kmx git

Commit	Date	Message
9894c7dd	2016-07-15T13:32:23	remote: Handle missing config values when deleting a remote Somehow I ended up with the following in my ~/.gitconfig: [branch "master"] remote = origin merge = master rebase = true I assume something went crazy while I was running the git.git tests some time ago, and that I never noticed until now. This is not a good configuration, but it shouldn't cause problems. But it does. Specifically, if you have this in your config, and you perform the following set of actions: create a remote fetch from that remote create a branch off of the remote master branch called "master" delete the branch delete the remote The remote delete fails with the message "Could not find key 'branch.master.rebase' to delete". This is because it's iterating over the config entries (including the ones in the global config) and believes that there is a master branch which must therefore have these config keys. https://github.com/libgit2/libgit2/issues/3856
49188d2b	2016-06-27T15:20:20	blame: do not decrement commit refcount in make_origin When we create a blame origin, we try to look up the blob that is to be blamed at a certain revision. When this lookup fails, e.g. because the file did not exist at that certain revision, we fail to create the blame origin and return `NULL`. The blame origin that we have just allocated is thereby free'd with `origin_decref`. The `origin_decref` function does not only decrement reference counts for the blame origin, though, but also for its commit and blob. When this is done in the error case, we will cause an uneven reference count for these objects. This may result in hard-to-debug failures at seemingly unrelated code paths, where we try to access these objects when they in fact have already been free'd. Fix the issue by refactoring `make_origin` such that we only allocate the object after the only function that may fail so that we do not have to call `origin_decref` at all. Also fix the `pass_blame` function, which indirectly calls `make_origin`, to free the commit when `make_origin` failed.
a200dc9e	2016-04-03T19:24:15	Fix repository discovery with ceiling_dirs at current directory git only checks ceiling directories when its search ascends to a parent directory. A ceiling directory matching the starting directory will not prevent git from finding a repository in the starting directory or a parent directory. libgit2 handled the former case correctly, but differed from git in the latter case: given a ceiling directory matching the starting directory, but no repository at the starting directory, libgit2 would stop the search at that point rather than finding a repository in a parent directory. Test case using git command-line tools: /tmp$ git init x Initialized empty Git repository in /tmp/x/.git/ /tmp$ cd x/ /tmp/x$ mkdir subdir /tmp/x$ cd subdir/ /tmp/x/subdir$ GIT_CEILING_DIRECTORIES=/tmp/x git rev-parse --git-dir fatal: Not a git repository (or any of the parent directories): .git /tmp/x/subdir$ GIT_CEILING_DIRECTORIES=/tmp/x/subdir git rev-parse --git-dir /tmp/x/.git Fix the testsuite to test this case (in one case fixing a test that depended on the current behavior), and then fix find_repo to handle this case correctly. In the process, simplify and document the logic in find_repo(): - Separate the concepts of "currently checking a .git directory" and "number of iterations left before going further counts as a search" into two separate variables, in_dot_git and min_iterations. - Move the logic to handle in_dot_git and append /.git to the top of the loop. - Only search ceiling_dirs and find ceiling_offset after running out of min_iterations; since ceiling_offset only tracks the longest matching ceiling directory, if ceiling_dirs contained both the current directory and a parent directory, this change makes find_repo stop the search at the parent directory.
90ec1605	2016-06-20T14:16:50	README: disambiguate what to distribute source of Indicate that if you make changes to libgit2 that you must distribute the source _to libgit2_, not the source _of your program_.
bb582f07	2016-06-20T20:07:33	threads: add platform-independent thread initialization function
c7a03369	2016-06-20T11:09:49	cmake: do not use -fPIC for MSYS2 The MSYS2 build system automatically compiles all code with position-independent code. When we manually add the -fPIC flag to the compiler flags, MSYS2 will loudly complain about PIC being the default and thus not required. Fix the annoyance by stripping -fPIC in MSYS2 enviroments like it is already done for MinGW.
