Andreas Gruenbacher wrote:
> Jim,
>
> On Friday 06 April 2012 15:25:30 Jim Meyering wrote:
>> +static void
>> +add_bad (char *bad[], char const *name)
>> +{
>> + char **p = &bad[!! bad[0]];
>
> we remember the first and last bad name here, not all the bad names of the
> last patch (bad[0] is never cleared), so that's a bug.
Really? Why? It's static, so not a real leak.
It's the same code as before, but without the use-after-free.
I see no harm (nor particular benefit) in retaining the first
invalid name in bad[0].
> I don't see the benefit of remembering all names; patches that modify the same
> file more than once are pretty rare. So this approach doesn't look better
> than the alternative to me. Thanks for offering that solution though!
>
>> + say ("Ignoring potentially dangerous file name %s\n", quotearg (name));
>> + free (*p);
>> + *p = xstrdup (name);
>> +}
>
> Andreas
