kmx git

Commit	Date	Message
f673e232	2018-12-27T13:47:34	git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.
52f859fd	2018-11-09T19:32:08	signature: fix out-of-bounds read when parsing timezone offset When parsing a signature's timezone offset, we first check whether there is a timezone at all by verifying that there are still bytes left to read following the time itself. The check thus looks like `time_end + 1 < buffer_end`, which is actually correct in this case. After setting the timezone's start pointer to that location, we compute the remaining bytes by using the formula `buffer_end - tz_start + 1`, re-using the previous `time_end + 1`. But this is in fact missing the braces around `(tz_start + 1)`, thus leading to an overestimation of the remaining bytes by a length of two. In case of a non-NUL terminated buffer, this will result in an overflow. The function `git_signature__parse` is only used in two locations. First is `git_signature_from_buffer`, which only accepts a string without a length. The string thus necessarily has to be NUL terminated and cannot trigger the issue. The other function is `git_commit__parse_raw`, which can in fact trigger the error as it may receive non-NUL terminated commit data. But as objects read from the ODB are always NUL-terminated by us as a cautionary measure, it cannot trigger the issue either. In other words, this error does not have any impact on security.
3db9aa6f	2018-10-18T11:32:48	signature: avoid out-of-bounds reads when parsing signature dates We use `git__strtol64` and `git__strtol32` to parse the trailing commit or author date and timezone of signatures. As signatures are usually part of a commit or tag object and thus essentially untrusted data, the buffer may be misformatted and may not be `NUL` terminated. This may lead to an out-of-bounds read. Fix the issue by using `git__strntol64` and `git__strntol32` instead.
9994cd3f	2018-06-25T11:56:52	treewide: remove use of C++ style comments C++ style comment ("//") are not specified by the ISO C90 standard and thus do not conform to it. While libgit2 aims to conform to C90, we did not enforce it until now, which is why quite a lot of these non-conforming comments have snuck into our codebase. Do a tree-wide conversion of all C++ style comments to the supported C style comments to allow us enforcing strict C90 compliance in a later commit.
56303e1a	2018-05-07T11:59:00	mailmap: API and style cleanup
8ff0504d	2018-04-08T03:01:14	mailmap: Rewrite API to support accurate mailmap resolution
18ff9bab	2018-03-27T22:48:03	mailmap: API and style cleanup
57cfeab9	2018-03-26T15:05:37	mailmap: Switch mailmap parsing to use the git_parse module
e3dcaca5	2018-03-17T18:15:01	mailmap: Integrate mailmaps with blame and signatures
f063dafb	2017-11-12T10:56:50	signature: distinguish +0000 and -0000 UTC offsets Git considers '-0000' a valid offset for signature lines. They need to be treated as _not_ equal to a '+0000' signature offset. Parsing a signature line stores the offset in a signed integer which does not distinguish between `+0` and `-0`. This patch adds an additional flag `sign` to the `git_time` in the `signature` object which is populated with the sign of the offset. In addition to exposing this information to the user, this information is also used to compare signatures. /cc @pks-t @ethomson
1560b580	2017-08-15T10:35:47	Merge pull request #4288 from pks-t/pks/include-fixups Include fixups
d1dbb3ae	2017-07-12T07:40:16	signature: don't leave a dangling pointer to the strings on parse failure If the signature is invalid but we detect that after allocating the strings, we free them. We however leave that pointer dangling in the structure the caller gave us, which can lead to double-free. Set these pointers to `NULL` after freeing their memory to avoid this.
0c7f49dd	2017-06-30T13:39:01	Make sure to always include "common.h" first Next to including several files, our "common.h" header also declares various macros which are then used throughout the project. As such, we have to make sure to always include this file first in all implementation files. Otherwise, we might encounter problems or even silent behavioural differences due to macros or defines not being defined as they should be. So in fact, our header and implementation files should make sure to always include "common.h" first. This commit does so by establishing a common include pattern. Header files inside of "src" will now always include "common.h" as its first other file, separated by a newline from all the other includes to make it stand out as special. There are two cases for the implementation files. If they do have a matching header file, they will always include this one first, leading to "common.h" being transitively included as first file. If they do not have a matching header file, they instead include "common.h" as first file themselves. This fixes the outlined problems and will become our standard practice for header and source files inside of the "src/" from now on.
34c13106	2017-05-01T21:32:24	signature: free dup'd buffers on parse error
909d5494	2016-12-29T12:25:15	giterr_set: consistent error messages Error messages should be sentence fragments, and therefore: 1. Should not begin with a capital letter, 2. Should not conclude with punctuation, and 3. Should not end a sentence and begin a new one
23c9ff86	2016-12-17T17:33:13	Fix off-by-one problems in git_signature__parse Etc/GMT-14 aka UTC+14:00 is a thing.... https://en.wikipedia.org/wiki/UTC%2B14:00 Also allow offsets on the last minute (59). Addresses: https://bugs.debian.org/841532 Fixes: #3970
d383c39b	2016-04-28T12:47:14	Introduce `git_signature_from_buffer` Allow users to construct a signature from the type of signature lines that actually appear in commits.
