Skip to content

Commit 6e454b9

Browse files
peffgitster
peff
authored and
gitster
committed
clear parsed flag when we free tree buffers
Many code paths will free a tree object's buffer and set it to NULL after finishing with it in order to keep memory usage down during a traversal. However, out of 8 sites that do this, only one actually unsets the "parsed" flag back. Those sites that don't are setting a trap for later users of the tree object; even after calling parse_tree, the buffer will remain NULL, causing potential segfaults. It is not known whether this is triggerable in the current code. Most commands do not do an in-memory traversal followed by actually using the objects again. However, it does not hurt to be safe for future callers. In most cases, we can abstract this out to a "free_tree_buffer" helper. However, there are two exceptions: 1. The fsck code relies on the parsed flag to know that we were able to parse the object at one point. We can switch this to using a flag in the "flags" field. 2. The index-pack code sets the buffer to NULL but does not free it (it is freed by a caller). We should still unset the parsed flag here, but we cannot use our helper, as we do not want to free the buffer. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
1 parent edca415 commit 6e454b9

File tree

10 files changed

+24
-23
lines changed

10 files changed

+24
-23
lines changed

builtin/fsck.c

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616

1717
#define REACHABLE 0x0001
1818
#define SEEN 0x0002
19+
#define HAS_OBJ 0x0004
1920

2021
static int show_root;
2122
static int show_tags;
@@ -101,7 +102,7 @@ static int mark_object(struct object *obj, int type, void *data)
101102
if (obj->flags & REACHABLE)
102103
return 0;
103104
obj->flags |= REACHABLE;
104-
if (!obj->parsed) {
105+
if (!(obj->flags & HAS_OBJ)) {
105106
if (parent && !has_sha1_file(obj->sha1)) {
106107
printf("broken link from %7s %s\n",
107108
typename(parent->type), sha1_to_hex(parent->sha1));
@@ -127,16 +128,13 @@ static int traverse_one_object(struct object *obj)
127128
struct tree *tree = NULL;
128129

129130
if (obj->type == OBJ_TREE) {
130-
obj->parsed = 0;
131131
tree = (struct tree *)obj;
132132
if (parse_tree(tree) < 0)
133133
return 1; /* error already displayed */
134134
}
135135
result = fsck_walk(obj, mark_object, obj);
136-
if (tree) {
137-
free(tree->buffer);
138-
tree->buffer = NULL;
139-
}
136+
if (tree)
137+
free_tree_buffer(tree);
140138
return result;
141139
}
142140

@@ -178,7 +176,7 @@ static void check_reachable_object(struct object *obj)
178176
* except if it was in a pack-file and we didn't
179177
* do a full fsck
180178
*/
181-
if (!obj->parsed) {
179+
if (!(obj->flags & HAS_OBJ)) {
182180
if (has_sha1_pack(obj->sha1))
183181
return; /* it is in pack - forget about it */
184182
printf("missing %s %s\n", typename(obj->type), sha1_to_hex(obj->sha1));
@@ -306,8 +304,7 @@ static int fsck_obj(struct object *obj)
306304
if (obj->type == OBJ_TREE) {
307305
struct tree *item = (struct tree *) obj;
308306

309-
free(item->buffer);
310-
item->buffer = NULL;
307+
free_tree_buffer(item);
311308
}
312309

313310
if (obj->type == OBJ_COMMIT) {
@@ -340,6 +337,7 @@ static int fsck_sha1(const unsigned char *sha1)
340337
return error("%s: object corrupt or missing",
341338
sha1_to_hex(sha1));
342339
}
340+
obj->flags |= HAS_OBJ;
343341
return fsck_obj(obj);
344342
}
345343

@@ -352,6 +350,7 @@ static int fsck_obj_buffer(const unsigned char *sha1, enum object_type type,
352350
errors_found |= ERROR_OBJECT;
353351
return error("%s: object corrupt or missing", sha1_to_hex(sha1));
354352
}
353+
obj->flags = HAS_OBJ;
355354
return fsck_obj(obj);
356355
}
357356

builtin/index-pack.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -765,6 +765,7 @@ static void sha1_object(const void *data, struct object_entry *obj_entry,
765765
if (obj->type == OBJ_TREE) {
766766
struct tree *item = (struct tree *) obj;
767767
item->buffer = NULL;
768+
obj->parsed = 0;
768769
}
769770
if (obj->type == OBJ_COMMIT) {
770771
struct commit *commit = (struct commit *) obj;

builtin/reflog.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,7 @@ static int tree_is_complete(const unsigned char *sha1)
9494
complete = 0;
9595
}
9696
}
97-
free(tree->buffer);
98-
tree->buffer = NULL;
97+
free_tree_buffer(tree);
9998

10099
if (complete)
101100
tree->object.flags |= SEEN;

http-push.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1330,8 +1330,7 @@ static struct object_list **process_tree(struct tree *tree,
13301330
break;
13311331
}
13321332

1333-
free(tree->buffer);
1334-
tree->buffer = NULL;
1333+
free_tree_buffer(tree);
13351334
return p;
13361335
}
13371336

list-objects.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -123,8 +123,7 @@ static void process_tree(struct rev_info *revs,
123123
cb_data);
124124
}
125125
strbuf_setlen(base, baselen);
126-
free(tree->buffer);
127-
tree->buffer = NULL;
126+
free_tree_buffer(tree);
128127
}
129128

130129
static void mark_edge_parents_uninteresting(struct commit *commit,

reachable.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -80,8 +80,7 @@ static void process_tree(struct tree *tree,
8080
else
8181
process_blob(lookup_blob(entry.sha1), p, &me, entry.path, cp);
8282
}
83-
free(tree->buffer);
84-
tree->buffer = NULL;
83+
free_tree_buffer(tree);
8584
}
8685

8786
static void process_tag(struct tag *tag, struct object_array *p,

revision.c

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -134,8 +134,7 @@ void mark_tree_uninteresting(struct tree *tree)
134134
* We don't care about the tree any more
135135
* after it has been marked uninteresting.
136136
*/
137-
free(tree->buffer);
138-
tree->buffer = NULL;
137+
free_tree_buffer(tree);
139138
}
140139

141140
void mark_parents_uninteresting(struct commit *commit)

tree.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -225,6 +225,14 @@ int parse_tree(struct tree *item)
225225
return parse_tree_buffer(item, buffer, size);
226226
}
227227

228+
void free_tree_buffer(struct tree *tree)
229+
{
230+
free(tree->buffer);
231+
tree->buffer = NULL;
232+
tree->size = 0;
233+
tree->object.parsed = 0;
234+
}
235+
228236
struct tree *parse_tree_indirect(const unsigned char *sha1)
229237
{
230238
struct object *obj = parse_object(sha1);

tree.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ struct tree *lookup_tree(const unsigned char *sha1);
1616
int parse_tree_buffer(struct tree *item, void *buffer, unsigned long size);
1717

1818
int parse_tree(struct tree *tree);
19+
void free_tree_buffer(struct tree *tree);
1920

2021
/* Parses and returns the tree in the given ent, chasing tags and commits. */
2122
struct tree *parse_tree_indirect(const unsigned char *sha1);

walker.c

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -56,10 +56,7 @@ static int process_tree(struct walker *walker, struct tree *tree)
5656
if (!obj || process(walker, obj))
5757
return -1;
5858
}
59-
free(tree->buffer);
60-
tree->buffer = NULL;
61-
tree->size = 0;
62-
tree->object.parsed = 0;
59+
free_tree_buffer(tree);
6360
return 0;
6461
}
6562

0 commit comments

Comments
 (0)