global: convert intentionally-leaking config strings to consts

There are multiple cases where we intentionally leak config strings:

  - `struct gpg_format` is used to track programs that can be used for
    signing commits, either via gpg(1), gpgsm(1) or ssh-keygen(1). The
    user can override the commands via several config variables. As the
    array is populated once, only, and the struct memers are never
    written to or free'd.

  - `struct ll_merge_driver` is used to track merge drivers. Same as
    with the GPG format, these drivers are populated once and then
    reused. Its data is never written to or free'd, either.

  - `struct userdiff_funcname` and `struct userdiff_driver` can be
    configured via `diff.<driver>.*` to add additional drivers. Again,
    these have a global lifetime and are never written to or free'd.

All of these are intentionally kept alive and are never written to.
Furthermore, all of these are being assigned both string constants in
some places, and allocated strings in other places. This will cause
warnings once we enable `-Wwrite-strings`, so let's mark the respective
fields as `const char *` and cast away the constness when assigning
those values.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/gpg-interface.c b/gpg-interface.c
index 71a9382a611e56516bdba0593ac5a78515a2a299..5c824aeb257cb94ccb16297e17fa00df973fd36c 100644 (file)
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -34,7 +34,7 @@ static enum signature_trust_level configured_min_trust_level = TRUST_UNDEFINED;
 
 struct gpg_format {
        const char *name;
-       char *program;
+       const char *program;
        const char **verify_args;
        const char **sigs;
        int (*verify_signed_buffer)(struct signature_check *sigc,
@@ -783,7 +783,7 @@ static int git_gpg_config(const char *var, const char *value,
 
        if (fmtname) {
                fmt = get_format_by_name(fmtname);
-               return git_config_string(&fmt->program, var, value);
+               return git_config_string((char **) &fmt->program, var, value);
        }
 
        return 0;

diff --git a/merge-ll.c b/merge-ll.c
index e29b15fa4a685f156c213add8735ec9a3280cc6c..180c19df6737fe13404095ccbc5d65a880ff3a68 100644 (file)
--- a/merge-ll.c
+++ b/merge-ll.c
@@ -27,7 +27,7 @@ typedef enum ll_merge_result (*ll_merge_fn)(const struct ll_merge_driver *,
 
 struct ll_merge_driver {
        const char *name;
-       char *description;
+       const char *description;
        ll_merge_fn fn;
        char *recursive;
        struct ll_merge_driver *next;
@@ -304,8 +304,13 @@ static int read_merge_config(const char *var, const char *value,
                ll_user_merge_tail = &(fn->next);
        }
 
-       if (!strcmp("name", key))
-               return git_config_string(&fn->description, var, value);
+       if (!strcmp("name", key)) {
+               /*
+                * The description is leaking, but that's okay as we want to
+                * keep around the merge drivers anyway.
+                */
+               return git_config_string((char **) &fn->description, var, value);
+       }
 
        if (!strcmp("driver", key)) {
                if (!value)

diff --git a/userdiff.c b/userdiff.c
index 82bc76b910ad1ef98d0ca51669de1ca1ca7861ef..371032a4132ef83eb2178696cbd4a88e03e8fd82 100644 (file)
--- a/userdiff.c
+++ b/userdiff.c
@@ -399,7 +399,7 @@ static struct userdiff_driver *userdiff_find_by_namelen(const char *name, size_t
 static int parse_funcname(struct userdiff_funcname *f, const char *k,
                const char *v, int cflags)
 {
-       if (git_config_string(&f->pattern, k, v) < 0)
+       if (git_config_string((char **) &f->pattern, k, v) < 0)
                return -1;
        f->cflags = cflags;
        return 0;
@@ -445,15 +445,15 @@ int userdiff_config(const char *k, const char *v)
        if (!strcmp(type, "binary"))
                return parse_tristate(&drv->binary, k, v);
        if (!strcmp(type, "command"))
-               return git_config_string(&drv->external, k, v);
+               return git_config_string((char **) &drv->external, k, v);
        if (!strcmp(type, "textconv"))
-               return git_config_string(&drv->textconv, k, v);
+               return git_config_string((char **) &drv->textconv, k, v);
        if (!strcmp(type, "cachetextconv"))
                return parse_bool(&drv->textconv_want_cache, k, v);
        if (!strcmp(type, "wordregex"))
-               return git_config_string(&drv->word_regex, k, v);
+               return git_config_string((char **) &drv->word_regex, k, v);
        if (!strcmp(type, "algorithm"))
-               return git_config_string(&drv->algorithm, k, v);
+               return git_config_string((char **) &drv->algorithm, k, v);
 
        return 0;
 }

diff --git a/userdiff.h b/userdiff.h
index cc8e5abfefd9d6e05848f2d660412f3b3ed9fc35..d726804c3e5ee8879ff41d5a424569f9e1b10e3d 100644 (file)
--- a/userdiff.h
+++ b/userdiff.h
@@ -7,19 +7,19 @@ struct index_state;
 struct repository;
 
 struct userdiff_funcname {
-       char *pattern;
+       const char *pattern;
        int cflags;
 };
 
 struct userdiff_driver {
        const char *name;
-       char *external;
-       char *algorithm;
+       const char *external;
+       const char *algorithm;
        int binary;
        struct userdiff_funcname funcname;
-       char *word_regex;
-       char *word_regex_multi_byte;
-       char *textconv;
+       const char *word_regex;
+       const char *word_regex_multi_byte;
+       const char *textconv;
        struct notes_cache *textconv_cache;
        int textconv_want_cache;
 };