|
2db6cdcd
|
2022-07-06T09:50:55
|
|
zlib: updated bundled zlib to v1.2.12
|
|
39ba0ee6
|
2021-06-04T18:25:19
|
|
zlib: slide_hash: add MSAN annotation to suppress known read from uninitialised memory
slide_hash knowingly reads (possibly) uninitialised memory, see comment
lower down about prev[n] potentially being garbage. In this case, the
result is never used - so we don't care about MSAN complaining about
this read.
By adding the no_sanitize("memory") attribute, clients of zlib won't
see this (unnecessary) error when building and running with
MemorySanitizer. An alternative approach is for clients to build zlib
with -fsanitize-ignorelist=... where the ignorelist contains something
like 'fun:slide_hash'. But that's more work and needs to be redone
for any and all CI systems running a given project with MSAN. Adding
this annotation to zlib's sources is overall more convenient - but
also won't affect non-MSAN builds.
This specific issue was found while running git's test suite, but has
also been reported by other clients, see e.g. #518.
|
|
3a197ea7
|
2020-06-27T12:33:32
|
|
Make the tests pass cleanly with MemorySanitizer
This change:
* Initializes a few variables that were being read before being
initialized.
* Includes https://github.com/madler/zlib/pull/393. As such,
it only works reliably with `-DUSE_BUNDLED_ZLIB=ON`.
|
|
4c5330cb
|
2018-03-07T10:33:41
|
|
deps: upgrade embedded zlib to version 1.2.11
The current version of zlib bundled with libgit2 is version 1.2.8. This
version has several CVEs assigned:
- CVE-2016-9843
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9840
Upgrade the bundled version to the current release 1.2.11, which has
these vulnerabilities fixes.
|
|
4ca2d7e4
|
2014-06-11T16:10:00
|
|
Update zlib to 1.2.8
|
|
ab6a3d3d
|
2011-03-15T03:25:44
|
|
Add ZLib as a built-in dependency
I don't know if this is good or bad. This lets libgit2 compile cleanly
on any platforms without any external dependencies, but adds a little
bit of bloat...
Let's test this out and see what happens.
|