|
1a2d8bd3
|
2016-03-23T16:51:52
|
|
array: fix search for empty arrays
When the array is empty `cmp` never gets set by the comparison
function. Initialize it so we return ENOTFOUND in those cases.
|
|
661db4f4
|
2016-03-23T03:45:53
|
|
Merge pull request #3704 from ethomson/tree-reuse
tree: drop the now-unnecessary entries vector
|
|
6669e3e8
|
2015-11-08T04:28:08
|
|
blob: remove _fromchunks()
The callback mechanism makes it awkward to write data from an IO
source; move to `_fromstream()` which lets the caller remain in control,
in the same vein as we prefer iterators over foreach callbacks.
|
|
3fa764ed
|
2015-11-04T09:20:14
|
|
filebuf: allow using a custom buffer size
Allow setting the buffer size on open in order to use this data
structure more generally as a spill buffer, with larger buffer sizes for
specific use-cases.
|
|
0a5c6028
|
2015-11-04T10:30:48
|
|
blob: introduce creating a blob by writing into a stream
The pair of `git_blob_create_frombuffer()` and
`git_blob_create_frombuffer_commit()` is meant to replace
`git_blob_create_fromchunks()` by providing a way for a user to write a
new blob when they want filtering or they do not know the size.
This approach allows the caller to retain control over when to add data
to this buffer and a more natural fit into higher-level language's own
stream abstractions instead of having to handle IO wait in the callback.
The in-memory buffer size of 2MB is chosen somewhat arbitrarily to be a
round multiple of usual page sizes and a value where most blobs seem
likely to be either going to be way below or way over that size. It's
also a round number of pages.
This implementation re-uses the helper we have from `_fromchunks()` so
we end up writing everything to disk, but hopefully more efficiently
than with a default filebuf. A later optimisation can be to avoid
writing the in-memory contents to disk, with some extra complexity.
|
|
e2e4bae9
|
2016-03-22T00:18:44
|
|
tree: drop the now-unnecessary entries vector
Remove the now-unnecessary entries vector. Add `git_array_search`
to binary search through an array to accomplish this.
|
|
e50a49ee
|
2016-03-22T01:54:49
|
|
Merge pull request #3559 from yongthecoder/master
Add a sanity check in git_indexer_commit to avoid subtraction overflow.
|
|
4ed9e939
|
2016-03-20T12:01:45
|
|
tree: store the entries in a growable array
Take advantage of the constant size of tree-owned arrays and store them
in an array instead of a pool. This still lets us free them all at once
but lets the system allocator do the work of fitting them in.
|
|
60a194aa
|
2016-03-20T11:00:12
|
|
tree: re-use the id and filename in the odb object
Instead of copying over the data into the individual entries, point to
the originals, which are already in a format we can use.
|
|
a177756b
|
2016-03-18T13:00:27
|
|
win32: free thread-local data on thread exit
|
|
ec5a43b6
|
2016-03-18T06:37:41
|
|
Merge pull request #3699 from libgit2/cmn/win32-free-tls
win32: free thread-local data on thread exit
|
|
d953c450
|
2016-02-28T21:30:00
|
|
merge drivers: handle configured but not found driver
|
|
6d8b2cdb
|
2016-02-28T09:34:11
|
|
merge driver: remove `check` callback
Since the `apply` callback can defer, the `check` callback is not
necessary. Removing the `check` callback further makes the `payload`
unnecessary along with the `cleanup` callback.
|
|
967e073d
|
2016-02-27T16:42:02
|
|
merge driver: correct global initialization
|
|
7a3ab14f
|
2016-02-07T15:58:34
|
|
merge driver: get a pointer to favor
|
|
46625836
|
2016-02-07T15:19:43
|
|
merge driver: correct indentation
|
|
30a94ab7
|
2015-12-24T22:52:23
|
|
merge driver: allow custom default driver
Allow merge users to configure a custom default merge driver via
`git_merge_options`. Similarly, honor the `merge.default` configuration
option.
|
|
3f04219f
|
2015-12-23T10:23:08
|
|
merge driver: introduce custom merge drivers
Consumers can now register custom merged drivers with
`git_merge_driver_register`. This allows consumers to support the
merge drivers, as configured in `.gitattributes`. Consumers will be
asked to perform the file-level merge when a custom driver is
configured.
