git.ipfire.org Git - thirdparty/git.git/commit

author	Enzo Matsumiya <ematsumiya@suse.de>
	Thu, 25 Nov 2021 00:02:39 +0000 (21:02 -0300)
committer	Junio C Hamano <gitster@pobox.com>
	Thu, 25 Nov 2021 00:14:10 +0000 (16:14 -0800)
commit	f917f57f40a22b64ab5354e99dbf32bb48d9fc0a
tree	a07ad0bc547c38dde56e6a32118db6696cd680bd	tree
parent	e9d7761bb94f20acc98824275e317fa82436c25d	commit \| diff

pager: fix crash when pager program doesn't exist

When prepare_cmd() fails for, e.g., pager process setup,
child_process_clear() frees the memory in pager_process.args, but .argv
was pointed to pager_process.args.v earlier in start_command(), so it's
now a dangling pointer.

setup_pager() is then called a second time, from cmd_log_init_finish()
in this case, and any further operations using its .argv, e.g. strvec_*,
will use the dangling pointer and eventually crash. According to trivial
tests, setup_pager() is not called twice if the first call is
successful.

This patch makes sure that pager_process is properly initialized on
setup_pager(). Drop CHILD_PROCESS_INIT from its declaration since it's
no longer really necessary.

Add a test to catch possible regressions.

Reproducer:
$ git config pager.show INVALID_PAGER
$ git show $VALID_COMMIT
error: cannot run INVALID_PAGER: No such file or directory
[1] 3619 segmentation fault (core dumped) git show $VALID_COMMIT

Signed-off-by: Enzo Matsumiya <ematsumiya@suse.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

pager.c		diff \| blob \| blame \| history
t/t7006-pager.sh		diff \| blob \| blame \| history