038d7af0	2016-02-15T11:30:48	signature: use GITERR_CHECK_ALLOC to check for OOM situation When checking for out of memory situations we usually use the GITERR_CHECK_ALLOC macro. Besides conforming to our current code base it adds the benefit of silencing errors in Coverity due to Coverity handling the macro's error path as abort.
307c4a2b	2015-10-21T11:58:44	signature: Strip crud just like Git does
a35a9890	2014-07-17T18:25:03	Introduce git_rebase_commit Commit the current patch of a rebase process.
bdeb8772	2014-06-28T07:29:46	signature: add a dup function which takes a pool This will be used by the transaction code.
76e3c43f	2014-09-10T18:13:34	signature: don't allow empty emails A signature is made up of a non-empty name and a non-empty email so let's validate that. This also brings us more in line with git, which also rejects ident with an empty email.
ac99d86b	2014-05-07T11:34:32	repository: introduce a convenience config snapshot method Accessing the repository's config and immediately taking a snapshot of it is a common operation, so let's provide a convenience function for it.
29c4cb09	2014-03-15T03:53:36	Use config snapshotting This way we can assume we have a consistent view of the config situation when we're looking up remote, branch, pack-objects, etc.
80c29fe9	2014-01-17T10:45:11	Add git_commit_amend API This adds an API to amend an existing commit, basically a shorthand for creating a new commit filling in missing parameters from the values of an existing commit. As part of this, I also added a new "sys" API to create a commit using a callback to get the parents. This allowed me to rewrite all the other commit creation APIs so that temporary allocations are no longer needed.
29be3a6d	2014-01-14T21:33:35	Align git_signature_dup. This changes git_signature_dup to actually honor oom conditions raised by the call to git__strdup. It also aligns it with the error code return pattern used everywhere else.
b20c40a8	2013-11-12T19:02:28	Don't leak memory when duplicating a NULL signature
ce23330f	2013-08-16T14:34:51	Add new git_signature_default API using config This adds a new API for creating a signature that uses the config to look up "user.name" and "user.email".
93da7af7	2013-06-12T14:52:47	Merge pull request #1642 from arrbee/diff-function-context Diff code reorg plus function context in diff headers
24ec6999	2013-06-11T10:48:00	signature: extend trimming to more whitespace There are all sorts of misconfiguration in the wild. We already rely on the signature constructor to trim SP. Extend the logic to use `isspace` to decide whether a character should be trimmed.
114f5a6c	2013-06-10T10:10:39	Reorganize diff and add basic diff driver This is a significant reorganization of the diff code to break it into a set of more clearly distinct files and to document the new organization. Hopefully this will make the diff code easier to understand and to extend. This adds a new `git_diff_driver` object that looks of diff driver information from the attributes and the config so that things like function content in diff headers can be provided. The full driver spec is not implemented in the commit - this is focused on the reorganization of the code and putting the driver hooks in place. This also removes a few #includes from src/repository.h that were overbroad, but as a result required extra #includes in a variety of places since including src/repository.h no longer results in pulling in the whole world.
dc33b3d7	2013-06-02T02:13:45	Don't bail on parsing commits with an invalid timezone git doesn't do that, and it's not something that's usually actionable to fix. if you have a git repository with one bad timezone in the history, it's too late to change it most likely.
1fed6b07	2013-05-13T21:57:37	Fix trailing whitespaces
f0ab7372	2013-05-15T17:51:57	signature: Lenient when dupping, strict when creating
9e46f676	2013-04-18T00:55:20	Return error for empty name/email
cf80993a	2013-02-20T18:46:10	signature: Small cleanup
41051e3f	2013-02-20T17:09:51	signature: Shut up MSVC, you silly goose
c51880ee	2013-02-20T17:03:18	Simplify signature parsing
965e4e2d	2013-01-21T13:19:41	Parse commit time as uint64_t to avoid overflow The commit time is already stored as a git_time_t, but we were parsing is as a uint32_t. This just switches the parser to use uint64_t which will handle dates further in the future (and adds some tests of those future dates).
359fc2d2	2013-01-08T17:07:25	update copyrights
de70aea6	2012-12-03T12:41:50	Remove GIT_SIGNATURE_VERSION and friends
4ec197f3	2012-11-30T12:52:42	Deploy GIT_SIGNATURE_INIT
b97c169e	2012-09-04T10:01:18	Fix MSVC compilation warnings
d03d309b	2012-08-28T18:02:12	signature: make the OS give us the offset for git_signature_now There is a better and less fragile way to calculate time offsets. Let the OS take care of dealing with DST and simply take the the offset between the local time and UTC that it gives us.
8aedf1d5	2012-07-05T17:02:03	signature: prevent angle bracket usage in identity
9ecf860d	2012-06-06T13:24:25	Rename posix wrappers with 'p_' prefix.
56a5000d	2012-06-05T12:52:44	Merge branch 'development' into rev-parse Conflicts: src/util.h tests-clar/refs/branches/listall.c
e172cf08	2012-05-18T01:21:06	errors: Rename the generic return codes
1ce4cc01	2012-05-15T15:41:05	Fix date.c build in msvc. Ported the win32 implementations of gmtime_r, localtime_r, and gettimeofday to be part of the posix compatibility layer, and fixed git_signature_now to use them.
44ef8b1b	2012-04-13T13:00:10	Fix warnings on 64-bit windows builds This fixes all the warnings on win64 except those in deps, which come from the regex code.
a4c291ef	2012-03-20T21:57:38	Convert reflog to new errors Cleaned up some other issues.
4aa7de15	2012-03-19T17:49:46	Convert indexer, notes, sha1_lookup, and signature More files moved to new error handling style.
5e0de328	2012-02-13T17:10:24	Update Copyright header Signed-off-by: schu <schu-github@schulog.org>