|
|
7a74590d
|
2015-12-03T09:57:56
|
|
Fix rebase bug and include test for merge=union
|
|
f8787098
|
2015-10-31T18:50:13
|
|
Support union merges via .gitattributes file
|
|
ba349322
|
2016-03-17T06:57:56
|
|
Merge pull request #3673 from libgit2/cmn/commit-with-signature
commit: add function to attach a signature to a commit
|
|
bf804d40
|
2016-03-17T10:45:22
|
|
commit: fix extraction of single-line signatures
The function to extract signatures suffers from a similar bug to the
header field finding one by having an unecessary line feed check as a
break condition of its loop.
Fix that and add a test for this single-line signature situation.
|
|
87c18197
|
2016-03-16T19:05:11
|
|
Split the page size from the mmap alignment
While often similar, these are not the same on Windows. We want to use the page
size on Windows for the pools, but for mmap we need to use the allocation
granularity as the alignment.
On the other platforms these values remain the same.
|
|
02d61a3b
|
2016-03-10T10:53:20
|
|
commit: add function to attach a signature to a commit
In combination with the function which creates a commit into a buffer,
this allows us to more easily create signed commits.
|
|
77394a27
|
2016-03-14T19:15:20
|
|
Merge pull request #3677 from pks-t/pks/coverity-fixes-round7
Coverity fixes round 7
|
|
4848dd32
|
2016-03-14T17:45:15
|
|
Merge pull request #3647 from pks-t/pks/coverity-fixes-round6
Coverity fixes round 6
|
|
8f4cbc76
|
2016-03-14T12:41:12
|
|
Start error string with lower case character
|
|
fa72d6da
|
2016-03-14T12:02:00
|
|
Setup better defaults for OpenSSL ciphers
This ensures that when using OpenSSL a safe default set of ciphers
is selected. This is done so that the client communicates securely
and we don't accidentally enable unsafe ciphers like RC4, or even
worse some old export ciphers.
Implements the first part of https://github.com/libgit2/libgit2/issues/3682
|
|
13c371dc
|
2016-03-10T17:21:02
|
|
config_cache: check return value of `git_config__lookup_entry`
Callers of `git_config__cvar` already handle the case where the
function returns an error due to a failed configuration variable
lookup, but we are actually swallowing errors when calling
`git_config__lookup_entry` inside of the function.
Fix this by returning early when `git_config__lookup_entry`
returns an error. As we call `git_config__lookup_entry` with
`no_errors == false` which leads us to call `get_entry` with
`GET_NO_MISSING` we will not return early when the lookup fails
due to a missing entry. Like this we are still able to set the
default value of the cvar and exit successfully.
|
|
6ff8a7c4
|
2016-03-10T17:05:30
|
|
filebuf: handle write error in `lock_file`
When writing to a file with locking not check if writing the
locked file actually succeeds. Fix the issue by returning error
code and message when writing fails.
|
|
836447e5
|
2016-03-10T16:52:09
|
|
config_file: handle error when trying to lock strmap
Accessing the current values map is handled through the
`refcounder_strmap_take` function, which first acquires a mutex
before accessing its values. While this assures everybody is
trying to access the values with the mutex only we do not check
if the locking actually succeeds.
Fix the issue by checking if acquiring the lock succeeds and
returning `NULL` if we encounter an error. Adjust callers.
|
|
e850e98d
|
2016-03-10T16:42:55
|
|
blame: handle error when resoling HEAD in normalize_options
When normalizing options we try to look up HEAD's OID. While this
action may fail in malformed repositories we never check the
return value of the function.
Fix the issue by converting `normalize_options` to actually
return an error and handle the error in `git_blame_file`.
|
|
8a4a343a
|
2016-03-10T16:33:49
|
|
blame_git: handle error returned by `git_commit_parent`
|
|
b27ccad2
|
2016-03-10T16:11:51
|
|
refdb_fs: fail if refcache returns NULL pointer
We usually check entries returned by `git_sortedcache_entry` for
NULL pointers. As we have a write lock in `packed_write`, though,
it really should not happen that the function returns NULL.