1edbfa1f	2016-06-28T20:19:52	Fixed bug while parsing INT64_MIN
cc43d185	2016-06-20T15:05:02	README: update "Getting Help" section
ce124fc7	2016-06-20T14:24:17	README: improve contributing paragraph
5d03db81	2016-06-20T18:21:42	win32: rename pthread.{c,h} to thread.{c,h} The old pthread-file did re-implement the pthreads API with exact symbol matching. As the thread-abstraction has now been split up between Unix- and Windows-specific files within the `git_` namespace to avoid symbol-clashes between libgit2 and pthreads, the rewritten wrappers have nothing to do with pthreads anymore. Rename the Windows-specific pthread-files to honor this change.
961bdbdf	2016-06-20T18:28:00	threads: remove now-useless typedefs
2aa5c6ff	2016-06-20T19:40:45	threads: remove unused function pthread_num_processors_np The function pthread_num_processors_np is currently unused and superseded by the function `git_online_cpus`. Remove the function.
68343f26	2016-06-20T17:49:47	threads: split up OS-dependent rwlock code
fabd4771	2016-06-20T17:20:13	threads: split up OS-dependent thread-condition code
1b825316	2016-06-20T19:48:19	threads: remove unused function pthread_cond_broadcast
40b243bf	2016-06-20T17:07:14	threads: split up OS-dependent mutex code
fc2b97dd	2016-06-20T17:44:04	threads: split up OS-dependent thread code
286e7dbd	2016-06-09T22:50:53	fix error message SHA truncation in git_odb__error_notfound()
4c06f3e7	2016-06-19T11:46:43	HTTP authentication scheme name is case insensitive.
ac44d354	2016-06-15T15:47:28	checkout: use empty baseline when no index When no index file exists and a baseline is not explicitly provided, use an empty baseline instead of trying to load `HEAD`.
a574d843	2016-06-14T12:27:03	documentation: improve docs for `checkout_head` `git_checkout_head` is sadly misunderstood as something that can switch branches. It cannot. Update the documentation to reflect this.
27008e84	2016-06-14T14:46:12	fetch: Fixed spurious update callback for existing tags.
d1fb89dd	2016-06-07T12:55:17	global: clean up crt only after freeing tls data The thread local storage is used to hold some global state that is dynamically allocated and should be freed upon exit. On Windows, we clean up the C run-time right after execution of registered shutdown callbacks and before cleaning up the TLS. When we clean up the CRT, we also cause it to analyze for memory leaks. As we did not free the TLS yet this will lead to false positives. Fix the issue by first freeing the TLS and cleaning up the CRT only afterwards.
6e0d473b	2016-06-07T12:29:16	tests: fix memory leaks in checkout::typechange
246d25b3	2016-06-07T08:35:26	index: fix NULL pointer access in index_remove_entry When removing an entry from the index by its position, we first retrieve the position from the index's entries and then try to remove the retrieved value from the index map with `DELETE_IN_MAP`. When `index_remove_entry` returns `NULL` we try to feed it into the `DELETE_IN_MAP` macro, which will unconditionally call `idxentry_hash` and then happily dereference the `NULL` entry pointer. Fix the issue by not passing a `NULL` entry into `DELETE_IN_MAP`.
1a709604	2016-06-06T12:59:17	transports: smart: fix potential invalid memory dereferences When we receive a packet of exactly four bytes encoding its length as those four bytes it can be treated as an empty line. While it is not really specified how those empty lines should be treated, we currently ignore them and do not return an error when trying to parse it but simply advance the data pointer. Callers invoking `git_pkt_parse_line` are currently not prepared to handle this case as they do not explicitly check this case. While they could always reset the passed out-pointer to `NULL` before calling `git_pkt_parse_line` and determine if the pointer has been set afterwards, it makes more sense to update `git_pkt_parse_line` to set the out-pointer to `NULL` itself when it encounters such an empty packet. Like this it is guaranteed that there will be no invalid memory references to free'd pointers. As such, the issue has been fixed such that `git_pkt_parse_line` always sets the packet out pointer to `NULL` when an empty packet has been received and callers check for this condition, skipping such packets.
11408f0e	2016-06-02T02:34:03	index_read_index: invalidate new paths in tree cache When adding a new entry to an existing index via `git_index_read_index`, be sure to remove the tree cache entry for that new path. This will mark all parent trees as dirty.
