aboutsummaryrefslogtreecommitdiff
path: root/http.c
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2012-04-13 02:18:35 -0400
committerJunio C Hamano <gitster@pobox.com>2012-04-14 16:04:24 -0700
commitaa0834a04e1d9d3ab81ecd4a4a138233e6e234ed (patch)
tree11a09d2ff8d2b029994c82aef872f11f354985a2 /http.c
parentdfa1725a3ec57098637b698ffc2b2e2459acc518 (diff)
downloadgit-aa0834a04e1d9d3ab81ecd4a4a138233e6e234ed.tar.gz
git-aa0834a04e1d9d3ab81ecd4a4a138233e6e234ed.tar.xz
http: clean up leak in init_curl_http_auth
When we have a credential to give to curl, we must copy it into a "user:pass" buffer and then hand the buffer to curl. Old versions of curl did not copy the buffer, and we were expected to keep it valid. Newer versions of curl will copy the buffer. Our solution was to use a strbuf and detach it, giving ownership of the resulting buffer to curl. However, this meant that we were leaking the buffer on newer versions of curl, since curl was just copying it and throwing away the string we passed. Furthermore, when we replaced a credential (e.g., because our original one was rejected), we were also leaking on both old and new versions of curl. This got even worse in the last patch, which started replacing the credential (and thus leaking) on every http request. Instead, let's use a static buffer to make the ownership more clear and less leaky. We already keep a static "struct credential", so we are only handling a single credential at a time, anyway. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'http.c')
-rw-r--r--http.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/http.c b/http.c
index c6dc9b778..eaf7f40d1 100644
--- a/http.c
+++ b/http.c
@@ -211,12 +211,12 @@ static int http_options(const char *var, const char *value, void *cb)
static void init_curl_http_auth(CURL *result)
{
if (http_auth.username) {
- struct strbuf up = STRBUF_INIT;
+ static struct strbuf up = STRBUF_INIT;
credential_fill(&http_auth);
+ strbuf_reset(&up);
strbuf_addf(&up, "%s:%s",
http_auth.username, http_auth.password);
- curl_easy_setopt(result, CURLOPT_USERPWD,
- strbuf_detach(&up, NULL));
+ curl_easy_setopt(result, CURLOPT_USERPWD, up.buf);
}
}