gpg-interface: fix leak of "line" in parse_ssh_output()

We xmemdupz() this buffer, but never free it. Let's do so. We'll use a
cleanup label, since there are multiple exits from the function.

Note that it was also declared a "const char *". We could switch that to
"char *" to indicate that it's allocated, but that make it awkward to
use with skip_prefix(). So instead, we'll introduce an extra non-const
pointer.

Signed-off-by: Jeff King <[email protected]>
Signed-off-by: Junio C Hamano <[email protected]>

Author: peff

gpg-interface.c

@@ -365,6 +365,7 @@ static int verify_gpg_signed_buffer(struct signature_check *sigc,
 static void parse_ssh_output(struct signature_check *sigc)
 {
 	const char *line, *principal, *search;
+	char *to_free;
 	char *key = NULL;
 
 	/*
@@ -383,7 +384,7 @@ static void parse_ssh_output(struct signature_check *sigc)
 	sigc->result = 'B';
 	sigc->trust_level = TRUST_NEVER;
 
-	line = xmemdupz(sigc->output, strcspn(sigc->output, "\n"));
+	line = to_free = xmemdupz(sigc->output, strcspn(sigc->output, "\n"));
 
 	if (skip_prefix(line, "Good \"git\" signature for ", &line)) {
 		/* Valid signature and known principal */
@@ -403,7 +404,7 @@ static void parse_ssh_output(struct signature_check *sigc)
 		sigc->result = 'G';
 		sigc->trust_level = TRUST_UNDEFINED;
 	} else {
-		return;
+		goto cleanup;
 	}
 
 	key = strstr(line, "key");
@@ -417,6 +418,9 @@ static void parse_ssh_output(struct signature_check *sigc)
 		 */
 		sigc->result = 'B';
 	}
+
+cleanup:
+	free(to_free);
 }
 
 static int verify_ssh_signed_buffer(struct signature_check *sigc,