97769280	2011-11-30T11:27:15	Use git_buf for path storage instead of stack-based buffers This converts virtually all of the places that allocate GIT_PATH_MAX buffers on the stack for manipulating paths to use git_buf objects instead. The patch is pretty careful not to touch the public API for libgit2, so there are a few places that still use GIT_PATH_MAX. This extends and changes some details of the git_buf implementation to add a couple of extra functions and to make error handling easier. This includes serious alterations to all the path.c functions, and several of the fileops.c ones, too. Also, there are a number of new functions that parallel existing ones except that use a git_buf instead of a stack-based buffer (such as git_config_find_global_r that exists alongsize git_config_find_global). This also modifies the win32 version of p_realpath to allocate whatever buffer size is needed to accommodate the realpath instead of hardcoding a GIT_PATH_MAX limit, but that change needs to be tested still.
3286c408	2011-10-28T14:51:13	global: Properly use `git__` memory wrappers Ensure that all memory related functions (malloc, calloc, strdup, free, etc) are using their respective `git__` wrappers.
6f2856f3	2011-10-05T15:17:37	signature: don't blow up trying to parse names containing '>' When trying to find the end of an email, instead of starting at the beginning of the signature, we start at the end of the name (after the first '<'). This brings libgit2 more in line with Git's behavior when reading out existing signatures. However, note that Git does not allow names like these through the usual porcelain; instead, it silently strips any '>' characters it sees.
ad196c6a	2011-09-21T23:17:39	config: make git_config_[get\|set]_long() able to properly deal with 8 bytes wide values Should fix issue #419. Signed-off-by: nulltoken <emeric.fermas@gmail.com>
71a4c1f1	2011-09-18T20:07:59	Merge pull request #384 from kiryl/warnings Add more -W flags to CFLAGS
bb742ede	2011-09-19T01:54:32	Cleanup legal data 1. The license header is technically not valid if it doesn't have a copyright signature. 2. The COPYING file has been updated with the different licenses used in the project. 3. The full GPLv2 header in each file annoys me.
784b3b49	2011-09-12T23:44:39	Fixed typo in example Makefile code and slimmed it down more. Reverted signature of git_signature_new. Removed error check wrappers (voted down). Made Makefile work out of the box on Linux and Solaris when standard cmake build instructions for the library are followed.
0251733e	2011-09-12T23:39:47	Changes to allow examples/*.c to compile and link. This required on change to the signature of an API function (git_signature_new). Also, the examples/general.c had a lot of unchecked return values which were addresed with a couple of macros. The resulting example still does not work correctly but at least now it fails with an error message rather than not compiling or dumping core. Example runtime issues may be addressed in a later commit.
d568d585	2011-08-30T23:55:22	CMakefile: add -Wmissing-prototypes and fix warnings Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
63396a39	2011-08-03T15:57:33	signature: adjust API to return error codes git_signature_new() and git_signature_now() currently don't return error codes. Change the API to return error codes and not pointers to let the user handle errors properly. Signed-off-by: schu <schu-github@schulog.org>
5274c31a	2011-08-03T01:17:31	signature.c: fix off-by-one error Signed-off-by: schu <schu-github@schulog.org>
7757be33	2011-07-10T07:48:52	reflog: Fix reflog writer/reader - Use a space to separate oids and signature - Enforce test coverage - Make test run in a temporary folder in order not to alter the test repository
6727e300	2011-06-19T23:06:53	git_signature__write: make header optionally Signed-off-by: schu <schu-github@schulog.org>
afeecf4f	2011-07-09T02:10:46	odb: Direct writes are back DIRECT WRITES ARE BACK AND FASTER THAN EVER. The streaming writer to the ODB was an overkill for the smaller objects like Commit and Tags; most of the streaming logic was taking too long. This commit makes Commits, Tags and Trees to be built-up in memory, and then written to disk in 2 pushes (header + data), instead of streaming everything. This is always faster, even for big files (since the git_filebuf class still does streaming writes when the memory cache overflows). This is also a gazillion lines of code smaller, because we don't have to precompute the final size of the object before starting the stream (this was kind of defeating the point of streaming, anyway). Blobs are still written with full streaming instead of loading them in memory, since this is still the fastest way. A new `git_buf` class has been added. It's missing some features, but it'll get there.
06c43821	2011-07-09T02:37:16	Remove unused methods The direct-writes commit left some (slow) internals methods that were no longer needed. These have been removed. Also, the Reflog code was using the old `git_signature__write`, so it has been rewritten to use a normal buffer and the new `writebuf` signature writer. It's now slightly simpler and faster.
d483a911	2011-07-08T18:31:05	signature: Fix optional header
9f86ec52	2011-07-05T02:28:18	signature: Fix warnings Add extra braces to avoid ambiguous if-else. Also, free() doesn't need a check.
a01acc47	2011-07-03T14:03:43	signature: straighten the creation of a signature - Fails on empty name and/or email - Trims leading and trailing spaces of name and email
42a1b5e1	2011-07-01T17:59:10	signature: enhance relaxed parsing of bogus signatures Final fix for issue #278
8b2c913a	2011-06-29T14:48:09	git_signature__parse: make parsing less strict git_signature__parse used to be very strict about what's a well-formed signature. Since git_signature__parse is used only when reading already existing signatures, we should not care about if it's a valid signature too much but rather show what we got. Reported-by: nulltoken <emeric.fermas@gmail.com> Signed-off-by: schu <schu-github@schulog.org>