8be49681	2016-06-01T22:31:16	test: ensure we can round-trip a written tree Read a tree into an index, write the index, then re-open the index and ensure that we are treesame to the original.
6c133a75	2016-06-01T14:52:25	round-trip trees through index_read_index Read a tree into an index using `git_index_read_index` (by reading a tree into a new index, then reading that index into the current index), then write the index back out, ensuring that our new index is treesame to the tree that we read.
feea2849	2016-05-26T12:52:29	win32: clean up unused warnings in DllMain
efadf28d	2016-05-26T12:39:09	filebuf: fix uninitialized warning
80745b12	2016-06-02T01:04:58	index_read_index: set flags for path_len correctly Update the flags to reset the path_len (to emulate `index_insert`)
e755f79f	2016-06-02T00:47:51	index_read_index: differentiate on mode Treat index entries with different modes as different, which they are, at least for the purposes of up-to-date calculations.
e6a0a850	2016-06-01T14:56:27	index_read_index: reset error correctly Clear any error state upon each iteration. If one of the iterations ends (with an error of `GIT_ITEROVER`) we need to reset that error to 0, lest we stop the whole process prematurely.
bcef008f	2016-05-26T10:51:16	cleanup: unused warning
68227c43	2016-05-27T10:20:35	Update CMakeLists.txt typo fix
85ef6ec5	2016-05-12T13:18:07	Ignore submodules when checking for merge conflicts in the workdir.
70681ff7	2016-02-16T21:02:41	checkout: handle dirty submodules correctly Don't generate conflicts when checking out a modified submodule and the submodule is dirty or modified in the workdir.
26917fd9	2016-05-24T19:07:09	test: Fix stat() test to mask out unwanted bits Haiku and Hurd both pass extra bits in struct stat::st_mode.
488937c2	2016-05-22T23:23:58	CMakeLists: Add libnetwork for Haiku
78b5702e	2016-05-18T16:00:01	Fix comment for GIT_FILEMODE_LINK 0120000 is symbolic link, not commit
849a1a43	2016-05-05T23:34:23	Fix unused variable 'message' warning
cf0396a5	2016-05-02T16:49:59	delta-apply: fix sign extension We compute offsets by executing `off \|= (*delta++ << 24)` for multiple constants, where `off` is of type `size_t` and `delta` is of type `unsigned char`. The usual arithmetic conversions (see ISO C89 §3.2.1.5 "Usual arithmetic conversions") kick in here, causing us to promote both operands to `int` and then extending the result to an `unsigned long` when OR'ing it with `off`. The integer promotion to `int` may result in wrong size calculations for big values. Fix the issue by making the constants `unsigned long`, causing both operands to be promoted to `unsigned long`.
1fb8a951	2016-05-02T16:24:14	odb_loose: fix undefined behavior when computing size An object's size is computed by reading the object header's size field until the most significant bit is not set anymore. To get the total size, we increase the shift on each iteration and add the shifted value to the total size. We read the current value into a variable of type `unsigned char`, from which we then take all bits except the most significant bit and shift the result. We will end up with a maximum shift of 60, but this exceeds the width of the value's type, resulting in undefined behavior. Fix the issue by instead reading the values into a variable of type `unsigned long`, which matches the required width. This is equivalent to git.git, which uses an `unsigned long` as well.
f627e196	2016-05-02T15:47:54	checkout: set ignorecase=0 when config lookup fails When `git_repository__cvar` fails we may end up with a `ignorecase` value of `-1`. As we subsequently check if `ignorecase` is non-zero, we may end up reporting that data should be removed when in fact it should not. Err on the safer side and set `ignorecase = 0` when `git_repository__cvar` fails.
66633e83	2016-04-27T12:00:31	odb: avoid inflating the full delta to read the header When we read the header, we want to know the size and type of the object. We're currently inflating the full delta in order to read the first few bytes. This can mean hundreds of kB needlessly inflated for large objects. Instead use a packfile stream to read just enough so we can read the two varints in the header and avoid inflating most of the delta.
fc2ef514	2016-05-02T14:30:14	index: fix memory leak on error case
1aacaa31	2016-04-29T10:18:04	cmake: include threading libraries in pkg-config Include any required threading libraries in our `libgit2.pc`.
b726c539	2016-04-26T18:04:03	Fix return value of openssl_read (infinite loop) openssl_read should return -1 in case of error. SSL_read returns values <= 0 in case of error. A return value of 0 can lead to an infinite loop, so the return value of ssl_set_error will be returned if SSL_read is not successful (analog to openssl_write).
16541b86	2016-04-25T12:16:05	tag: ignore extra header fields While no extra header fields are defined for tags, git accepts them by ignoring them and continuing the search for the message. There are a few tags like this in the wild which git parses just fine, so we should do the same.
211e117a	2016-04-12T00:18:17	Merge pull request #3739 from ethomson/0.24.1 Backport bug fixes to 0.24
8edadbf9	2016-03-07T17:37:17	index::racy: force racy entry Instead of hoping that we can get a racy entry by going real fast and praying real hard, just create a racy entry.
ccfacb8b	2016-03-31T10:43:57	leaks: call `xdl_free_classifier`
6a35e74c	2016-03-30T17:47:05	leaks: fix some leaks in the tests
2c1bc36d	2016-03-29T14:47:31	Plug a few leaks
5cc7a5c7	2016-04-11T13:39:31	tests: skip the unreadable file tests as root When running as root, skip the unreadable file tests, because, well, they're probably _not_ unreadable to root unless you've got some crazy NSA clearance-level honoring operating system shit going on.
1d59c85a	2016-03-17T00:47:50	status: update test to include valid OID
af753aba	2016-03-22T00:18:44	tree: drop the now-unnecessary entries vector Remove the now-unnecessary entries vector. Add `git_array_search` to binary search through an array to accomplish this.
e8d5df9e	2016-03-04T14:51:16	config: show we write a spurious duplicated section header We should notice that we are in the correct section to add. This is a cosmetic bug, since replacing any of these settings does work.
b6130fe1	2016-04-11T11:50:11	refs::create: strict object creation on by default When we turned strict object creation validation on by default, we forgot to inform the refs::create tests of this. They, in fact, believed that strict object creation was off by default. As a result, their cleanup function went and turned strict object creation off for the remaining tests.
ba52879b	2016-04-11T11:37:02	reset: use real ids for the tests This lets us run with strict object creation on.
13ebf7bd	2016-03-20T12:01:45	tree: store the entries in a growable array Take advantage of the constant size of tree-owned arrays and store them in an array instead of a pool. This still lets us free them all at once but lets the system allocator do the work of fitting them in.
26f2cefb	2016-03-20T11:00:12	tree: re-use the id and filename in the odb object Instead of copying over the data into the individual entries, point to the originals, which are already in a format we can use.
17789083	2016-04-01T14:33:42	ignore: don't use realpath to canonicalize path If we're looking for a symlink, realpath will give us the resolved path, which is not what we're after, but a canonicalized version of the path the user asked for.
21d8832e	2016-03-28T08:56:13	config::write::repeated: init our buffer
a13c1ec2	2016-03-28T11:13:51	config: don't write section header if we're in it If we hit the EOF while trying to write a new value, it may be that we're already in the section that we were looking for. If so, do not write a (duplicate) section header, just write the value.
3e2e8240	2016-04-11T17:43:07	refs: provide a more general error message for dwim If we cannot dwim the input, set the error message to be explicit about that. Otherwise we leave the error for the last failed lookup, which can be rather unexpected as it mentions a remote when the user thought they were trying to look up a branch.
ab062a39	2016-04-06T10:37:30	tests: fix core/stream test when built with openssl off When passing -DUSE_OPENSSL:BOOL=OFF to cmake the testsuite will fail with the following error: core::stream::register_tls [/tmp/libgit2/tests/core/stream.c:40] Function call failed: (error) error -1 - <no message> Fix test to assume failure for tls when built without openssl. While at it also fix GIT_WIN32 cpp to check if it's defined or not.
fe1f4777	2016-03-31T11:35:53	Add a no-op size_t typedef for the doc parser Clang's documentation parser, which we use in our documentation system does not report any comments for functions which use size_t as a type. The root cause is buried somewhere in libclang but we can work around it by defining the type ourselves. This typedef makes sure that libclang sees it and that we do not change its size.
