summaryrefslogtreecommitdiffstats
path: root/tempfile.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2017-09-05 14:14:40 +0200
committerJunio C Hamano <gitster@pobox.com>2017-09-06 10:19:53 +0200
commitf5b4dc7668b6c8d71432af9f9ddad6f7c62d284e (patch)
tree08d66b7424d42dca854320d7a7e508800820c9e7 /tempfile.c
parenttempfile: prefer is_tempfile_active to bare access (diff)
downloadgit-f5b4dc7668b6c8d71432af9f9ddad6f7c62d284e.tar.xz
git-f5b4dc7668b6c8d71432af9f9ddad6f7c62d284e.zip
tempfile: handle NULL tempfile pointers gracefully
The tempfile functions all take pointers to tempfile objects, but do not check whether the argument is NULL. This isn't a big deal in practice, since the lifetime of any tempfile object is defined to last for the whole program. So even if we try to call delete_tempfile() on an already-deleted tempfile, our "active" check will tell us that it's a noop. In preparation for transitioning to a new system that loosens the "tempfile objects can never be freed" rule, let's tighten up our active checks: 1. A NULL pointer is now defined as "inactive" (so it will BUG for most functions, but works as a silent noop for things like delete_tempfile). 2. Functions should always do the "active" check before looking at any of the struct fields. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'tempfile.c')
-rw-r--r--tempfile.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/tempfile.c b/tempfile.c
index 964c66d504..861f817133 100644
--- a/tempfile.c
+++ b/tempfile.c
@@ -236,13 +236,15 @@ FILE *get_tempfile_fp(struct tempfile *tempfile)
int close_tempfile_gently(struct tempfile *tempfile)
{
- int fd = tempfile->fd;
- FILE *fp = tempfile->fp;
+ int fd;
+ FILE *fp;
int err;
- if (fd < 0)
+ if (!is_tempfile_active(tempfile) || tempfile->fd < 0)
return 0;
+ fd = tempfile->fd;
+ fp = tempfile->fp;
tempfile->fd = -1;
if (fp) {
tempfile->fp = NULL;
@@ -262,10 +264,10 @@ int close_tempfile_gently(struct tempfile *tempfile)
int reopen_tempfile(struct tempfile *tempfile)
{
- if (0 <= tempfile->fd)
- die("BUG: reopen_tempfile called for an open object");
if (!is_tempfile_active(tempfile))
die("BUG: reopen_tempfile called for an inactive object");
+ if (0 <= tempfile->fd)
+ die("BUG: reopen_tempfile called for an open object");
tempfile->fd = open(tempfile->filename.buf, O_WRONLY);
return tempfile->fd;
}