git: return strdup()ed empty string on error in pop_cstring

The pop_cstring() function is used by the git parser to duplicate a quoted string. On error, it returns an empty string literal. Since the caller expects a copied string and takes ownership of that string, it will ultimately be freed. Concrete example: a log with erroneous cylinder data was opened getting such an empty string literal as description. On closing or syncing with the cloud, the dive is freed, leading to a free of the string literal -> crash. Return a copy of the empty string instead. Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
author: Berthold Stoeger <bstoeger@mail.tuwien.ac.at> 2020-03-16 18:00:20 +0100
committer: Dirk Hohndel <dirk@hohndel.org> 2020-03-16 10:57:12 -0700
commit: 71f573da2aff3ace922605320fb576bf3d8117c7 (patch)
tree: e14ffbdb985f20b86f2c4fcd150b0ba3fbaba720 /core
parent: 0a463aad362cbc4194cfda6a534acd59b8b7fd53 (diff)
download: subsurface-71f573da2aff3ace922605320fb576bf3d8117c7.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/core/load-git.c b/core/load-git.c
index 9d36e4e39..e99bc9af0 100644
--- a/core/load-git.c
+++ b/core/load-git.c
@@ -334,11 +334,11 @@ static char *pop_cstring(struct membuffer *str, const char *err)
 
 	if (!str) {
 		report_error("git-load: string marker without any strings ('%s')", err);
-		return "";
+		return strdup("");
 	}
 	if (!str->len) {
 		report_error("git-load: string marker after running out of strings ('%s')", err);
-		return "";
+		return strdup("");
 	}
 	len = strlen(mb_cstring(str)) + 1;
 	return remove_from_front(str, len);
author	Berthold Stoeger <bstoeger@mail.tuwien.ac.at>	2020-03-16 18:00:20 +0100
committer	Dirk Hohndel <dirk@hohndel.org>	2020-03-16 10:57:12 -0700
commit	71f573da2aff3ace922605320fb576bf3d8117c7 (patch)
tree	e14ffbdb985f20b86f2c4fcd150b0ba3fbaba720 /core
parent	0a463aad362cbc4194cfda6a534acd59b8b7fd53 (diff)
download	subsurface-71f573da2aff3ace922605320fb576bf3d8117c7.tar.gz