932d1baf	2011-06-30T19:52:34	cleanup: remove trailing spaces Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
5f25149e	2011-06-28T22:04:27	sig: allow empty names Signed-off-by: Carlos Martín Nieto <carlos@cmartin.tk>
e053c911	2011-06-28T19:52:41	commit: Allow spaces inside email addresses Core Git doesn't care when people use spaces in the email address, even though this kind of foolery receives the capital punishment in several states of the USA. We must obey.
fea400f8	2011-06-01T23:41:30	signature: Fix compilation
fbfc7580	2011-05-31T18:38:59	Fix tag and signature parsing Before this commit, malformed tag and signature were considered as valid by the parser. See the test t3800-mktag.sh of git to see example of malformed tag and signature.
00556496	2011-05-19T14:59:10	signature.c: Move to new error handling mechanism
5de24ec7	2011-05-10T17:38:41	Move signature.c to the new error handling Signed-off-by: Carlos Martín Nieto <cmn@elego.de>
53b7560b	2011-04-09T16:16:09	Fix `time_t` conversion on Win32
14eb94ee	2011-04-09T16:06:17	Fix `gmtime` issues in Win32
8416c9ad	2011-04-09T15:31:12	Rename `git_signature_new_now` The new name is more cool.
9e9e6ae1	2011-04-05T16:15:54	Add API git_signature_new_now Most tags will have a timestamp of whenever the code is running and dealing with time and timezones is error-prone. Optimize for this case by adding a function which causes the signature to be created with a current timestamp. Signed-off-by: Carlos Martín Nieto <cmn@elego.de>
076141a1	2011-04-07T14:38:03	Add a few malloc checks Add checks to see if malloc failed when allocating the tag members and signature members. Signed-off-by: Carlos Martín Nieto <cmn@elego.de>
c6e65aca	2011-04-09T15:22:11	Properly check `strtol` for errors We are now using a custom `strtol` implementation to make sure we're not missing any overflow errors.
720d5472	2011-04-02T12:42:04	Change `parse` methods to const buffer Signed-off-by: Vicent Marti <tanoku@gmail.com>
56d8ca26	2011-03-20T18:36:25	Switch from time_t to git_time_t git_time_t is defined as a signed 64 integer. This allows a true predictable multiplatform behavior.
72a3fe42	2011-03-18T19:38:49	I broke your bindings Hey. Apologies in advance -- I broke your bindings. This is a major commit that includes a long-overdue redesign of the whole object-database structure. This is expected to be the last major external API redesign of the library until the first non-alpha release. Please get your bindings up to date with these changes. They will be included in the next minor release. Sorry again! Major features include: - Real caching and refcounting on parsed objects - Real caching and refcounting on objects read from the ODB - Streaming writes & reads from the ODB - Single-method writes for all object types - The external API is now partially thread-safe The speed increases are significant in all aspects, specially when reading an object several times from the ODB (revwalking) and when writing big objects to the ODB. Here's a full changelog for the external API: blob.h ------ - Remove `git_blob_new` - Remove `git_blob_set_rawcontent` - Remove `git_blob_set_rawcontent_fromfile` - Rename `git_blob_writefile` -> `git_blob_create_fromfile` - Change `git_blob_create_fromfile`: The `path` argument is now relative to the repository's working dir - Add `git_blob_create_frombuffer` commit.h -------- - Remove `git_commit_new` - Remove `git_commit_add_parent` - Remove `git_commit_set_message` - Remove `git_commit_set_committer` - Remove `git_commit_set_author` - Remove `git_commit_set_tree` - Add `git_commit_create` - Add `git_commit_create_v` - Add `git_commit_create_o` - Add `git_commit_create_ov` tag.h ----- - Remove `git_tag_new` - Remove `git_tag_set_target` - Remove `git_tag_set_name` - Remove `git_tag_set_tagger` - Remove `git_tag_set_message` - Add `git_tag_create` - Add `git_tag_create_o` tree.h ------ - Change `git_tree_entry_2object`: New signature is `(git_object *object_out, git_repository repo, git_tree_entry entry)` - Remove `git_tree_new` - Remove `git_tree_add_entry` - Remove `git_tree_remove_entry_byindex` - Remove `git_tree_remove_entry_byname` - Remove `git_tree_clearentries` - Remove `git_tree_entry_set_id` - Remove `git_tree_entry_set_name` - Remove `git_tree_entry_set_attributes` object.h ------------ - Remove `git_object_new - Remove `git_object_write` - Change `git_object_close`: This method is now mandatory. Not closing an object causes a memory leak. odb.h ----- - Remove type `git_rawobj` - Remove `git_rawobj_close` - Rename `git_rawobj_hash` -> `git_odb_hash` - Change `git_odb_hash`: New signature is `(git_oid id, const void data, size_t len, git_otype type)` - Add type `git_odb_object` - Add `git_odb_object_close` - Change `git_odb_read`: New signature is `(git_odb_object out, git_odb db, const git_oid id)` - Change `git_odb_read_header`: New signature is `(size_t len_p, git_otype type_p, git_odb db, const git_oid id)` - Remove `git_odb_write` - Add `git_odb_open_wstream` - Add `git_odb_open_rstream` odb_backend.h ------------- - Change type `git_odb_backend`: New internal signatures are as follows int ( read)(void *, size_t , git_otype , struct git_odb_backend , const git_oid ) int ( read_header)(size_t , git_otype , struct git_odb_backend , const git_oid ) int (* writestream)(struct git_odb_stream *, struct git_odb_backend , size_t, git_otype) int (* readstream)( struct git_odb_stream *, struct git_odb_backend , const git_oid *) - Add type `git_odb_stream` - Add enum `git_odb_streammode` Signed-off-by: Vicent Marti <tanoku@gmail.com>
8ea7fbc0	2010-12-18T22:27:26	Fixed a nasty bug which was preventing correct generation of the signature.
638c2ca4	2010-12-18T02:10:25	Rename 'git_person' to 'git_signature' The new signature struct is public, and contains information about the timezone offset. Must be free'd manually by the user. Signed-off-by: Vicent Marti <tanoku@gmail.com>