56da07cb	2016-03-31T11:32:36	xdiff/xprepare: fix a memory leak The xdl_prepare_env() function may initialise an xdlclassifier_t data structure via xdl_init_classifier(), which allocates memory to several fields, for example 'rchash', 'rcrecs' and 'ncha'. If this function later exits due to the failure of xdl_optimize_ctxs(), then this xdlclassifier_t structure, and the memory allocated to it, is not cleaned up. In order to fix the memory leak, insert a call to xdl_free_classifier() before returning. This patch was originally written by Ramsay Jones (see commit 87f16258367a3b9a62663b11f898a4a6f3c19d31 in git.git).
3ec0f2e3	2016-03-31T11:30:31	xdiff/xprepare: use the XDF_DIFF_ALG() macro to access flag bits Commit 307ab20b3 ("xdiff: PATIENCE/HISTOGRAM are not independent option bits", 19-02-2012) introduced the XDF_DIFF_ALG() macro to access the flag bits used to represent the diff algorithm requested. In addition, code which had used explicit manipulation of the flag bits was changed to use the macros. However, one example of direct manipulation remains. Update this code to use the XDF_DIFF_ALG() macro. This patch was originally written by Ramsay Jones (see commit 5cd6978a9cfef58de061a9525f3678ade479564d in git.git).
c86a65be	2016-03-21T21:10:26	config: don't special-case multivars that don't exist yet This special-casing ignores that we might have a locked file, so the hashtable does not represent the contents of the file we want to write. This causes multivar writes to overwrite entries instead of add to them when under lock. There is no need for this as the normal code-path will write to the file just fine, so simply get rid of it.
a1cf2644	2016-03-18T13:00:27	win32: free thread-local data on thread exit
e97d2d70	2016-03-17T10:45:22	commit: fix extraction of single-line signatures The function to extract signatures suffers from a similar bug to the header field finding one by having an unecessary line feed check as a break condition of its loop. Fix that and add a test for this single-line signature situation.
d8fcafb2	2016-03-16T19:05:11	Split the page size from the mmap alignment While often similar, these are not the same on Windows. We want to use the page size on Windows for the pools, but for mmap we need to use the allocation granularity as the alignment. On the other platforms these values remain the same.
9a668abd	2016-03-15T18:32:37	Option "LIBGIT2_PREFIX" to set the CMAKE's TARGET_PROPERTIES PREFIX This is especially useful in combination with MinGW to yield the Windows-compliant DLL name "git2.dll" instead of "libgit2.dll"
f587f38c	2016-03-15T18:20:32	CMake: do not overwrite but only append to CMAKE_C_FLAGS_DEBUG This is useful to force "smart" IDEs (like CLIon) to use debug flag -g even it may have decided that "-D_DEBUG" (which is already present) is sufficient.
cdde081b	2016-03-14T12:41:41	Use general cl_git_fail because the error is generic
4e91020c	2016-03-14T12:41:12	Start error string with lower case character
c1ec732f	2016-03-14T12:02:00	Setup better defaults for OpenSSL ciphers This ensures that when using OpenSSL a safe default set of ciphers is selected. This is done so that the client communicates securely and we don't accidentally enable unsafe ciphers like RC4, or even worse some old export ciphers. Implements the first part of https://github.com/libgit2/libgit2/issues/3682
89e7604c	2016-03-10T17:21:02	config_cache: check return value of `git_config__lookup_entry` Callers of `git_config__cvar` already handle the case where the function returns an error due to a failed configuration variable lookup, but we are actually swallowing errors when calling `git_config__lookup_entry` inside of the function. Fix this by returning early when `git_config__lookup_entry` returns an error. As we call `git_config__lookup_entry` with `no_errors == false` which leads us to call `get_entry` with `GET_NO_MISSING` we will not return early when the lookup fails due to a missing entry. Like this we are still able to set the default value of the cvar and exit successfully.
18c4ae70	2016-03-10T17:05:30	filebuf: handle write error in `lock_file` When writing to a file with locking not check if writing the locked file actually succeeds. Fix the issue by returning error code and message when writing fails.
f17ed637	2016-03-10T16:42:55	blame: handle error when resoling HEAD in normalize_options When normalizing options we try to look up HEAD's OID. While this action may fail in malformed repositories we never check the return value of the function. Fix the issue by converting `normalize_options` to actually return an error and handle the error in `git_blame_file`.
