builtin/rebase: fix leaking `commit.gpgsign` value

In `get_replay_opts()`, we override the `gpg_sign` field that already
got populated by `sequencer_init_config()` in case the user has
"commit.gpgsign" set in their config. This creates a memory leak because
we overwrite the previously assigned value, which may have already
pointed to an allocated string.

Let's plug the memory leak by freeing the value before we overwrite it.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin/rebase.c b/builtin/rebase.c
index e3a8e74cfc25c89243397f62e3b09b8165c3ed6b..2f01d5d3a6f633d5421f78f6177925c24e884f1d 100644 (file)
--- a/builtin/rebase.c
+++ b/builtin/rebase.c
@@ -186,6 +186,7 @@ static struct replay_opts get_replay_opts(const struct rebase_options *opts)
        replay.committer_date_is_author_date =
                                        opts->committer_date_is_author_date;
        replay.ignore_date = opts->ignore_date;
+       free(replay.gpg_sign);
        replay.gpg_sign = xstrdup_or_null(opts->gpg_sign_opt);
        replay.reflog_action = xstrdup(opts->reflog_action);
        if (opts->strategy)

diff --git a/sequencer.c b/sequencer.c
index 0291920f0b753fe30eb6c6e456017d4f9cc43607..cade9b0ca873f430ddca3fe683fc423600525f78 100644 (file)
--- a/sequencer.c
+++ b/sequencer.c
@@ -303,6 +303,7 @@ static int git_sequencer_config(const char *k, const char *v,
        }
 
        if (!strcmp(k, "commit.gpgsign")) {
+               free(opts->gpg_sign);
                opts->gpg_sign = git_config_bool(k, v) ? xstrdup("") : NULL;
                return 0;
        }

diff --git a/t/t3404-rebase-interactive.sh b/t/t3404-rebase-interactive.sh
index f92baad1381e6619a311e304865529f3c6dc46e7..f171af3061db9538aa0291e642530e098bff7124 100755 (executable)
--- a/t/t3404-rebase-interactive.sh
+++ b/t/t3404-rebase-interactive.sh
@@ -26,6 +26,7 @@ Initial setup:
  touch file "conflict".
 '
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 
 . "$TEST_DIRECTORY"/lib-rebase.sh

diff --git a/t/t3435-rebase-gpg-sign.sh b/t/t3435-rebase-gpg-sign.sh
index 6aa2aeb628d0eda991ee16760985f9017dceebb1..6e329fea7c0fac0482e363a3d297134c942e256a 100755 (executable)
--- a/t/t3435-rebase-gpg-sign.sh
+++ b/t/t3435-rebase-gpg-sign.sh
@@ -8,6 +8,7 @@ test_description='test rebase --[no-]gpg-sign'
 GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main
 export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 . "$TEST_DIRECTORY/lib-rebase.sh"
 . "$TEST_DIRECTORY/lib-gpg.sh"

diff --git a/t/t7030-verify-tag.sh b/t/t7030-verify-tag.sh
index 6f526c37c2776e6288a1abe5860b6a9efed25183..effa826744bf5834c7579c6aa62a6aa52b63d0ab 100755 (executable)
--- a/t/t7030-verify-tag.sh
+++ b/t/t7030-verify-tag.sh
@@ -4,6 +4,7 @@ test_description='signed tag tests'
 GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main
 export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
 
+TEST_PASSES_SANITIZE_LEAK=true
 . ./test-lib.sh
 . "$TEST_DIRECTORY/lib-gpg.sh"