Commit d1dbb3ae by Carlos Martín Nieto

signature: don't leave a dangling pointer to the strings on parse failure

If the signature is invalid but we detect that after allocating the strings, we
free them. We however leave that pointer dangling in the structure the caller
gave us, which can lead to double-free.

Set these pointers to `NULL` after freeing their memory to avoid this.
parent c4c95bf4
...@@ -231,6 +231,7 @@ int git_signature__parse(git_signature *sig, const char **buffer_out, ...@@ -231,6 +231,7 @@ int git_signature__parse(git_signature *sig, const char **buffer_out,
if (git__strtol64(&sig->when.time, time_start, &time_end, 10) < 0) { if (git__strtol64(&sig->when.time, time_start, &time_end, 10) < 0) {
git__free(sig->name); git__free(sig->name);
git__free(sig->email); git__free(sig->email);
sig->name = sig->email = NULL;
return signature_error("invalid Unix timestamp"); return signature_error("invalid Unix timestamp");
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment