git.ipfire.org Git - thirdparty/git.git/commit

author	Deveshi Dwivedi <deveshigurgaon@gmail.com>
	Sun, 15 Mar 2026 09:44:43 +0000 (09:44 +0000)
committer	Junio C Hamano <gitster@pobox.com>
	Sun, 15 Mar 2026 21:46:51 +0000 (14:46 -0700)
commit	65fec23b577d09122865d239ce454d7946691c2a
tree	7636f84ed7ebe11ebb8312504130d2477de96f36	tree \| snapshot
parent	6e84af9ff4f271b636f3be2ee8daba0fb79c2f84	commit \| diff

coccinelle: detect struct strbuf passed by value

Passing a struct strbuf by value to a function copies the struct
but shares the underlying character array between caller and callee.
If the callee causes a reallocation, the caller's copy becomes a
dangling pointer, leading to a double-free when strbuf_release() is
called.  There is no coccinelle rule to catch this pattern.

Jeff King suggested adding one during review of the
write_worktree_linking_files() fix [1], and noted that a reporting
rule using coccinelle's Python scripting extensions could emit a
descriptive warning, but we do not currently require Python support
in coccinelle.

Add a transformation rule that rewrites a by-value strbuf parameter
to a pointer.  The detection is identical to what a Python-based
reporting rule would catch; only the presentation differs.  The
resulting diff will not produce compilable code on its own (callers
and the function body still need updating), but the spatch output
alerts the developer that the signature needs attention.  This is
consistent with the other rules in strbuf.cocci, which also rewrite
to the preferred form.

[1] https://lore.kernel.org/git/20260309192600.GC309867@coredump.intra.peff.net/

Signed-off-by: Deveshi Dwivedi <deveshigurgaon@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>