kmx git

Commit	Date	Message
39ba0ee6	2021-06-04T18:25:19	zlib: slide_hash: add MSAN annotation to suppress known read from uninitialised memory slide_hash knowingly reads (possibly) uninitialised memory, see comment lower down about prev[n] potentially being garbage. In this case, the result is never used - so we don't care about MSAN complaining about this read. By adding the no_sanitize("memory") attribute, clients of zlib won't see this (unnecessary) error when building and running with MemorySanitizer. An alternative approach is for clients to build zlib with -fsanitize-ignorelist=... where the ignorelist contains something like 'fun:slide_hash'. But that's more work and needs to be redone for any and all CI systems running a given project with MSAN. Adding this annotation to zlib's sources is overall more convenient - but also won't affect non-MSAN builds. This specific issue was found while running git's test suite, but has also been reported by other clients, see e.g. #518.
2db6cdcd	2022-07-06T09:50:55	zlib: updated bundled zlib to v1.2.12
3a197ea7	2020-06-27T12:33:32	Make the tests pass cleanly with MemorySanitizer This change: * Initializes a few variables that were being read before being initialized. * Includes https://github.com/madler/zlib/pull/393. As such, it only works reliably with `-DUSE_BUNDLED_ZLIB=ON`.
4c5330cb	2018-03-07T10:33:41	deps: upgrade embedded zlib to version 1.2.11 The current version of zlib bundled with libgit2 is version 1.2.8. This version has several CVEs assigned: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9840 Upgrade the bundled version to the current release 1.2.11, which has these vulnerabilities fixes.
4ca2d7e4	2014-06-11T16:10:00	Update zlib to 1.2.8
ab6a3d3d	2011-03-15T03:25:44	Add ZLib as a built-in dependency I don't know if this is good or bad. This lets libgit2 compile cleanly on any platforms without any external dependencies, but adds a little bit of bloat... Let's test this out and see what happens.

39ba0ee6

2021-06-04T18:25:19

zlib: slide_hash: add MSAN annotation to suppress known read from uninitialised memory slide_hash knowingly reads (possibly) uninitialised memory, see comment lower down about prev[n] potentially being garbage. In this case, the result is never used - so we don't care about MSAN complaining about this read. By adding the no_sanitize("memory") attribute, clients of zlib won't see this (unnecessary) error when building and running with MemorySanitizer. An alternative approach is for clients to build zlib with -fsanitize-ignorelist=... where the ignorelist contains something like 'fun:slide_hash'. But that's more work and needs to be redone for any and all CI systems running a given project with MSAN. Adding this annotation to zlib's sources is overall more convenient - but also won't affect non-MSAN builds. This specific issue was found while running git's test suite, but has also been reported by other clients, see e.g. #518.

2db6cdcd

2022-07-06T09:50:55

zlib: updated bundled zlib to v1.2.12

3a197ea7

2020-06-27T12:33:32

Make the tests pass cleanly with MemorySanitizer This change: * Initializes a few variables that were being read before being initialized. * Includes https://github.com/madler/zlib/pull/393. As such, it only works reliably with `-DUSE_BUNDLED_ZLIB=ON`.

4c5330cb

2018-03-07T10:33:41

deps: upgrade embedded zlib to version 1.2.11 The current version of zlib bundled with libgit2 is version 1.2.8. This version has several CVEs assigned: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9840 Upgrade the bundled version to the current release 1.2.11, which has these vulnerabilities fixes.

4ca2d7e4

2014-06-11T16:10:00

Update zlib to 1.2.8

ab6a3d3d

2011-03-15T03:25:44

Add ZLib as a built-in dependency I don't know if this is good or bad. This lets libgit2 compile cleanly on any platforms without any external dependencies, but adds a little bit of bloat... Let's test this out and see what happens.

thodg/libgit2/deps/zlib/deflate.c

deps/zlib/deflate.c

Log