summaryrefslogtreecommitdiffstats
path: root/builtin-pack-objects.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2008-10-23 06:31:03 +0200
committerJunio C Hamano <gitster@pobox.com>2008-11-02 07:46:40 +0100
commit421b488a58fea89ceb55d5b358738e9251d44f5e (patch)
tree8fe7667f7e5adef5e98d5da98dbeb1eff2404723 /builtin-pack-objects.c
parentcorrect cache_entry allocation (diff)
downloadgit-421b488a58fea89ceb55d5b358738e9251d44f5e.tar.xz
git-421b488a58fea89ceb55d5b358738e9251d44f5e.zip
pack-objects: avoid reading uninitalized data
In the main loop of find_deltas, we do: struct object_entry *entry = *list++; ... if (!*list_size) ... break Because we look at and increment *list _before_ the check of list_size, in the very last iteration of the loop we will look at uninitialized data, and increment the pointer beyond one past the end of the allocated space. Since we don't actually do anything with the data until after the check, this is not a problem in practice. But since it technically violates the C standard, and because it provokes a spurious valgrind warning, let's just move the initialization of entry to a safe place. This fixes valgrind errors in t5300, t5301, t5302, t303, and t9400. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin-pack-objects.c')
-rw-r--r--builtin-pack-objects.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/builtin-pack-objects.c b/builtin-pack-objects.c
index 4004e73e40..b0dddbee4f 100644
--- a/builtin-pack-objects.c
+++ b/builtin-pack-objects.c
@@ -1377,7 +1377,7 @@ static void find_deltas(struct object_entry **list, unsigned *list_size,
memset(array, 0, array_size);
for (;;) {
- struct object_entry *entry = *list++;
+ struct object_entry *entry;
struct unpacked *n = array + idx;
int j, max_depth, best_base = -1;
@@ -1386,6 +1386,7 @@ static void find_deltas(struct object_entry **list, unsigned *list_size,
progress_unlock();
break;
}
+ entry = *list++;
(*list_size)--;
if (!entry->preferred_base) {
(*processed)++;