diff: Fix a use after free as well as a memory leak in change().
ClosedPublic
Actions

Authored by jhb on Sep 29 2022, 10:34 PM.

Details

Reviewers

emaste
imp
bapt
thj

Commits

rG1f9f319919d7: diff: Fix a use after free as well as a memory leak in change().
rG3736b2dd3270: diff: Fix a use after free as well as a memory leak in change().

Summary

When -B or -I are used, change() evaluates the lines in a hunk to
determine if it is a hunk that should be ignored. It does this by
reading each candidate line into a mallocated buffer via preadline()
and then calling ignoreline(). Previously the buffer was freed as a
side effect of ignoreline_pattern() called from ignoreline().
However, if only -B was specified, then ignoreline_pattern() was not
called and the lines were leaked. If both options were specified,
then ignoreline_pattern() was called before checking for a blank line
so that the second check was a use after free.

To fix, pull the free() out of ignoreline_pattern() and instead do it
up in change() so that is paired with preadline().

While here, simplify ignoreline() by checking for the -B and -I cases
individually without a separate clause for when both are set. Also,
do the cheaper check (-B) first, and remove a false comment (this
function is only caused if at least one of -I or -B are specified).

Reported by: GCC 12 -Wuse-after-free