Web lists-archives.com

Re: [PATCH 1/3] path.c: fix uninitialized memory access




Junio C Hamano wrote:

> From: Jeff King <peff@xxxxxxxx>
> Date: Tue, 3 Oct 2017 19:30:40 -0400
> Subject: [PATCH] path.c: fix uninitialized memory access
> 
> In cleanup_path we're passing in a char array, run a memcmp on it, and
> run through it without ever checking if something is in the array in the
> first place.  This can lead us to access uninitialized memory, for
> example in t5541-http-push-smart.sh test 7, when run under valgrind:
>
> ==4423== Conditional jump or move depends on uninitialised value(s)
> ==4423==    at 0x242FA9: cleanup_path (path.c:35)
[...]
> ==4423==  Uninitialised value was created by a heap allocation
[...]
> ==4423==    by 0x29A30B: strbuf_grow (strbuf.c:66)
> ==4423==    by 0x29A30B: strbuf_vaddf (strbuf.c:277)
> ==4423==    by 0x242F9F: mkpath (path.c:454)
[...]
> Avoid this by using skip_prefix(), which knows not to go beyond the
> end of the string.
>
> Reported-by: Thomas Gummerer <t.gummerer@xxxxxxxxx>
> Signed-off-by: Jeff King <peff@xxxxxxxx>
> Reviewed-by: Jonathan Nieder <jrnieder@xxxxxxxxx>

This is indeed
Reviewed-by: Jonathan Nieder <jrnieder@xxxxxxxxx>

Thanks.