"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
Kyle Ackerman <kackerman0102@gmail.com>
Subject:
privsep.c memory leak
To:
gameoftrees@openbsd.org
Date:
Sat, 18 Nov 2023 00:48:43 -0600

Download raw body.

Thread
Here is a diff for lib/privsep.c that fixes a memory leak spotted by
Omar.  Any suggestions?

diff /home/kyle/src/got
commit - 16efe7a78beaaca9c3c68128c40e6e9eec120a2d
path + /home/kyle/src/got
blob - f95347425fd7aac62e8a966b665c1a3dca9997c2
file + lib/privsep.c
--- lib/privsep.c
+++ lib/privsep.c
@@ -3510,22 +3510,30 @@ got_privsep_recv_painted_commits(struct got_object_id_

        for (;;) {
                err = got_privsep_recv_imsg(&imsg, ibuf, 0);
-               if (err)
+               if (err){
+                       imsg_free(&imsg);
                        return err;
+               }

                datalen = imsg.hdr.len - IMSG_HEADER_SIZE;
                if (imsg.hdr.type == GOT_IMSG_COMMIT_PAINTING_DONE)
                        break;
-               if (imsg.hdr.type != GOT_IMSG_PAINTED_COMMITS)
+               if (imsg.hdr.type != GOT_IMSG_PAINTED_COMMITS){
+                       imsg_free(&imsg);
                        return got_error(GOT_ERR_PRIVSEP_MSG);
+               }

-               if (datalen < sizeof(icommits))
+               if (datalen < sizeof(icommits)){
+                       imsg_free(&imsg);
                        return got_error(GOT_ERR_PRIVSEP_LEN);
+               }
                memcpy(&icommits, imsg.data, sizeof(icommits));
                if (icommits.ncommits * sizeof(icommit) < icommits.ncommits ||
                    datalen < sizeof(icommits) +
-                   icommits.ncommits * sizeof(icommit))
+                   icommits.ncommits * sizeof(icommit)){
+                       imsg_free(&imsg);
                        return got_error(GOT_ERR_PRIVSEP_LEN);
+               }

                for (i = 0; i < icommits.ncommits; i++) {
                        memcpy(&icommit,