since they're able to work in-place in the output buffer. But the cookie parsing is too complicated for that, since we redact the cookies individually. This leak is triggered by the cookie tests in t5551. Signed-off-by: Jeff King <peff@xxxxxxxx> --- http.c | 1 + 1 file changed, 1 insertion(+) diff --git a/http.c b/http.c index 6c6cc5c822..cc136408c0 100644 --- a/http.c +++ b/http.c @@ -800,6 +800,7 @@ static int redact_sensitive_header(struct strbuf *header, size_t offset) strbuf_setlen(header, sensitive_header - header->buf); strbuf_addbuf(header, &redacted_header); + strbuf_release(&redacted_header); ret = 1; } return ret; -- 2.46.2.1011.gf1f9323e02
