diff options
author | Patrick Steinhardt <ps@pks.im> | 2017-11-12 14:09:24 +0000 |
---|---|---|
committer | Patrick Steinhardt <ps@pks.im> | 2018-06-22 09:47:07 +0200 |
commit | 83b5f161facf117681df47cbeeb13b95dc3ea9c5 (patch) | |
tree | 67e42c1ea8ad115985d6e5103b4fef62315a9dbb | |
parent | e51e29e84c16f7a5d9079c2dc645301a54fdb172 (diff) | |
download | libgit2-83b5f161facf117681df47cbeeb13b95dc3ea9c5.tar.gz |
config_parse: always sanitize out-parameters in `parse_variable`
The `parse_variable` function has two out parameters `var_name` and
`var_value`. Currently, those are not being sanitized to `NULL`. when.
any error happens inside of the `parse_variable` function. Fix that.
While at it, the coding style is improved to match our usual coding
practices more closely.
-rw-r--r-- | src/config_parse.c | 43 |
1 files changed, 23 insertions, 20 deletions
diff --git a/src/config_parse.c b/src/config_parse.c index ffbc466e7..52832c2c8 100644 --- a/src/config_parse.c +++ b/src/config_parse.c @@ -404,22 +404,21 @@ static int parse_name( static int parse_variable(git_config_parser *reader, char **var_name, char **var_value) { const char *value_start = NULL; - char *line; - int quote_count; + char *line = NULL, *name = NULL, *value = NULL; + int quote_count, error; bool multiline; + *var_name = NULL; + *var_value = NULL; + git_parse_advance_ws(&reader->ctx); line = git__strndup(reader->ctx.line, reader->ctx.line_len); - if (line == NULL) - return -1; + GITERR_CHECK_ALLOC(line); quote_count = strip_comments(line, 0); - /* If there is no value, boolean true is assumed */ - *var_value = NULL; - - if (parse_name(var_name, &value_start, reader, line) < 0) - goto on_error; + if ((error = parse_name(&name, &value_start, reader, line)) < 0) + goto out; /* * Now, let's try to parse the value @@ -428,30 +427,34 @@ static int parse_variable(git_config_parser *reader, char **var_name, char **var while (git__isspace(value_start[0])) value_start++; - if (unescape_line(var_value, &multiline, value_start, 0) < 0) - goto on_error; + if ((error = unescape_line(&value, &multiline, value_start, 0)) < 0) + goto out; if (multiline) { git_buf multi_value = GIT_BUF_INIT; - git_buf_attach(&multi_value, *var_value, 0); + git_buf_attach(&multi_value, value, 0); if (parse_multiline_variable(reader, &multi_value, quote_count) < 0 || - git_buf_oom(&multi_value)) { + git_buf_oom(&multi_value)) { + error = -1; git_buf_dispose(&multi_value); - goto on_error; + goto out; } - *var_value = git_buf_detach(&multi_value); + value = git_buf_detach(&multi_value); } } - git__free(line); - return 0; + *var_name = name; + *var_value = value; + name = NULL; + value = NULL; -on_error: - git__free(*var_name); +out: + git__free(name); + git__free(value); git__free(line); - return -1; + return error; } int git_config_parse( |