Assert that ref is not NULL to silence a Coverity warning.
|
|
1a8c11f4
|
2016-03-10T10:40:47
|
|
diff_tform: fix potential NULL pointer access
When the user passes in a diff which has no repository associated
we may call `git_config__get_int_force` with a NULL-pointer
configuration. Even though `git_config__get_int_force` is
designed to swallow errors, it is not intended to be called with
a NULL pointer configuration.
Fix the issue by only calling `git_config__get_int_force` only
when configuration could be retrieved from the repository.
|
|
3fe5768b
|
2016-03-01T17:55:40
|
|
pack-objects: fix memory leak on overflow
|
|
486302d6
|
2016-03-01T19:11:33
|
|
submodule: avoid passing NULL pointers to strncmp
In C89 it is undefined behavior to pass `NULL` pointers to
`strncmp` and later on in C99 it has been explicitly stated that
functions with an argument declared as `size_t nmemb` specifying
the array length shall always have valid parameters, no matter if
`nmemb` is 0 or not (see ISO 9899 §7.21.1.2).
The function `str_equal_no_trailing_slash` always passes its
parameters to `strncmp` if their lengths match. This means if one
parameter is `NULL` and the other one either `NULL` or a string
with length 0 we will pass the pointers to `strncmp` and cause
undefined behavior.
Fix this by explicitly handling the case when both lengths are 0.
|
|
80a834a5
|
2016-03-01T16:00:49
|
|
index: assert required OID are non-NULL
|
|
61d7328d
|
2016-03-01T15:35:45
|
|
object: avoid call of memset with ouf of bounds pointer
When computing a short OID we do this by first copying the
leading parts into the new OID structure and then setting the
trailing part to zero. In the case of the desired length being
`GIT_OID_HEXSZ - 1` we will call `memset` with an out of bounds
pointer and a length of 0. While this seems to cause no problems
for common platforms the C89 standard does not explicitly state
that calling `memset` with an out of bounds pointer and
length of 0 is valid.
Fix the potential issue by using the newly introduced
`git_oid__cpy_prefix` function.
|
|
e126bc95
|
2016-03-01T14:40:17
|
|
config_file: handle missing quotation marks in section header
When parsing a section header we expect something along the
format of '[section "subsection"]'. When a section is
mal-formated and is entirely missing its quotation marks we catch
this case by observing that `strchr(line, '"') - strrchr(line,
'"') = NULL - NULL = 0` and error out. Unfortunately, the error
message is misleading though, as we state that we are missing the
closing quotation mark while we in fact miss both quotation
marks.
Improve the error message by explicitly checking if the first
quotation mark could be found and, if not, stating that quotation
marks are completely missing.
|
|
345758ad
|
2016-03-01T14:24:09
|
|
describe: handle error code returned by git_pqueue_insert
|
|
997c67da
|
2016-03-09T18:12:34
|
|
Merge pull request #3670 from libgit2/vmg/expand-fixes
Fixes for `gid_odb_expand_ids`
|
|
1bbcb2b2
|
2016-03-09T17:47:53
|
|
odb: Try to lookup headers in all backends before passthrough
|
|
e78d2ac9
|
2016-03-09T16:41:08
|
|
odb: Refactor `git_odb_expand_ids`
|
|
4416aa77
|
2016-03-09T11:29:46
|
|
odb: Implement new helper to read types without refreshing
|
|
d50fd571
|
2016-03-09T11:16:16
|
|
mwindow: free unused windows if we fail to mmap
The first time may be due to memory fragmentation or just bad luck on a
32-bit system. When we hit the mmap error for the first time, free up
the unused windows and try again.
|
|
9a786650
|
2016-03-09T11:00:27
|
|
odb: Handle corner cases in `git_odb_expand_ids`
The old implementation had two issues:
1. OIDs that were too short as to be ambiguous were not being handled
properly.
