packfile: fix memory leak in add_delta_base_cache()

When add_delta_base_cache() is called with a base that is already in the
cache, no operation is performed. But the check is done after allocating
space for a new entry, so we end up leaking memory on the early return.
In addition, the caller never free()'s the base as it expects the
function to take ownership of it. But the base is not released when we
skip insertion, so it also gets leaked. To fix these problems, move the
allocation of a new entry further down in add_delta_base_cache(), and
free() the base on early return.

Signed-off-by: Matheus Tavares <matheus.bernardino@usp.br>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/packfile.c b/packfile.c
index bfe76b2119e0d37fce028e30462de3999443d1ba..06d51eddac117ddf92458b317486916e52fedb18 100644 (file)
--- a/packfile.c
+++ b/packfile.c
@@ -1463,7 +1463,7 @@ void clear_delta_base_cache(void)
 static void add_delta_base_cache(struct packed_git *p, off_t base_offset,
        void *base, unsigned long base_size, enum object_type type)
 {
-       struct delta_base_cache_entry *ent = xmalloc(sizeof(*ent));
+       struct delta_base_cache_entry *ent;
        struct list_head *lru, *tmp;
 
        /*
@@ -1471,8 +1471,10 @@ static void add_delta_base_cache(struct packed_git *p, off_t base_offset,
         * is unpacking the same object, in unpack_entry() (since its phases I
         * and III might run concurrently across multiple threads).
         */
-       if (in_delta_base_cache(p, base_offset))
+       if (in_delta_base_cache(p, base_offset)) {
+               free(base);
                return;
+       }
 
        delta_base_cached += base_size;
 
@@ -1484,6 +1486,7 @@ static void add_delta_base_cache(struct packed_git *p, off_t base_offset,
                release_delta_base_cache(f);
        }
 
+       ent = xmalloc(sizeof(*ent));
        ent->key.p = p;
        ent->key.base_offset = base_offset;
        ent->type = type;