From e77b3da6bb60e9af5963c9e42442afe53af1780b Mon Sep 17 00:00:00 2001 From: Ævar Arnfjörð Bjarmason Date: Thu, 1 Sep 2022 01:14:08 +0200 Subject: [PATCH] submodule--helper: fix a leak in "clone_submodule" Fix a memory leak of the "clone_data_path" variable that we copy or derive from the "struct module_clone_data" in clone_submodule(). This code was refactored in preceding commits, but the leak has been with us since f8eaa0ba98b (submodule--helper, module_clone: always operate on absolute paths, 2016-03-31). For the "else" case we don't need to xstrdup() the "clone_data->path", and we don't need to free our own "clone_data_path". We can therefore assign the "clone_data->path" to our own "clone_data_path" right away, and only override it (and remember to free it!) if we need to xstrfmt() a replacement. In the case of the module_clone() caller it's from "argv", and doesn't need to be free'd, and in the case of the add_submodule() caller we get a pointer to "sm_path", which doesn't need to be directly free'd either. Fixing this leak makes several tests pass, so let's mark them as passing with TEST_PASSES_SANITIZE_LEAK=true. Signed-off-by: Ævar Arnfjörð Bjarmason Reviewed-by: Glen Choo Signed-off-by: Junio C Hamano CVE: CVE-2024-32002 Upstream-Status: Backport [https://github.com/git/git/commit/e77b3da6bb60e9af5963c9e42442afe53af1780b] Signed-off-by: Soumya Sambu --- builtin/submodule--helper.c | 10 +++++----- t/t1500-rev-parse.sh | 1 + t/t6008-rev-list-submodule.sh | 1 + t/t7414-submodule-mistakes.sh | 2 ++ t/t7506-status-submodule.sh | 1 + t/t7507-commit-verbose.sh | 2 ++ 6 files changed, 12 insertions(+), 5 deletions(-) diff --git a/builtin/submodule--helper.c b/builtin/submodule--helper.c index d1d64db..1158dcc 100644 --- a/builtin/submodule--helper.c +++ b/builtin/submodule--helper.c @@ -1756,17 +1756,16 @@ static int clone_submodule(const struct module_clone_data *clone_data, char *sm_alternate = NULL, *error_strategy = NULL; struct strbuf sb = STRBUF_INIT; struct child_process cp = CHILD_PROCESS_INIT; - const char *clone_data_path; + const char *clone_data_path = clone_data->path; + char *to_free = NULL;; submodule_name_to_gitdir(&sb, the_repository, clone_data->name); sm_gitdir = absolute_pathdup(sb.buf); strbuf_reset(&sb); if (!is_absolute_path(clone_data->path)) - clone_data_path = xstrfmt("%s/%s", get_git_work_tree(), - clone_data->path); - else - clone_data_path = xstrdup(clone_data->path); + clone_data_path = to_free = xstrfmt("%s/%s", get_git_work_tree(), + clone_data->path); if (validate_submodule_git_dir(sm_gitdir, clone_data->name) < 0) die(_("refusing to create/use '%s' in another submodule's " @@ -1847,6 +1846,7 @@ static int clone_submodule(const struct module_clone_data *clone_data, strbuf_release(&sb); free(sm_gitdir); free(p); + free(to_free); return 0; } diff --git a/t/t1500-rev-parse.sh b/t/t1500-rev-parse.sh index 2c429f9..81de584 100755 --- a/t/t1500-rev-parse.sh +++ b/t/t1500-rev-parse.sh @@ -4,6 +4,7 @@ test_description='test git rev-parse' GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh test_one () { diff --git a/t/t6008-rev-list-submodule.sh b/t/t6008-rev-list-submodule.sh index a0a070b..2cdef6f 100755 --- a/t/t6008-rev-list-submodule.sh +++ b/t/t6008-rev-list-submodule.sh @@ -8,6 +8,7 @@ test_description='git rev-list involving submodules that this repo has' GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh test_expect_success 'setup' ' diff --git a/t/t7414-submodule-mistakes.sh b/t/t7414-submodule-mistakes.sh index cf95603..101afff 100755 --- a/t/t7414-submodule-mistakes.sh +++ b/t/t7414-submodule-mistakes.sh @@ -1,6 +1,8 @@ #!/bin/sh test_description='handling of common mistakes people may make with submodules' + +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh test_expect_success 'create embedded repository' ' diff --git a/t/t7506-status-submodule.sh b/t/t7506-status-submodule.sh index 459300c..d050091 100755 --- a/t/t7506-status-submodule.sh +++ b/t/t7506-status-submodule.sh @@ -2,6 +2,7 @@ test_description='git status for submodule' +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh test_create_repo_with_commit () { diff --git a/t/t7507-commit-verbose.sh b/t/t7507-commit-verbose.sh index bd0ae4b..916470c 100755 --- a/t/t7507-commit-verbose.sh +++ b/t/t7507-commit-verbose.sh @@ -1,6 +1,8 @@ #!/bin/sh test_description='verbose commit template' + +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh write_script "check-for-diff" <<\EOF && -- 2.40.0