W dniu 31.08.2016 o 22:12, Junio C Hamano pisze:
> Jakub Narębski <jna...@gmail.com> writes:
>> Johannes Schindelin wrote:

>>> +                   else {
>>> +                           opts->gpg_sign = buf.buf + 2;
>>> +                           strbuf_detach(&buf, NULL);
>> Wouldn't we leak 2 characters that got skipped?  Maybe xstrdup would
>> be better (if it is leaked, and not reattached)?
> An attempt to avoid leaking by calling free(opts->gpg_sign) would
> make it crash, which would be even worse ;-).
Actually, from C standard:

"If ptr [in free(ptr)] does not point to a block of memory allocated
 with the above functions [malloc(), etc.], it causes undefined behavior."

Which is even worse if it does not lead to crash.

Note that if the last line was

    +                           sequencer_entrust(opts, strbuf_detach(&buf, 

we can make it not leak.  A bit tricksy, though.

Though xstrdup(buf.buf + 2) followed by strbuf_release(&buf) would
make free(opts->gpg_sign) possible without crash.  That is we can
work without *_entrust() mechanism at the cost of strdups.

Jakub Narębski

Reply via email to