dd78d7d1	2016-03-10T16:33:49	blame_git: handle error returned by `git_commit_parent`
8d3ee96a	2016-03-10T16:11:51	refdb_fs: fail if refcache returns NULL pointer We usually check entries returned by `git_sortedcache_entry` for NULL pointers. As we have a write lock in `packed_write`, though, it really should not happen that the function returns NULL. Assert that ref is not NULL to silence a Coverity warning.
0b357e2e	2016-03-02T01:50:34	coverity: report errors when uploading tarball Curl by default does not report errors by setting the error code. As the upload can fail through several conditions (e.g. the rate limit, leading to unauthorized access) we should indicate this information in Travis CI. To improve upon the behavior, use `--write-out=%{http_code}` to write out the HTTP code in addition to the received body and return an error if the code does not equal 201.
851c51ab	2016-03-10T10:40:47	diff_tform: fix potential NULL pointer access When the user passes in a diff which has no repository associated we may call `git_config__get_int_force` with a NULL-pointer configuration. Even though `git_config__get_int_force` is designed to swallow errors, it is not intended to be called with a NULL pointer configuration. Fix the issue by only calling `git_config__get_int_force` only when configuration could be retrieved from the repository.
d96c0638	2016-03-01T19:11:33	submodule: avoid passing NULL pointers to strncmp In C89 it is undefined behavior to pass `NULL` pointers to `strncmp` and later on in C99 it has been explicitly stated that functions with an argument declared as `size_t nmemb` specifying the array length shall always have valid parameters, no matter if `nmemb` is 0 or not (see ISO 9899 §7.21.1.2). The function `str_equal_no_trailing_slash` always passes its parameters to `strncmp` if their lengths match. This means if one parameter is `NULL` and the other one either `NULL` or a string with length 0 we will pass the pointers to `strncmp` and cause undefined behavior. Fix this by explicitly handling the case when both lengths are 0.
1a16e8b0	2016-03-01T17:55:40	pack-objects: fix memory leak on overflow
e114bbac	2016-03-01T16:00:49	index: assert required OID are non-NULL
d0780b81	2016-03-01T15:35:45	object: avoid call of memset with ouf of bounds pointer When computing a short OID we do this by first copying the leading parts into the new OID structure and then setting the trailing part to zero. In the case of the desired length being `GIT_OID_HEXSZ - 1` we will call `memset` with an out of bounds pointer and a length of 0. While this seems to cause no problems for common platforms the C89 standard does not explicitly state that calling `memset` with an out of bounds pointer and length of 0 is valid. Fix the potential issue by using the newly introduced `git_oid__cpy_prefix` function.
fa4b93a6	2016-04-11T15:57:23	backport git_oid__cpy_prefix
faf823dc	2016-03-11T09:58:38	tests: transport: fix memory leaks with registering transports
0370dae1	2016-02-25T18:15:02	Check for __CLANG_INTTYPES_H This fixes an issue in Xcode 7.3 in objective-git where we get the error "Include of non-modular header file in module". Not importing this header again fixes the issue.
e39ad747	2016-03-01T14:40:17	config_file: handle missing quotation marks in section header When parsing a section header we expect something along the format of '[section "subsection"]'. When a section is mal-formated and is entirely missing its quotation marks we catch this case by observing that `strchr(line, '"') - strrchr(line, '"') = NULL - NULL = 0` and error out. Unfortunately, the error message is misleading though, as we state that we are missing the closing quotation mark while we in fact miss both quotation marks. Improve the error message by explicitly checking if the first quotation mark could be found and, if not, stating that quotation marks are completely missing.
ffb1f419	2016-03-01T14:24:09	describe: handle error code returned by git_pqueue_insert
4ebf745f	2016-03-09T11:16:16	mwindow: free unused windows if we fail to mmap The first time may be due to memory fragmentation or just bad luck on a 32-bit system. When we hit the mmap error for the first time, free up the unused windows and try again.
9ee498e8	2016-03-08T10:16:37	Only buffer if necessary.
eb09ead2	2016-03-04T01:18:30	odb: improved not found error messages When looking up an abbreviated oid, show the actual (abbreviated) oid the caller passed instead of a full (but ambiguously truncated) oid.
cdded630	2016-01-13T11:07:14	Remove duplicated calls to git_mwindow_close

