jcarr
/
git2go
1
0
Fork 0
Code Issues 52 Pull Requests 31 Packages Projects Releases Wiki Activity

Fix a potential use-after-free in DiffNotifyCallback #579

Merged
lhchavez merged 1 commits from fix-diff-leak into master 2020-06-21 08:45:40 -05:00
Conversation 0 Commits 1 Files Changed 2 +40 -40
lhchavez commented 2020-05-08 23:39:57 -05:00 (Migrated from github.com)
Copy Link

This change makes the DiffNotifyCallback always use an "unowned"
*git.Diff that does not run the finalizer. Since the underlying
git_diff object is still owned by libgit2, we shouldn't be calling
Diff.Free() on it, even by accident, since that would cause a whole lot
of undefined behavior.

Now instead of storing a reference to a *git.Diff in the intermediate
state while the diff operation is being done, create a brand new
*git.Diff for every callback invocation, and only create a fully-owned
*git.Diff when the diff operation is done and the ownership is
transfered to Go.

This change makes the DiffNotifyCallback always use an "unowned" *git.Diff that does _not_ run the finalizer. Since the underlying git_diff object is still owned by libgit2, we shouldn't be calling Diff.Free() on it, even by accident, since that would cause a whole lot of undefined behavior. Now instead of storing a reference to a *git.Diff in the intermediate state while the diff operation is being done, create a brand new *git.Diff for every callback invocation, and only create a fully-owned *git.Diff when the diff operation is done and the ownership is transfered to Go.
👍 1
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

   
duplicate

   
enhancement

   
invalid

   
question

   
up for grabs

   
wontfix
No Label
bug
duplicate
enhancement
invalid
question
up for grabs
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: jcarr/git2go#579
No description provided.
Delete Branch "fix-diff-leak"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?