From 59362e560d3c439e77768983b00eade08be9bc3e Mon Sep 17 00:00:00 2001 From: Junio C Hamano Date: Mon, 24 Nov 2014 11:33:54 -0800 Subject: system_path(): always return free'able memory to the caller The function sometimes returns a newly allocated string and sometimes returns a borrowed string, the latter of which the callers must not free(). The existing callers all assume that the return value belongs to the callee and most of them copy it with strdup() when they want to keep it around. They end up leaking the returned copy when the callee returned a new string because they cannot tell if they should free it. Change the contract between the callers and system_path() to make the returned string owned by the callers; they are responsible for freeing it when done, but they do not have to make their own copy to store it away. Adjust the callers to make sure they do not leak the returned string once they are done, but do not bother freeing it just before dying, exiting or exec'ing other program to avoid unnecessary churn. Reported-by: Alexander Kuleshov Signed-off-by: Junio C Hamano --- exec_cmd.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'exec_cmd.c') diff --git a/exec_cmd.c b/exec_cmd.c index 125fa6fab..26ebef668 100644 --- a/exec_cmd.c +++ b/exec_cmd.c @@ -6,7 +6,7 @@ static const char *argv_exec_path; static const char *argv0_path; -const char *system_path(const char *path) +char *system_path(const char *path) { #ifdef RUNTIME_PREFIX static const char *prefix; @@ -16,7 +16,7 @@ const char *system_path(const char *path) struct strbuf d = STRBUF_INIT; if (is_absolute_path(path)) - return path; + return xstrdup(path); #ifdef RUNTIME_PREFIX assert(argv0_path); @@ -34,8 +34,7 @@ const char *system_path(const char *path) #endif strbuf_addf(&d, "%s/%s", prefix, path); - path = strbuf_detach(&d, NULL); - return path; + return strbuf_detach(&d, NULL); } const char *git_extract_argv0_path(const char *argv0) -- cgit v1.2.1