From f5b4dc7668b6c8d71432af9f9ddad6f7c62d284e Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 5 Sep 2017 08:14:40 -0400 Subject: tempfile: handle NULL tempfile pointers gracefully The tempfile functions all take pointers to tempfile objects, but do not check whether the argument is NULL. This isn't a big deal in practice, since the lifetime of any tempfile object is defined to last for the whole program. So even if we try to call delete_tempfile() on an already-deleted tempfile, our "active" check will tell us that it's a noop. In preparation for transitioning to a new system that loosens the "tempfile objects can never be freed" rule, let's tighten up our active checks: 1. A NULL pointer is now defined as "inactive" (so it will BUG for most functions, but works as a silent noop for things like delete_tempfile). 2. Functions should always do the "active" check before looking at any of the struct fields. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- tempfile.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tempfile.h') diff --git a/tempfile.h b/tempfile.h index d854dcdd3e..d30663182d 100644 --- a/tempfile.h +++ b/tempfile.h @@ -211,7 +211,7 @@ extern FILE *fdopen_tempfile(struct tempfile *tempfile, const char *mode); static inline int is_tempfile_active(struct tempfile *tempfile) { - return tempfile->active; + return tempfile && tempfile->active; } /* -- cgit v1.2.3