From 94e2aa555e7dab4f5296a8dcd8605d751e02b12d Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 27 May 2024 13:46:01 +0200 Subject: strbuf: fix leak when `appendwholeline()` fails with EOF In `strbuf_appendwholeline()` we call `strbuf_getwholeline()` with a temporary buffer. In case the call returns an error we indicate this by returning EOF, but never release the temporary buffer. This can cause a leak though because `strbuf_getwholeline()` calls getline(3). Quoting its documentation: If *lineptr was set to NULL before the call, then the buffer should be freed by the user program even on failure. Consequently, the temporary buffer may hold allocated memory even when the call to `strbuf_getwholeline()` fails. Fix this by releasing the temporary buffer on error. Signed-off-by: Patrick Steinhardt Signed-off-by: Junio C Hamano --- strbuf.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'strbuf.c') diff --git a/strbuf.c b/strbuf.c index 0d929e4e19..e1076c9891 100644 --- a/strbuf.c +++ b/strbuf.c @@ -691,8 +691,10 @@ int strbuf_getwholeline(struct strbuf *sb, FILE *fp, int term) int strbuf_appendwholeline(struct strbuf *sb, FILE *fp, int term) { struct strbuf line = STRBUF_INIT; - if (strbuf_getwholeline(&line, fp, term)) + if (strbuf_getwholeline(&line, fp, term)) { + strbuf_release(&line); return EOF; + } strbuf_addbuf(sb, &line); strbuf_release(&line); return 0; -- cgit v1.2.3