Don't leak file descriptors from unavailable pack files.

If open_packed_git failed it may have been because the packfile actually exists and is readable, but some sort of verification did not pass. In this case open_packed_git left pack_fd filled in, as the file descriptor is valid. We don't want to leak the file descriptor, nor do we want to allow someone in the future to use this packed_git. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
git-mirror · Feb 3, 2007 · 3cf8b46 · 3cf8b46
1 parent 0d18e41
commit 3cf8b46
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/sha1_file.c b/sha1_file.c
@@ -552,7 +552,11 @@ void unuse_pack(struct pack_window **w_cursor)
 	}
 }
 
-static int open_packed_git(struct packed_git *p)
+/*
+ * Do not call this directly as this leaks p->pack_fd on error return;
+ * call open_packed_git() instead.
+ */
+static int open_packed_git_1(struct packed_git *p)
 {
 	struct stat st;
 	struct pack_header hdr;
@@ -608,6 +612,17 @@ static int open_packed_git(struct packed_git *p)
 	return 0;
 }
 
+static int open_packed_git(struct packed_git *p)
+{
+	if (!open_packed_git_1(p))
+		return 0;
+	if (p->pack_fd != -1) {
+		close(p->pack_fd);
+		p->pack_fd = -1;
+	}
+	return -1;
+}
+
 static int in_window(struct pack_window *win, unsigned long offset)
 {
 	/* We must promise at least 20 bytes (one hash) after the