f673e232

2018-12-27T13:47:34

git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.

52f859fd

2018-11-09T19:32:08

signature: fix out-of-bounds read when parsing timezone offset When parsing a signature's timezone offset, we first check whether there is a timezone at all by verifying that there are still bytes left to read following the time itself. The check thus looks like `time_end + 1 < buffer_end`, which is actually correct in this case. After setting the timezone's start pointer to that location, we compute the remaining bytes by using the formula `buffer_end - tz_start + 1`, re-using the previous `time_end + 1`. But this is in fact missing the braces around `(tz_start + 1)`, thus leading to an overestimation of the remaining bytes by a length of two. In case of a non-NUL terminated buffer, this will result in an overflow. The function `git_signature__parse` is only used in two locations. First is `git_signature_from_buffer`, which only accepts a string without a length. The string thus necessarily has to be NUL terminated and cannot trigger the issue. The other function is `git_commit__parse_raw`, which can in fact trigger the error as it may receive non-NUL terminated commit data. But as objects read from the ODB are always NUL-terminated by us as a cautionary measure, it cannot trigger the issue either. In other words, this error does not have any impact on security.

3db9aa6f

2018-10-18T11:32:48

signature: avoid out-of-bounds reads when parsing signature dates We use `git__strtol64` and `git__strtol32` to parse the trailing commit or author date and timezone of signatures. As signatures are usually part of a commit or tag object and thus essentially untrusted data, the buffer may be misformatted and may not be `NUL` terminated. This may lead to an out-of-bounds read. Fix the issue by using `git__strntol64` and `git__strntol32` instead.

9994cd3f

2018-06-25T11:56:52

treewide: remove use of C++ style comments C++ style comment ("//") are not specified by the ISO C90 standard and thus do not conform to it. While libgit2 aims to conform to C90, we did not enforce it until now, which is why quite a lot of these non-conforming comments have snuck into our codebase. Do a tree-wide conversion of all C++ style comments to the supported C style comments to allow us enforcing strict C90 compliance in a later commit.

56303e1a

2018-05-07T11:59:00

mailmap: API and style cleanup

8ff0504d

2018-04-08T03:01:14

mailmap: Rewrite API to support accurate mailmap resolution

18ff9bab

2018-03-27T22:48:03

mailmap: API and style cleanup

57cfeab9

2018-03-26T15:05:37

mailmap: Switch mailmap parsing to use the git_parse module

e3dcaca5

2018-03-17T18:15:01

mailmap: Integrate mailmaps with blame and signatures

f063dafb

2017-11-12T10:56:50

signature: distinguish +0000 and -0000 UTC offsets Git considers '-0000' a valid offset for signature lines. They need to be treated as _not_ equal to a '+0000' signature offset. Parsing a signature line stores the offset in a signed integer which does not distinguish between `+0` and `-0`. This patch adds an additional flag `sign` to the `git_time` in the `signature` object which is populated with the sign of the offset. In addition to exposing this information to the user, this information is also used to compare signatures. /cc @pks-t @ethomson

1560b580

2017-08-15T10:35:47

Merge pull request #4288 from pks-t/pks/include-fixups Include fixups

d1dbb3ae

2017-07-12T07:40:16

signature: don't leave a dangling pointer to the strings on parse failure If the signature is invalid but we detect that after allocating the strings, we free them. We however leave that pointer dangling in the structure the caller gave us, which can lead to double-free. Set these pointers to `NULL` after freeing their memory to avoid this.

0c7f49dd

2017-06-30T13:39:01

Make sure to always include "common.h" first Next to including several files, our "common.h" header also declares various macros which are then used throughout the project. As such, we have to make sure to always include this file first in all implementation files. Otherwise, we might encounter problems or even silent behavioural differences due to macros or defines not being defined as they should be. So in fact, our header and implementation files should make sure to always include "common.h" first. This commit does so by establishing a common include pattern. Header files inside of "src" will now always include "common.h" as its first other file, separated by a newline from all the other includes to make it stand out as special. There are two cases for the implementation files. If they do have a matching header file, they will always include this one first, leading to "common.h" being transitively included as first file. If they do not have a matching header file, they instead include "common.h" as first file themselves. This fixes the outlined problems and will become our standard practice for header and source files inside of the "src/" from now on.

34c13106

2017-05-01T21:32:24

signature: free dup'd buffers on parse error

909d5494

2016-12-29T12:25:15

giterr_set: consistent error messages Error messages should be sentence fragments, and therefore: 1. Should not begin with a capital letter, 2. Should not conclude with punctuation, and 3. Should not end a sentence and begin a new one

23c9ff86

2016-12-17T17:33:13

Fix off-by-one problems in git_signature__parse Etc/GMT-14 aka UTC+14:00 is a thing.... https://en.wikipedia.org/wiki/UTC%2B14:00 Also allow offsets on the last minute (59). Addresses: https://bugs.debian.org/841532 Fixes: #3970

d383c39b

2016-04-28T12:47:14

Introduce `git_signature_from_buffer` Allow users to construct a signature from the type of signature lines that actually appear in commits.

038d7af0

2016-02-15T11:30:48

signature: use GITERR_CHECK_ALLOC to check for OOM situation When checking for out of memory situations we usually use the GITERR_CHECK_ALLOC macro. Besides conforming to our current code base it adds the benefit of silencing errors in Coverity due to Coverity handling the macro's error path as abort.

307c4a2b

2015-10-21T11:58:44

signature: Strip crud just like Git does

a35a9890

2014-07-17T18:25:03

Introduce git_rebase_commit Commit the current patch of a rebase process.

bdeb8772

2014-06-28T07:29:46

signature: add a dup function which takes a pool This will be used by the transaction code.

