| commit | 4d0984bebc5fc5662d2891ee41f7d49c32488744 | |
| author | Jeff King <peff@peff.net> | |
| Mon, 12 Nov 2018 14:46:54 +0000 (12 09:46 -0500) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Tue, 13 Nov 2018 05:22:02 +0000 (13 14:22 +0900) | ||
| tree | 5421c9279a27769df112e4447ce07f1787a66409 | treesnapshot (tar.gz zip) |
| parent | 8858448bb49332d353febc078ce4a3abcc962efe | commitdiff |
fsck: do not reuse child_process structs
The run-command API makes no promises about what is left in a struct
child_process after a command finishes, and it's not safe to simply
reuse it again for a similar command. In particular:
- if you use child->args or child->env_array, they are cleared after
finish_command()
- likewise, start_command() may point child->argv at child->args->argv;
reusing that would lead to accessing freed memory
- the in/out/err may hold pipe descriptors from the previous run
These two calls are _probably_ OK because they do not use any of those
features. But it's only by chance, and may break in the future; let's
reinitialize our struct for each program we run.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
The run-command API makes no promises about what is left in a struct
child_process after a command finishes, and it's not safe to simply
reuse it again for a similar command. In particular:
- if you use child->args or child->env_array, they are cleared after
finish_command()
- likewise, start_command() may point child->argv at child->args->argv;
reusing that would lead to accessing freed memory
- the in/out/err may hold pipe descriptors from the previous run
These two calls are _probably_ OK because they do not use any of those
features. But it's only by chance, and may break in the future; let's
reinitialize our struct for each program we run.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| builtin/fsck.c | diffblobblamehistory |