Skip to content

Commit f22392e

Browse files
committed
compat/win32/syslog: fix use-after-realloc
Git for Windows' SDK recently upgraded to GCC v12.x which points out that the `pos` variable might be used even after the corresponding memory was `realloc()`ed and therefore potentially no longer valid. Since a subset of this SDK is used in Git's CI/PR builds, we need to fix this to continue to be able to benefit from the CI/PR runs. Note: This bug has been with us since 2a6b149 (mingw: avoid using strbuf in syslog, 2011-10-06), and while it looks tempting to replace the hand-rolled string manipulation with a `strbuf`-based one, that commit's message explains why we cannot do that: The `syslog()` function is called as part of the function in `daemon.c` which is set as the `die()` routine, and since `strbuf_grow()` can call that function if it runs out of memory, this would cause a nasty infinite loop that we do not want to re-introduce. Signed-off-by: Johannes Schindelin <[email protected]>
1 parent e54793a commit f22392e

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

compat/win32/syslog.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,13 +43,15 @@ void syslog(int priority, const char *fmt, ...)
4343
va_end(ap);
4444

4545
while ((pos = strstr(str, "%1")) != NULL) {
46+
size_t offset = pos - str;
4647
char *oldstr = str;
4748
str = realloc(str, st_add(++str_len, 1));
4849
if (!str) {
4950
free(oldstr);
5051
warning_errno("realloc failed");
5152
return;
5253
}
54+
pos = str + offset;
5355
memmove(pos + 2, pos + 1, strlen(pos));
5456
pos[1] = ' ';
5557
}

0 commit comments

Comments
 (0)