9894c7dd

2016-07-15T13:32:23

remote: Handle missing config values when deleting a remote Somehow I ended up with the following in my ~/.gitconfig: [branch "master"] remote = origin merge = master rebase = true I assume something went crazy while I was running the git.git tests some time ago, and that I never noticed until now. This is not a good configuration, but it shouldn't cause problems. But it does. Specifically, if you have this in your config, and you perform the following set of actions: create a remote fetch from that remote create a branch off of the remote master branch called "master" delete the branch delete the remote The remote delete fails with the message "Could not find key 'branch.master.rebase' to delete". This is because it's iterating over the config entries (including the ones in the global config) and believes that there is a master branch which must therefore have these config keys. https://github.com/libgit2/libgit2/issues/3856

49188d2b

2016-06-27T15:20:20

blame: do not decrement commit refcount in make_origin When we create a blame origin, we try to look up the blob that is to be blamed at a certain revision. When this lookup fails, e.g. because the file did not exist at that certain revision, we fail to create the blame origin and return `NULL`. The blame origin that we have just allocated is thereby free'd with `origin_decref`. The `origin_decref` function does not only decrement reference counts for the blame origin, though, but also for its commit and blob. When this is done in the error case, we will cause an uneven reference count for these objects. This may result in hard-to-debug failures at seemingly unrelated code paths, where we try to access these objects when they in fact have already been free'd. Fix the issue by refactoring `make_origin` such that we only allocate the object after the only function that may fail so that we do not have to call `origin_decref` at all. Also fix the `pass_blame` function, which indirectly calls `make_origin`, to free the commit when `make_origin` failed.

a200dc9e

2016-04-03T19:24:15

Fix repository discovery with ceiling_dirs at current directory git only checks ceiling directories when its search ascends to a parent directory. A ceiling directory matching the starting directory will not prevent git from finding a repository in the starting directory or a parent directory. libgit2 handled the former case correctly, but differed from git in the latter case: given a ceiling directory matching the starting directory, but no repository at the starting directory, libgit2 would stop the search at that point rather than finding a repository in a parent directory. Test case using git command-line tools: /tmp$ git init x Initialized empty Git repository in /tmp/x/.git/ /tmp$ cd x/ /tmp/x$ mkdir subdir /tmp/x$ cd subdir/ /tmp/x/subdir$ GIT_CEILING_DIRECTORIES=/tmp/x git rev-parse --git-dir fatal: Not a git repository (or any of the parent directories): .git /tmp/x/subdir$ GIT_CEILING_DIRECTORIES=/tmp/x/subdir git rev-parse --git-dir /tmp/x/.git Fix the testsuite to test this case (in one case fixing a test that depended on the current behavior), and then fix find_repo to handle this case correctly. In the process, simplify and document the logic in find_repo(): - Separate the concepts of "currently checking a .git directory" and "number of iterations left before going further counts as a search" into two separate variables, in_dot_git and min_iterations. - Move the logic to handle in_dot_git and append /.git to the top of the loop. - Only search ceiling_dirs and find ceiling_offset after running out of min_iterations; since ceiling_offset only tracks the longest matching ceiling directory, if ceiling_dirs contained both the current directory and a parent directory, this change makes find_repo stop the search at the parent directory.

90ec1605

2016-06-20T14:16:50

README: disambiguate what to distribute source of Indicate that if you make changes to libgit2 that you must distribute the source _to libgit2_, not the source _of your program_.

bb582f07

2016-06-20T20:07:33

threads: add platform-independent thread initialization function

c7a03369

2016-06-20T11:09:49

cmake: do not use -fPIC for MSYS2 The MSYS2 build system automatically compiles all code with position-independent code. When we manually add the -fPIC flag to the compiler flags, MSYS2 will loudly complain about PIC being the default and thus not required. Fix the annoyance by stripping -fPIC in MSYS2 enviroments like it is already done for MinGW.