76e3c43f

2014-09-10T18:13:34

signature: don't allow empty emails A signature is made up of a non-empty name and a non-empty email so let's validate that. This also brings us more in line with git, which also rejects ident with an empty email.

ac99d86b

2014-05-07T11:34:32

repository: introduce a convenience config snapshot method Accessing the repository's config and immediately taking a snapshot of it is a common operation, so let's provide a convenience function for it.

29c4cb09

2014-03-15T03:53:36

Use config snapshotting This way we can assume we have a consistent view of the config situation when we're looking up remote, branch, pack-objects, etc.

80c29fe9

2014-01-17T10:45:11

Add git_commit_amend API This adds an API to amend an existing commit, basically a shorthand for creating a new commit filling in missing parameters from the values of an existing commit. As part of this, I also added a new "sys" API to create a commit using a callback to get the parents. This allowed me to rewrite all the other commit creation APIs so that temporary allocations are no longer needed.

29be3a6d

2014-01-14T21:33:35

Align git_signature_dup. This changes git_signature_dup to actually honor oom conditions raised by the call to git__strdup. It also aligns it with the error code return pattern used everywhere else.

b20c40a8

2013-11-12T19:02:28

Don't leak memory when duplicating a NULL signature

ce23330f

2013-08-16T14:34:51

Add new git_signature_default API using config This adds a new API for creating a signature that uses the config to look up "user.name" and "user.email".

93da7af7

2013-06-12T14:52:47

Merge pull request #1642 from arrbee/diff-function-context Diff code reorg plus function context in diff headers

24ec6999

2013-06-11T10:48:00

signature: extend trimming to more whitespace There are all sorts of misconfiguration in the wild. We already rely on the signature constructor to trim SP. Extend the logic to use `isspace` to decide whether a character should be trimmed.

114f5a6c

2013-06-10T10:10:39

Reorganize diff and add basic diff driver This is a significant reorganization of the diff code to break it into a set of more clearly distinct files and to document the new organization. Hopefully this will make the diff code easier to understand and to extend. This adds a new `git_diff_driver` object that looks of diff driver information from the attributes and the config so that things like function content in diff headers can be provided. The full driver spec is not implemented in the commit - this is focused on the reorganization of the code and putting the driver hooks in place. This also removes a few #includes from src/repository.h that were overbroad, but as a result required extra #includes in a variety of places since including src/repository.h no longer results in pulling in the whole world.

dc33b3d7

2013-06-02T02:13:45

Don't bail on parsing commits with an invalid timezone git doesn't do that, and it's not something that's usually actionable to fix. if you have a git repository with one bad timezone in the history, it's too late to change it most likely.

1fed6b07

2013-05-13T21:57:37

Fix trailing whitespaces

f0ab7372

2013-05-15T17:51:57

signature: Lenient when dupping, strict when creating

9e46f676

2013-04-18T00:55:20

Return error for empty name/email

cf80993a

2013-02-20T18:46:10

signature: Small cleanup

41051e3f

2013-02-20T17:09:51

signature: Shut up MSVC, you silly goose

c51880ee

2013-02-20T17:03:18

Simplify signature parsing

965e4e2d

2013-01-21T13:19:41

Parse commit time as uint64_t to avoid overflow The commit time is already stored as a git_time_t, but we were parsing is as a uint32_t. This just switches the parser to use uint64_t which will handle dates further in the future (and adds some tests of those future dates).

359fc2d2

2013-01-08T17:07:25

update copyrights

de70aea6

2012-12-03T12:41:50

Remove GIT_SIGNATURE_VERSION and friends

4ec197f3

2012-11-30T12:52:42

Deploy GIT_SIGNATURE_INIT

b97c169e

2012-09-04T10:01:18

Fix MSVC compilation warnings

d03d309b

2012-08-28T18:02:12

signature: make the OS give us the offset for git_signature_now There is a better and less fragile way to calculate time offsets. Let the OS take care of dealing with DST and simply take the the offset between the local time and UTC that it gives us.

8aedf1d5

2012-07-05T17:02:03

signature: prevent angle bracket usage in identity

9ecf860d

2012-06-06T13:24:25

Rename posix wrappers with 'p_' prefix.

56a5000d

2012-06-05T12:52:44

Merge branch 'development' into rev-parse Conflicts: src/util.h tests-clar/refs/branches/listall.c

e172cf08

2012-05-18T01:21:06

errors: Rename the generic return codes

1ce4cc01

2012-05-15T15:41:05

Fix date.c build in msvc. Ported the win32 implementations of gmtime_r, localtime_r, and gettimeofday to be part of the posix compatibility layer, and fixed git_signature_now to use them.

44ef8b1b

2012-04-13T13:00:10

Fix warnings on 64-bit windows builds This fixes all the warnings on win64 except those in deps, which come from the regex code.

a4c291ef

2012-03-20T21:57:38

Convert reflog to new errors Cleaned up some other issues.

4aa7de15

2012-03-19T17:49:46

Convert indexer, notes, sha1_lookup, and signature More files moved to new error handling style.

5e0de328

2012-02-13T17:10:24

Update Copyright header Signed-off-by: schu <schu-github@schulog.org>

97769280

2011-11-30T11:27:15

Use git_buf for path storage instead of stack-based buffers This converts virtually all of the places that allocate GIT_PATH_MAX buffers on the stack for manipulating paths to use git_buf objects instead. The patch is pretty careful not to touch the public API for libgit2, so there are a few places that still use GIT_PATH_MAX. This extends and changes some details of the git_buf implementation to add a couple of extra functions and to make error handling easier. This includes serious alterations to all the path.c functions, and several of the fileops.c ones, too. Also, there are a number of new functions that parallel existing ones except that use a git_buf instead of a stack-based buffer (such as git_config_find_global_r that exists alongsize git_config_find_global). This also modifies the win32 version of p_realpath to allocate whatever buffer size is needed to accommodate the realpath instead of hardcoding a GIT_PATH_MAX limit, but that change needs to be tested still.

