Commit 18ca62de01a5c1631f879a3ba0cb0ae0817c8e38
2019-09-21T15:18:42
buffer: fix memory leak if unable to grow buffer If growing a buffer fails, we set its pointer to the static `git_buf__oom` structure. While we correctly free the old pointer if `git__malloc` returned an error, we do not free it if there was an integer overflow while calculating the new allocation size. Fix this issue by freeing the pointer to plug the memory leak.
diff --git a/src/buffer.c b/src/buffer.c
index 51fb48a..8acf2ac 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -70,8 +70,11 @@ int git_buf_try_grow(
new_size = (new_size + 7) & ~7;
if (new_size < buf->size) {
- if (mark_oom)
+ if (mark_oom) {
+ if (buf->ptr && buf->ptr != git_buf__initbuf)
+ git__free(buf->ptr);
buf->ptr = git_buf__oom;
+ }
git_error_set_oom();
return -1;