2. If the last OID to expand in the array was missing from the ODB, we
would leak a `GIT_ENOTFOUND` error code from the function.
|
|
c68044a8
|
2016-03-08T21:17:38
|
|
Merge pull request #3656 from ethomson/exists_prefixes
Introduce `git_odb_expand_ids`
|
|
62484f52
|
2016-03-08T14:09:55
|
|
git_odb_expand_ids: accept git_odb_expand_id array
Take (and write to) an array of a struct, `git_odb_expand_id`.
|
|
4b1f0f79
|
2016-03-08T11:44:21
|
|
git_odb_expand_ids: rename func, return the type
|
|
b7809b84
|
2016-03-08T13:38:55
|
|
Merge pull request #3555 from cbargren/ssh-git-protocols
Support for ssh+git and git+ssh protocols
|
|
47cb42da
|
2016-03-03T22:56:02
|
|
commit: split creating the commit and writing it out
Sometimes you want to create a commit but not write it out to the
objectdb immediately. For these cases, provide a new function to
retrieve the buffer instead of having to go through the db.
|
|
6c04269c
|
2016-03-04T00:50:35
|
|
git_odb_exists_many_prefixes: query odb for multiple short ids
Query the object database for multiple objects at a time, given their
object ID (which may be abbreviated) and optional type.
|
|
e10144ae
|
2016-03-04T01:18:30
|
|
odb: improved not found error messages
When looking up an abbreviated oid, show the actual (abbreviated) oid
the caller passed instead of a full (but ambiguously truncated) oid.
|
|
ea5bf6bb
|
2016-03-04T12:34:38
|
|
treebuilder: don't try to verify submodules exist in the odb
Submodules don't exist in the objectdb and the code is making us try to
look for a blob with its commit id, which is obviously not going to
work.
Skip the test if the user wants to insert a submodule.
|
|
22f3d3aa
|
2016-03-03T22:26:31
|
|
ssh: initialize libssh2
We should have been doing this, but it initializes itself upon first
use, which works as long as nobody's doing concurrent network
operations. Initialize it on our init to make sure it's not getting
initialized concurrently.
|
|
66a530eb
|
2016-03-03T20:11:18
|
|
Merge pull request #3648 from libgit2/cmn/auth-retry
test: make sure we retry the auth callback on all platforms
|
|
778fb695
|
2016-03-03T12:14:02
|
|
Merge pull request #3646 from pks-t/pks/xdiff-fix-from-upstream
xdiff: fix memleak on error case
|
|
a4cba9d4
|
2016-03-03T10:48:24
|
|
winhttp: retry authentication
If the caller has provided bad authentication, give them another
apportunity to get it right until they give up. This brings WinHTTP in
line with the other transports.
|
|
edaffe22
|
2016-03-01T17:16:27
|
|
Merge pull request #3633 from ethomson/safe_creation
Stricter object dependency checking during creation
|
|
a4ea7faa
|
2016-03-01T08:54:00
|
|
xdiff: fix memleak on error case
Commit 3d1abc5afce fixes a memory leak in the xdiff code. In the
process of upstreaming the fix it was pointed out by Johannes
Schindelin that there is another memory leak present (see [1]).
Fix the second memory leak by applying the upstream fix to our
code base.
[1]: http://thread.gmane.org/gmane.comp.version-control.git/287034
|
|
dbee6835
|
2016-02-28T20:13:24
|
|
Merge pull request #3567 from sba1/few-p_getaddrinfo-fixes
Few p_getaddrinfo fixes
|
|
f2dddf52
|
2016-02-28T15:51:38
|
|
turn on strict object validation by default
|
|
98c34149
|
2016-02-28T15:11:15
|
|
refs: honor strict object creation
|
|
3ef01e77
|
2016-02-28T14:37:37
|
|
git_object__is_valid: use `odb_read_header`
This allows lighter weight validation in `git_object__is_valid` that
does not require reading the entire object.
|
|
6ddf533a
|
2016-02-23T18:29:16
|
|
git_index_add: validate objects in index entries (optionally)
When `GIT_OPT_ENABLE_STRICT_OBJECT_CREATION` is turned on, validate
the index entries given to `git_index_add`.
|
|
2bbc7d3e
|
2016-02-23T15:00:27
|
|
treebuilder: validate tree entries (optionally)
When `GIT_OPT_ENABLE_STRICT_OBJECT_CREATION` is turned on, validate
the tree and parent ids given to treebuilder insertion.
