On Tue, Dec 13, 2016 at 04:30:01PM +0100, Johannes Schindelin wrote:
> + else {
> + unsigned char head[20];
> + struct commit *head_commit;
> + const char *head_message, *body;
> +
> + if (get_sha1("HEAD", head))
> + return error(_("need a HEAD to fixup"));
> + if (!(head_commit = lookup_commit_reference(head)))
> + return error(_("could not read HEAD"));
> + if (!(head_message = get_commit_buffer(head_commit, NULL)))
> + return error(_("could not read HEAD's commit message"));
This get_commit_buffer() may allocate a fresh buffer...
> + body = strstr(head_message, "\n\n");
> + if (!body)
> + body = "";
> + else
> + body = skip_blank_lines(body + 2);
> + if (write_message(body, strlen(body),
> + rebase_path_fixup_msg(), 0))
> + return error(_("cannot write '%s'"),
> + rebase_path_fixup_msg());
...and then this return leaks the result (the other code path hits
unuse_commit_buffer(), and is fine).
This leak was noticed by Coverity. It has a _ton_ of false positives
across the whole project, but it sends out a mail with new ones every
few days, which is usually short enough that I can process it in 30
seconds or so.
I _think_ that email just goes to me and Stefan right now. You can add
yourself at:
https://scan.coverity.com/projects/git?tab=project_settings
if you already have admin access to the project (which I think you
(Dscho) do). I wonder if it would be helpful to send that output to the
list.
-Peff
