mirrors/git
1
0
Fork 0
mirror of https://github.com/git/git.git synced 2024-10-28 04:49:43 +01:00
Code Activity
git/http.h
Jeff King a1bc3c88de http: fix leak of http_object_request struct 
The new_http_object_request() function allocates a struct on the heap,
along with some fields inside the struct. But the matching function to
clean it up, release_http_object_request(), only frees the interior
fields without freeing the struct itself, causing a leak.

The related http_pack_request new/release pair gets this right, and at
first glance we should be able to do the same thing and just add a
single free() call. But there's a catch.

These http_object_request structs are typically embedded in the
object_request struct of http-walker.c. And when we clean up that parent
struct, it sanity-checks the embedded struct to make sure we are not
leaking descriptors. Which means a use-after-free if we simply free()
the embedded struct.

I have no idea how valuable that sanity-check is, or whether it can
simply be deleted. This all goes back to 5424bc557f (http*: add helper
methods for fetching objects (loose), 2009-06-06). But the obvious way
to make it all work is to be sure we set the pointer to NULL after
freeing it (and our freeing process closes the descriptor, so we know
there is no leak).

To make sure we do that consistently, we'll switch the pointer we take
in release_http_object_request() to a pointer-to-pointer, and we'll set
it to NULL ourselves. And then the compiler can help us find each caller
which needs to be updated.

Most cases will just pass "&obj_req->req", which will obviously do the
right thing. In a few cases, like http-push's finish_request(), we are
working with a copy of the pointer, so we don't NULL the original. But
it's OK because the next step is to free the struct containing the
original pointer anyway.

This lets us mark t5551 as leak-free. Ironically this is the "smart"
http test, and the leak here only affects dumb http. But there's a
single dumb-http invocation in there. The full dumb tests are in t5550,
which still has some more leaks.

This also makes t5559 leak-free, as it's just an HTTP/2 variant of
t5551. But we don't need to mark it as such, since it inherits the flag
from t5551.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2024-09-25 10:24:55 -07:00

