From: Lidong Yan <502024330056@xxxxxxxxxxxxxxxx>
call parse_options twice and occasionally meet unknown option
in the same place would cause memory leak, since the second `xstrdup`
in `parse_options_step` would make the first `xstrdup` unreachable.
One solution is allocate one more magic byte for the unknown option to
indicate that argv[?] stores a heap allocated arg. Assume for all
arg, `*((char *)arg - 1)` is valid, we could put a magic number before
the unknown option. Next time calling "xstrdup" will check the magic
number first, and frees the previous heap allocated memory.
Signed-off-by: Lidong Yan <502024330056@xxxxxxxxxxxxxxxx>
---
fix xstrdup leak in parse_short_opt
Pass a user defined strdup-like function in parse_opt_ctx to avoid
memory leak.
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1954%2Fbrandb97%2Ffix-parse-option-leak-v3
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1954/brandb97/fix-parse-option-leak-v3
Pull-Request: https://github.com/git/git/pull/1954
Range-diff vs v2:
1: e7b4465b83e < -: ----------- parse-options: fix xstrdup leak in parse_options_step parse-options:984
-: ----------- > 1: 475f7b5b1bd parse-options: fix memory leak when calling `parse_options`
parse-options.c | 12 +++++++++++-
parse-options.h | 2 ++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/parse-options.c b/parse-options.c
index a9a39ecaef6..84f6ae90c77 100644
--- a/parse-options.c
+++ b/parse-options.c
@@ -886,6 +886,8 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
const char * const usagestr[])
{
int internal_help = !(ctx->flags & PARSE_OPT_NO_INTERNAL_HELP);
+ char *magic_ptr = NULL;
+ size_t opt_sz = 0;
/* we must reset ->opt, unknown short option leave it dangling */
ctx->opt = NULL;
@@ -981,7 +983,15 @@ enum parse_opt_result parse_options_step(struct parse_opt_ctx_t *ctx,
*
* This is leaky, too bad.
*/
- ctx->argv[0] = xstrdup(ctx->opt - 1);
+ magic_ptr = (char *)ctx->argv[0] - 1;
+ if (*magic_ptr == OPT_MAGIC)
+ free(magic_ptr);
+ opt_sz = strlen(ctx->opt - 1) + 1;
+ magic_ptr = xmalloc(opt_sz + 1);
+ *magic_ptr = OPT_MAGIC;
+ ctx->argv[0] = magic_ptr + 1;
+ memcpy((char *)ctx->argv[0],
+ ctx->opt - 1, opt_sz);
*(char *)ctx->argv[0] = '-';
goto unknown;
case PARSE_OPT_NON_OPTION:
diff --git a/parse-options.h b/parse-options.h
index 91c3e3c29b3..7fdd2e1097a 100644
--- a/parse-options.h
+++ b/parse-options.h
@@ -477,6 +477,8 @@ static inline void die_for_incompatible_opt2(int opt1, const char *opt1_name,
BUG("option callback expects an argument"); \
} while(0)
+#define OPT_MAGIC ((char)(0xee))
+
/*----- incremental advanced APIs -----*/
struct parse_opt_cmdmode_list;
base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75
--
gitgitgadget