|
|
ef63bab3
|
2016-02-23T13:34:35
|
|
git_commit: validate tree and parent ids
When `GIT_OPT_ENABLE_STRICT_OBJECT_CREATION` is turned on, validate
the tree and parent ids given to commit creation functions.
|
|
7565dc65
|
2016-02-23T13:33:10
|
|
git_object__is_valid: simple object validity test
|
|
22a19f5b
|
2016-02-22T23:46:50
|
|
git_libgit2_opts: introduce `GIT_OPT_ENABLE_STRICT_OBJECT_CREATION`
|
|
6cc4bac8
|
2016-02-28T11:31:10
|
|
Merge pull request #3577 from rossdylan/rossdylan/pooldebug
Add a new build flag to disable the pool allocator
|
|
93e16642
|
2016-02-26T12:51:13
|
|
Fixed typo in one of the ifndef's in pool.h used to enable/disable debug mode
|
|
9f4e7c84
|
2016-02-25T18:42:09
|
|
Merge pull request #3638 from ethomson/nsec
USE_NSECS fixes
|
|
0d9a7498
|
2016-02-25T12:09:49
|
|
Merge pull request #3628 from pks-t/pks/coverity-fixes
Coverity fixes
|
|
fd129f28
|
2016-02-25T11:59:00
|
|
Merge pull request #3630 from libgit2/cmn/idx-extra-check
Extra checks for packfile indices
|
|
3d6a42d1
|
2016-02-25T11:23:19
|
|
nsec: support NDK's crazy nanoseconds
Android NDK does not have a `struct timespec` in its `struct stat`
for nanosecond support, instead it has a single nanosecond member inside
the struct stat itself. We will use that and use a macro to expand to
the `st_mtim` / `st_mtimespec` definition on other systems (much like
the existing `st_mtime` backcompat definition).
|
|
6d97beb9
|
2016-02-25T15:46:59
|
|
pack: don't allow a negative offset
|
|
ea9e00cb
|
2016-02-23T18:15:43
|
|
pack: make sure we don't go out of bounds for extended entries
A corrupt index might have data that tells us to go look past the end of
the file for data. Catch these cases and return an appropriate error
message.
|
|
68ad3156
|
2016-02-24T17:17:57
|
|
openssl: we already had the function, just needed the header
|
|
f3d1be7d
|
2016-02-24T16:38:22
|
|
openssl: export the locking function when building without OpenSSL
This got lost duing the move and it lets the users call this function
just in case.
|
|
04c3b35f
|
2016-02-23T13:02:07
|
|
map: use `giterr_set` internally
Use the `giterr_set` function, which actually supports `GITERR_OS`.
The `giterr_set_str` function is exposed for external users and will
not append the operating system's error message.
|
|
32f07984
|
2016-02-23T11:07:03
|
|
diff_tform: fix potential NULL pointer access
The `normalize_find_opts` function in theory allows for the
incoming diff to have no repository. When the caller does not
pass in diff find options or if the GIT_DIFF_FIND_BY_CONFIG value
is set, though, we try to derive the configuration from the
diff's repository configuration without first verifying that the
repository is actually set to a non-NULL value.
Fix this issue by explicitly checking if the repository is set
and if it is not, fall back to a default value of
GIT_DIFF_FIND_RENAMES.
|
|
3d1abc5a
|
2016-02-22T17:13:23
|
|
xmerge: fix memory leak on error path
|
|
05bf67b9
|
2016-02-23T11:16:36
|
|
openssl_stream: fix NULL pointer dereference
|
|
2baf854e
|
2016-02-22T16:08:56
|
|
openssl_stream: fix memory leak when creating new stream
|
|
2afb6fa4
|
2016-02-22T16:05:13
|
|
rebase: plug memory leak in `rebase_alloc`
Convert `rebase_alloc` to use our usual error propagation
patterns, that is accept an out-parameter and return an error
code that is to be checked by the caller. This allows us to use
the GITERR_CHECK_ALLOC macro, which helps static analysis.
|
|
d0cb11e7
|
2016-02-22T16:01:03
|
|
remote: set error code in `create_internal`
Set the error code when an error occurs in any of the called
functions. This ensures we pass the error up to callers and
actually free the remote when an error occurs.
|
|
0f1e2d20
|
2016-02-23T11:23:26
|
|
index: fix contradicting comparison
The overflow check in `read_reuc` tries to verify if the
`git__strtol32` parses an integer bigger than UINT_MAX. The `tmp`
variable is casted to an unsigned int for this and then checked
for being greater than UINT_MAX, which obviously can never be
true.