255 lines
7.3 KiB
C
Raw Blame History

#ifndef HTTP_H
#define HTTP_H
struct packed_git;
#include "git-zlib.h"
#include <curl/curl.h>
#include <curl/easy.h>
#include "strbuf.h"
#include "remote.h"
#define DEFAULT_MAX_REQUESTS 5
struct slot_results {
CURLcode curl_result;
long http_code;
long auth_avail;
long http_connectcode;
};
struct active_request_slot {
CURL *curl;
int in_use;
CURLcode curl_result;
long http_code;
int *finished;
struct slot_results *results;
void *callback_data;
void (*callback_func)(void *data);
struct active_request_slot *next;
};
struct buffer {
struct strbuf buf;
size_t posn;
};
/* Curl request read/write callbacks */
size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *strbuf);
size_t fwrite_buffer(char *ptr, size_t eltsize, size_t nmemb, void *strbuf);
size_t fwrite_null(char *ptr, size_t eltsize, size_t nmemb, void *strbuf);
int seek_buffer(void *clientp, curl_off_t offset, int origin);
/* Slot lifecycle functions */
struct active_request_slot *get_active_slot(void);
int start_active_slot(struct active_request_slot *slot);
void run_active_slot(struct active_request_slot *slot);
void finish_all_active_slots(void);
/*
* This will run one slot to completion in a blocking manner, similar to how
* curl_easy_perform would work (but we don't want to use that, because
* we do not want to intermingle calls to curl_multi and curl_easy).
*
*/
int run_one_slot(struct active_request_slot *slot,
struct slot_results *results);
void fill_active_slots(void);
void add_fill_function(void *data, int (*fill)(void *));
void step_active_slots(void);
void http_init(struct remote *remote, const char *url,
int proactive_auth);
void http_cleanup(void);
struct curl_slist *http_copy_default_headers(void);
extern long int git_curl_ipresolve;
extern int active_requests;
extern int http_is_verbose;
extern ssize_t http_post_buffer;
extern struct credential http_auth;
extern char curl_errorstr[CURL_ERROR_SIZE];
enum http_follow_config {
HTTP_FOLLOW_NONE,
HTTP_FOLLOW_ALWAYS,
HTTP_FOLLOW_INITIAL
};
extern enum http_follow_config http_follow_config;
static inline int missing__target(int code, int result)
{
return /* file:// URL -- do we ever use one??? */
(result == CURLE_FILE_COULDNT_READ_FILE) ||
/* http:// and https:// URL */
(code == 404 && result == CURLE_HTTP_RETURNED_ERROR) ||
/* ftp:// URL */
(code == 550 && result == CURLE_FTP_COULDNT_RETR_FILE)
;
}
#define missing_target(a) missing__target((a)->http_code, (a)->curl_result)
/*
* Normalize curl results to handle CURL_FAILONERROR (or lack thereof). Failing
* http codes have their "result" converted to CURLE_HTTP_RETURNED_ERROR, and
* an appropriate string placed in the errorstr buffer (pass curl_errorstr if
* you don't have a custom buffer).
*/
void normalize_curl_result(CURLcode *result, long http_code, char *errorstr,
size_t errorlen);
/* Helpers for modifying and creating URLs */
void append_remote_object_url(struct strbuf *buf, const char *url,
const char *hex,
int only_two_digit_prefix);
char *get_remote_object_url(const char *url, const char *hex,
int only_two_digit_prefix);
/* Options for http_get_*() */
struct http_get_options {
unsigned no_cache:1,
initial_request:1;
/* If non-NULL, returns the content-type of the response. */
struct strbuf *content_type;
/*
* If non-NULL, and content_type above is non-NULL, returns
* the charset parameter from the content-type. If none is
* present, returns an empty string.
*/
struct strbuf *charset;
/*
* If non-NULL, returns the URL we ended up at, including any
* redirects we followed.
*/
struct strbuf *effective_url;
/*
* If both base_url and effective_url are non-NULL, the base URL will
* be munged to reflect any redirections going from the requested url
* to effective_url. See the definition of update_url_from_redirect
* for details.
*/
struct strbuf *base_url;
/*
* If not NULL, contains additional HTTP headers to be sent with the
* request. The strings in the list must not be freed until after the
* request has completed.
*/
struct string_list *extra_headers;
};
/* Return values for http_get_*() */
#define HTTP_OK 0
#define HTTP_MISSING_TARGET 1
#define HTTP_ERROR 2
#define HTTP_START_FAILED 3
#define HTTP_REAUTH 4
#define HTTP_NOAUTH 5
#define HTTP_NOMATCHPUBLICKEY 6
/*
* Requests a URL and stores the result in a strbuf.
*
* If the result pointer is NULL, a HTTP HEAD request is made instead of GET.
*/
int http_get_strbuf(const char *url, struct strbuf *result, struct http_get_options *options);
/*
* Downloads a URL and stores the result in the given file.
*
* If a previous interrupted download is detected (i.e. a previous temporary
* file is still around) the download is resumed.
*/
int http_get_file(const char *url, const char *filename,
struct http_get_options *options);
int http_fetch_ref(const char *base, struct ref *ref);
struct curl_slist *http_append_auth_header(const struct credential *c,
struct curl_slist *headers);
/* Helpers for fetching packs */
int http_get_info_packs(const char *base_url,
struct packed_git **packs_head);
/* Helper for getting Accept-Language header */
const char *http_get_accept_language_header(void);
struct http_pack_request {
char *url;
/*
* index-pack command to run. Must be terminated by NULL.
*
* If NULL, defaults to {"index-pack", "--stdin", NULL}.
*/
const char **index_pack_args;
unsigned preserve_index_pack_stdout : 1;
FILE *packfile;
struct strbuf tmpfile;
struct active_request_slot *slot;
struct curl_slist *headers;
};
struct http_pack_request *new_http_pack_request(
const unsigned char *packed_git_hash, const char *base_url);
struct http_pack_request *new_direct_http_pack_request(
const unsigned char *packed_git_hash, char *url);
int finish_http_pack_request(struct http_pack_request *preq);
void release_http_pack_request(struct http_pack_request *preq);
/*
* Remove p from the given list, and invoke install_packed_git() on it.
*
* This is a convenience function for users that have obtained a list of packs
* from http_get_info_packs() and have chosen a specific pack to fetch.
*/
void http_install_packfile(struct packed_git *p,
struct packed_git **list_to_remove_from);
/* Helpers for fetching object */
struct http_object_request {
char *url;
struct strbuf tmpfile;
int localfile;
CURLcode curl_result;
char errorstr[CURL_ERROR_SIZE];
long http_code;
struct object_id oid;
struct object_id real_oid;
git_hash_ctx c;
git_zstream stream;
int zret;
int rename;
struct active_request_slot *slot;
struct curl_slist *headers;
};
struct http_object_request *new_http_object_request(
const char *base_url, const struct object_id *oid);
void process_http_object_request(struct http_object_request *freq);
int finish_http_object_request(struct http_object_request *freq);
void abort_http_object_request(struct http_object_request **freq);
void release_http_object_request(struct http_object_request **freq);
/*
* Instead of using environment variables to determine if curl tracing happens,
* behave as if GIT_TRACE_CURL=1 and GIT_TRACE_CURL_NO_DATA=1 is set. Call this
* before calling setup_curl_trace().
*/
void http_trace_curl_no_data(void);
/* setup routine for curl_easy_setopt CURLOPT_DEBUGFUNCTION */
void setup_curl_trace(CURL *handle);
#endif /* HTTP_H */
View git blame Copy permalink