config.c: NULL check when reading protected config

In read_protected_config(), check whether each file name is NULL before
attempting to read it, and add a BUG() call to
git_config_from_file_with_options() to make this error easier to catch
in the future.

The NULL checks mirror what do_git_config_sequence() does (which
read_protected_config() is modeled after). Without these NULL checks,
multiple tests fail with "make SANITIZE=address", e.g. in the final test
of t4010, xdg_config is NULL causing us to call fopen(NULL).

Reported-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Glen Choo <chooglen@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/config.c b/config.c
index 015bec360f51e4934eb58f876abcb5b4c8dbb143..e8ebef77d5c92423f7af85d9176059e2a772a320 100644 (file)
--- a/config.c
+++ b/config.c
@@ -1979,6 +1979,8 @@ int git_config_from_file_with_options(config_fn_t fn, const char *filename,
        int ret = -1;
        FILE *f;
 
+       if (!filename)
+               BUG("filename cannot be NULL");
        f = fopen_or_warn(filename, "r");
        if (f) {
                ret = do_config_from_file(fn, CONFIG_ORIGIN_FILE, filename,
@@ -2645,9 +2647,12 @@ static void read_protected_config(void)
        system_config = git_system_config();
        git_global_config(&user_config, &xdg_config);
 
-       git_configset_add_file(&protected_config, system_config);
-       git_configset_add_file(&protected_config, xdg_config);
-       git_configset_add_file(&protected_config, user_config);
+       if (system_config)
+               git_configset_add_file(&protected_config, system_config);
+       if (xdg_config)
+               git_configset_add_file(&protected_config, xdg_config);
+       if (user_config)
+               git_configset_add_file(&protected_config, user_config);
        git_configset_add_parameters(&protected_config);
 
        free(system_config);