Fix this by instead fixing the `mode` field's size in `struct
git_index_reuc_entry` to `uint32_t`. We can now parse the int
with `git__strtol64`, which can never return a value bigger than
`UINT32_MAX`, and additionally checking if the returned value is
smaller than zero.
We do not need to handle overflows explicitly here, as
`git__strtol64` returns an error when the returned value would
overflow.
|
|
7808c937
|
2016-02-22T15:59:15
|
|
index: plug memory leak in `read_conflict_names`
|
|
003c5e46
|
2016-02-22T15:52:49
|
|
transports: smart_pkt: fix memory leaks on error paths
|
|
793e0855
|
2016-02-22T14:06:48
|
|
refdb_fs: remove unnecessary check for NULL
The fail-label of `reflog_parse` explicitly checks the entry
poitner for NULL before freeing it. When we jump to the label the
variable has to be set to a non-NULL and valid pointer though: if
the allocation fails we immediately return with an error code and
if the loop was not entered we return with a success code,
withouth executing the label's code.
Remove the useless NULL-check to silence Coverity.
|
|
be8479c9
|
2016-02-22T14:01:50
|
|
diff_print: assert patch is non-NULL
When invoking `diff_print_info_init_frompatch` it is obvious that
the patch should be non-NULL. We explicitly check if the variable
is set and continue afterwards, happily dereferencing the
potential NULL-pointer.
Fix this by instead asserting that patch is set. This also
silences Coverity.
|
|
bac52ab0
|
2016-02-22T13:48:45
|
|
pack-objects: return early when computing write order fails
The function `compute_write_order` may return a `NULL`-pointer
when an error occurs. In such cases we jump to the `done`-label
where we try to clean up allocated memory. Unfortunately we try
to deallocate the `write_order` array, though, which may be NULL
here.
Fix this error by returning early instead of jumping to the
`done` label. There is no data to be cleaned up anyway.
|
|
d1c9a48d
|
2016-02-23T10:45:09
|
|
pack-objects: check realloc in try_delta with GITERR_CHECK_ALLOC
|
|
2129d6df
|
2016-02-22T13:33:48
|
|
crlf: do not ignore GIT_PASSTHROUGH error
When no payload is set for `crlf_apply` we try to compute the
crlf attributes ourselves with `crlf_check`. When the function
determines that the current file does not require any treatment
we return the GIT_PASSTHROUGH error code without actually
allocating the out-pointer, which indicates the file should not
be passed through the filter.
The `crlf_apply` function explicitly checks for the
GIT_PASSTHROUGH return code and ignores it. This means we will
try to apply the crlf-filter to the current file, leading us to
dereference the unallocated payload-pointer.
Fix this obviously incorrect behavior by not treating
GIT_PASSTHROUGH in any special way. This is the correct thing to
do anyway, as the code indicates that the file should not be
passed through the filter.
|
|
b9f28b8d
|
2016-02-23T10:09:03
|
|
refspec: check buffer with GITERR_CHECK_ALLOC_BUF
|
|
c5bd70d1
|
2016-02-23T11:48:30
|
|
revwalk: use GITERR_CHECK_ALLOC_BUF
|
|
6e2a3755
|
2016-02-23T11:45:43
|
|
smart_pkt: check buffer with GITERR_CHECK_ALLOC_BUF
|
|
42c05ed5
|
2016-02-23T10:02:44
|
|
path: use GITERR_CHECK_ALLOC_BUF to verify passed in buffer
|
|
859ed5dd
|
2016-02-23T09:54:26
|
|
common: introduce GITERR_CHECK_ALLOC_BUF
We commonly have to check if a git_buf has been allocated
correctly or if we ran out of memory. Introduce a new macro
similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if
so returns an error. Provide a `#nodef` for Coverity to mark the
error case as an abort path.
|