3286c408

2011-10-28T14:51:13

global: Properly use `git__` memory wrappers Ensure that all memory related functions (malloc, calloc, strdup, free, etc) are using their respective `git__` wrappers.

6f2856f3

2011-10-05T15:17:37

signature: don't blow up trying to parse names containing '>' When trying to find the end of an email, instead of starting at the beginning of the signature, we start at the end of the name (after the first '<'). This brings libgit2 more in line with Git's behavior when reading out existing signatures. However, note that Git does not allow names like these through the usual porcelain; instead, it silently strips any '>' characters it sees.

ad196c6a

2011-09-21T23:17:39

config: make git_config_[get|set]_long() able to properly deal with 8 bytes wide values Should fix issue #419. Signed-off-by: nulltoken <emeric.fermas@gmail.com>

71a4c1f1

2011-09-18T20:07:59

Merge pull request #384 from kiryl/warnings Add more -W flags to CFLAGS

bb742ede

2011-09-19T01:54:32

Cleanup legal data 1. The license header is technically not valid if it doesn't have a copyright signature. 2. The COPYING file has been updated with the different licenses used in the project. 3. The full GPLv2 header in each file annoys me.

784b3b49

2011-09-12T23:44:39

Fixed typo in example Makefile code and slimmed it down more. Reverted signature of git_signature_new. Removed error check wrappers (voted down). Made Makefile work out of the box on Linux and Solaris when standard cmake build instructions for the library are followed.

0251733e

2011-09-12T23:39:47

Changes to allow examples/*.c to compile and link. This required on change to the signature of an API function (git_signature_new). Also, the examples/general.c had a lot of unchecked return values which were addresed with a couple of macros. The resulting example still does not work correctly but at least now it fails with an error message rather than not compiling or dumping core. Example runtime issues may be addressed in a later commit.

d568d585

2011-08-30T23:55:22

CMakefile: add -Wmissing-prototypes and fix warnings Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

63396a39

2011-08-03T15:57:33

signature: adjust API to return error codes git_signature_new() and git_signature_now() currently don't return error codes. Change the API to return error codes and not pointers to let the user handle errors properly. Signed-off-by: schu <schu-github@schulog.org>

5274c31a

2011-08-03T01:17:31

signature.c: fix off-by-one error Signed-off-by: schu <schu-github@schulog.org>

7757be33

2011-07-10T07:48:52

reflog: Fix reflog writer/reader - Use a space to separate oids and signature - Enforce test coverage - Make test run in a temporary folder in order not to alter the test repository

6727e300

2011-06-19T23:06:53

git_signature__write: make header optionally Signed-off-by: schu <schu-github@schulog.org>

afeecf4f

2011-07-09T02:10:46

odb: Direct writes are back DIRECT WRITES ARE BACK AND FASTER THAN EVER. The streaming writer to the ODB was an overkill for the smaller objects like Commit and Tags; most of the streaming logic was taking too long. This commit makes Commits, Tags and Trees to be built-up in memory, and then written to disk in 2 pushes (header + data), instead of streaming everything. This is *always* faster, even for big files (since the git_filebuf class still does streaming writes when the memory cache overflows). This is also a gazillion lines of code smaller, because we don't have to precompute the final size of the object before starting the stream (this was kind of defeating the point of streaming, anyway). Blobs are still written with full streaming instead of loading them in memory, since this is still the fastest way. A new `git_buf` class has been added. It's missing some features, but it'll get there.

06c43821

2011-07-09T02:37:16

Remove unused methods The direct-writes commit left some (slow) internals methods that were no longer needed. These have been removed. Also, the Reflog code was using the old `git_signature__write`, so it has been rewritten to use a normal buffer and the new `writebuf` signature writer. It's now slightly simpler and faster.

d483a911

2011-07-08T18:31:05

signature: Fix optional header

9f86ec52

2011-07-05T02:28:18

signature: Fix warnings Add extra braces to avoid ambiguous if-else. Also, free() doesn't need a check.

a01acc47

2011-07-03T14:03:43

signature: straighten the creation of a signature - Fails on empty name and/or email - Trims leading and trailing spaces of name and email

42a1b5e1

2011-07-01T17:59:10

signature: enhance relaxed parsing of bogus signatures Final fix for issue #278

8b2c913a

2011-06-29T14:48:09

git_signature__parse: make parsing less strict git_signature__parse used to be very strict about what's a well-formed signature. Since git_signature__parse is used only when reading already existing signatures, we should not care about if it's a valid signature too much but rather show what we got. Reported-by: nulltoken <emeric.fermas@gmail.com> Signed-off-by: schu <schu-github@schulog.org>

932d1baf

2011-06-30T19:52:34

cleanup: remove trailing spaces Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>

5f25149e

2011-06-28T22:04:27

sig: allow empty names Signed-off-by: Carlos Martín Nieto <carlos@cmartin.tk>

e053c911

2011-06-28T19:52:41

commit: Allow spaces inside email addresses Core Git doesn't care when people use spaces in the email address, even though this kind of foolery receives the capital punishment in several states of the USA. We must obey.

fea400f8

2011-06-01T23:41:30

signature: Fix compilation

fbfc7580

2011-05-31T18:38:59

Fix tag and signature parsing Before this commit, malformed tag and signature were considered as valid by the parser. See the test t3800-mktag.sh of git to see example of malformed tag and signature.

