summaryrefslogtreecommitdiff
path: root/abspath.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2017-03-20 21:28:49 -0400
committerJunio C Hamano <gitster@pobox.com>2017-03-21 11:18:41 -0700
commite4da43b1f063d227b5f7d2922d27458748763a2d (patch)
tree3631b191d2bbd3f7cbc6e98188d65b0fe7c1974a /abspath.c
parent116fb64e439d3744d0f244a51d7a6d714b7703ae (diff)
downloadgit-e4da43b1f063d227b5f7d2922d27458748763a2d.tar.gz
prefix_filename: return newly allocated string
The prefix_filename() function returns a pointer to static storage, which makes it easy to use dangerously. We already fixed one buggy caller in hash-object recently, and the calls in apply.c are suspicious (I didn't dig in enough to confirm that there is a bug, but we call the function once in apply_all_patches() and then again indirectly from parse_chunk()). Let's make it harder to get wrong by allocating the return value. For simplicity, we'll do this even when the prefix is empty (and we could just return the original file pointer). That will cause us to allocate sometimes when we wouldn't otherwise need to, but this function isn't called in performance critical code-paths (and it already _might_ allocate on any given call, so a caller that cares about performance is questionable anyway). The downside is that the callers need to remember to free() the result to avoid leaking. Most of them already used xstrdup() on the result, so we know they are OK. The remainder have been converted to use free() as appropriate. I considered retaining a prefix_filename_unsafe() for cases where we know the static lifetime is OK (and handling the cleanup is awkward). This is only a handful of cases, though, and it's not worth the mental energy in worrying about whether the "unsafe" variant is OK to use in any situation. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'abspath.c')
-rw-r--r--abspath.c10
1 files changed, 4 insertions, 6 deletions
diff --git a/abspath.c b/abspath.c
index c6f480993d..4addd1fde0 100644
--- a/abspath.c
+++ b/abspath.c
@@ -246,20 +246,18 @@ char *absolute_pathdup(const char *path)
return strbuf_detach(&sb, NULL);
}
-const char *prefix_filename(const char *pfx, const char *arg)
+char *prefix_filename(const char *pfx, const char *arg)
{
- static struct strbuf path = STRBUF_INIT;
+ struct strbuf path = STRBUF_INIT;
size_t pfx_len = pfx ? strlen(pfx) : 0;
#ifndef GIT_WINDOWS_NATIVE
if (!pfx_len || is_absolute_path(arg))
- return arg;
- strbuf_reset(&path);
+ return xstrdup(arg);
strbuf_add(&path, pfx, pfx_len);
strbuf_addstr(&path, arg);
#else
/* don't add prefix to absolute paths, but still replace '\' by '/' */
- strbuf_reset(&path);
if (is_absolute_path(arg))
pfx_len = 0;
else if (pfx_len)
@@ -267,5 +265,5 @@ const char *prefix_filename(const char *pfx, const char *arg)
strbuf_addstr(&path, arg);
convert_slashes(path.buf + pfx_len);
#endif
- return path.buf;
+ return strbuf_detach(&path, NULL);
}