- From:
- Florian Obser <florian@narrans.de>
- Subject:
- false positive use after free in got.c
- To:
- gameoftrees <gameoftrees@openbsd.org>
- Date:
- Thu, 21 Jul 2022 19:20:27 +0200
Download raw body.
Thread
false positive use after free in got.c
Download raw body.
false positive use after free in got.c
Normally I'd ignore false positives, but this one tripped me up a bit.
I've also seen similar defensive style in the code base so I guess I'm
not too far off into the weeds with this one?
commit 8ad561e8b960783d46849a799df12db687ca9580
Author: Florian Obser <florian@narrans.de>
Date: Thu Jul 21 19:14:10 2022 +0200
Be a bit more defensive to prevent future accidents.
llvm's scan-build things passing logmsg to got_repo_import() is a
use-after-free, but that's not true because collect_import_msg() ->
edit_logmsg() reallocates if there is no error.
Explicitly setting it to NULL after free() makes it easier for
scan-build and reviewers.
diff --git got/got.c got/got.c
index c55c84a5..cfcd95a7 100644
--- got/got.c
+++ got/got.c
@@ -877,6 +877,7 @@ cmd_import(int argc, char *argv[])
if (error)
goto done;
free(logmsg);
+ logmsg = NULL;
error = collect_import_msg(&logmsg, &logmsg_path, editor,
path_dir, refname);
if (error) {
--
I'm not entirely sure you are real.
false positive use after free in got.c