summaryrefslogtreecommitdiff
path: root/http-backend.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2015-08-10 05:35:31 -0400
committerJunio C Hamano <gitster@pobox.com>2015-08-10 15:37:12 -0700
commitfcd12db6af118b70b5c15cf5fdd6800eeecc370a (patch)
tree8050bcc9515081c8a6a52285297fe23f0bf08916 /http-backend.c
parent77b9b1d13ac9e6b78ba676d4edb221b7d2273c62 (diff)
downloadgit-fcd12db6af118b70b5c15cf5fdd6800eeecc370a.tar.gz
prefer git_pathdup to git_path in some possibly-dangerous cases
Because git_path uses a static buffer that is shared with calls to git_path, mkpath, etc, it can be dangerous to assign the result to a variable or pass it to a non-trivial function. The value may change unexpectedly due to other calls. None of the cases changed here has a known bug, but they're worth converting away from git_path because: 1. It's easy to use git_pathdup in these cases. 2. They use constructs (like assignment) that make it hard to tell whether they're safe or not. The extra malloc overhead should be trivial, as an allocation should be an order of magnitude cheaper than a system call (which we are clearly about to make, since we are constructing a filename). The real cost is that we must remember to free the result. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'http-backend.c')
-rw-r--r--http-backend.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/http-backend.c b/http-backend.c
index b977c006a4..bac40ef6e6 100644
--- a/http-backend.c
+++ b/http-backend.c
@@ -164,7 +164,7 @@ static void send_strbuf(const char *type, struct strbuf *buf)
static void send_local_file(const char *the_type, const char *name)
{
- const char *p = git_path("%s", name);
+ char *p = git_pathdup("%s", name);
size_t buf_alloc = 8192;
char *buf = xmalloc(buf_alloc);
int fd;
@@ -191,6 +191,7 @@ static void send_local_file(const char *the_type, const char *name)
}
close(fd);
free(buf);
+ free(p);
}
static void get_text_file(char *name)