00556496

2011-05-19T14:59:10

signature.c: Move to new error handling mechanism

5de24ec7

2011-05-10T17:38:41

Move signature.c to the new error handling Signed-off-by: Carlos Martín Nieto <cmn@elego.de>

53b7560b

2011-04-09T16:16:09

Fix `time_t` conversion on Win32

14eb94ee

2011-04-09T16:06:17

Fix `gmtime` issues in Win32

8416c9ad

2011-04-09T15:31:12

Rename `git_signature_new_now` The new name is more cool.

9e9e6ae1

2011-04-05T16:15:54

Add API git_signature_new_now Most tags will have a timestamp of whenever the code is running and dealing with time and timezones is error-prone. Optimize for this case by adding a function which causes the signature to be created with a current timestamp. Signed-off-by: Carlos Martín Nieto <cmn@elego.de>

076141a1

2011-04-07T14:38:03

Add a few malloc checks Add checks to see if malloc failed when allocating the tag members and signature members. Signed-off-by: Carlos Martín Nieto <cmn@elego.de>

c6e65aca

2011-04-09T15:22:11

Properly check `strtol` for errors We are now using a custom `strtol` implementation to make sure we're not missing any overflow errors.

720d5472

2011-04-02T12:42:04

Change `parse` methods to const buffer Signed-off-by: Vicent Marti <tanoku@gmail.com>

56d8ca26

2011-03-20T18:36:25

Switch from time_t to git_time_t git_time_t is defined as a signed 64 integer. This allows a true predictable multiplatform behavior.

72a3fe42

2011-03-18T19:38:49

I broke your bindings Hey. Apologies in advance -- I broke your bindings. This is a major commit that includes a long-overdue redesign of the whole object-database structure. This is expected to be the last major external API redesign of the library until the first non-alpha release. Please get your bindings up to date with these changes. They will be included in the next minor release. Sorry again! Major features include: - Real caching and refcounting on parsed objects - Real caching and refcounting on objects read from the ODB - Streaming writes & reads from the ODB - Single-method writes for all object types - The external API is now partially thread-safe The speed increases are significant in all aspects, specially when reading an object several times from the ODB (revwalking) and when writing big objects to the ODB. Here's a full changelog for the external API: blob.h ------ - Remove `git_blob_new` - Remove `git_blob_set_rawcontent` - Remove `git_blob_set_rawcontent_fromfile` - Rename `git_blob_writefile` -> `git_blob_create_fromfile` - Change `git_blob_create_fromfile`: The `path` argument is now relative to the repository's working dir - Add `git_blob_create_frombuffer` commit.h -------- - Remove `git_commit_new` - Remove `git_commit_add_parent` - Remove `git_commit_set_message` - Remove `git_commit_set_committer` - Remove `git_commit_set_author` - Remove `git_commit_set_tree` - Add `git_commit_create` - Add `git_commit_create_v` - Add `git_commit_create_o` - Add `git_commit_create_ov` tag.h ----- - Remove `git_tag_new` - Remove `git_tag_set_target` - Remove `git_tag_set_name` - Remove `git_tag_set_tagger` - Remove `git_tag_set_message` - Add `git_tag_create` - Add `git_tag_create_o` tree.h ------ - Change `git_tree_entry_2object`: New signature is `(git_object **object_out, git_repository *repo, git_tree_entry *entry)` - Remove `git_tree_new` - Remove `git_tree_add_entry` - Remove `git_tree_remove_entry_byindex` - Remove `git_tree_remove_entry_byname` - Remove `git_tree_clearentries` - Remove `git_tree_entry_set_id` - Remove `git_tree_entry_set_name` - Remove `git_tree_entry_set_attributes` object.h ------------ - Remove `git_object_new - Remove `git_object_write` - Change `git_object_close`: This method is now *mandatory*. Not closing an object causes a memory leak. odb.h ----- - Remove type `git_rawobj` - Remove `git_rawobj_close` - Rename `git_rawobj_hash` -> `git_odb_hash` - Change `git_odb_hash`: New signature is `(git_oid *id, const void *data, size_t len, git_otype type)` - Add type `git_odb_object` - Add `git_odb_object_close` - Change `git_odb_read`: New signature is `(git_odb_object **out, git_odb *db, const git_oid *id)` - Change `git_odb_read_header`: New signature is `(size_t *len_p, git_otype *type_p, git_odb *db, const git_oid *id)` - Remove `git_odb_write` - Add `git_odb_open_wstream` - Add `git_odb_open_rstream` odb_backend.h ------------- - Change type `git_odb_backend`: New internal signatures are as follows int (* read)(void **, size_t *, git_otype *, struct git_odb_backend *, const git_oid *) int (* read_header)(size_t *, git_otype *, struct git_odb_backend *, const git_oid *) int (* writestream)(struct git_odb_stream **, struct git_odb_backend *, size_t, git_otype) int (* readstream)( struct git_odb_stream **, struct git_odb_backend *, const git_oid *) - Add type `git_odb_stream` - Add enum `git_odb_streammode` Signed-off-by: Vicent Marti <tanoku@gmail.com>

8ea7fbc0

2010-12-18T22:27:26

Fixed a nasty bug which was preventing correct generation of the signature.

638c2ca4

2010-12-18T02:10:25

Rename 'git_person' to 'git_signature' The new signature struct is public, and contains information about the timezone offset. Must be free'd manually by the user. Signed-off-by: Vicent Marti <tanoku@gmail.com>

thodg/libgit2/src/signature.c

src/signature.c

Log