1edbfa1f

2016-06-28T20:19:52

Fixed bug while parsing INT64_MIN

cc43d185

2016-06-20T15:05:02

README: update "Getting Help" section

ce124fc7

2016-06-20T14:24:17

README: improve contributing paragraph

5d03db81

2016-06-20T18:21:42

win32: rename pthread.{c,h} to thread.{c,h} The old pthread-file did re-implement the pthreads API with exact symbol matching. As the thread-abstraction has now been split up between Unix- and Windows-specific files within the `git_` namespace to avoid symbol-clashes between libgit2 and pthreads, the rewritten wrappers have nothing to do with pthreads anymore. Rename the Windows-specific pthread-files to honor this change.

961bdbdf

2016-06-20T18:28:00

threads: remove now-useless typedefs

2aa5c6ff

2016-06-20T19:40:45

threads: remove unused function pthread_num_processors_np The function pthread_num_processors_np is currently unused and superseded by the function `git_online_cpus`. Remove the function.

68343f26

2016-06-20T17:49:47

threads: split up OS-dependent rwlock code

fabd4771

2016-06-20T17:20:13

threads: split up OS-dependent thread-condition code

1b825316

2016-06-20T19:48:19

threads: remove unused function pthread_cond_broadcast

40b243bf

2016-06-20T17:07:14

threads: split up OS-dependent mutex code

fc2b97dd

2016-06-20T17:44:04

threads: split up OS-dependent thread code

286e7dbd

2016-06-09T22:50:53

fix error message SHA truncation in git_odb__error_notfound()

4c06f3e7

2016-06-19T11:46:43

HTTP authentication scheme name is case insensitive.

ac44d354

2016-06-15T15:47:28

checkout: use empty baseline when no index When no index file exists and a baseline is not explicitly provided, use an empty baseline instead of trying to load `HEAD`.

a574d843

2016-06-14T12:27:03

documentation: improve docs for `checkout_head` `git_checkout_head` is sadly misunderstood as something that can switch branches. It cannot. Update the documentation to reflect this.

27008e84

2016-06-14T14:46:12

fetch: Fixed spurious update callback for existing tags.

d1fb89dd

2016-06-07T12:55:17

global: clean up crt only after freeing tls data The thread local storage is used to hold some global state that is dynamically allocated and should be freed upon exit. On Windows, we clean up the C run-time right after execution of registered shutdown callbacks and before cleaning up the TLS. When we clean up the CRT, we also cause it to analyze for memory leaks. As we did not free the TLS yet this will lead to false positives. Fix the issue by first freeing the TLS and cleaning up the CRT only afterwards.

6e0d473b

2016-06-07T12:29:16

tests: fix memory leaks in checkout::typechange

246d25b3

2016-06-07T08:35:26

index: fix NULL pointer access in index_remove_entry When removing an entry from the index by its position, we first retrieve the position from the index's entries and then try to remove the retrieved value from the index map with `DELETE_IN_MAP`. When `index_remove_entry` returns `NULL` we try to feed it into the `DELETE_IN_MAP` macro, which will unconditionally call `idxentry_hash` and then happily dereference the `NULL` entry pointer. Fix the issue by not passing a `NULL` entry into `DELETE_IN_MAP`.

1a709604

2016-06-06T12:59:17

transports: smart: fix potential invalid memory dereferences When we receive a packet of exactly four bytes encoding its length as those four bytes it can be treated as an empty line. While it is not really specified how those empty lines should be treated, we currently ignore them and do not return an error when trying to parse it but simply advance the data pointer. Callers invoking `git_pkt_parse_line` are currently not prepared to handle this case as they do not explicitly check this case. While they could always reset the passed out-pointer to `NULL` before calling `git_pkt_parse_line` and determine if the pointer has been set afterwards, it makes more sense to update `git_pkt_parse_line` to set the out-pointer to `NULL` itself when it encounters such an empty packet. Like this it is guaranteed that there will be no invalid memory references to free'd pointers. As such, the issue has been fixed such that `git_pkt_parse_line` always sets the packet out pointer to `NULL` when an empty packet has been received and callers check for this condition, skipping such packets.

11408f0e

2016-06-02T02:34:03

index_read_index: invalidate new paths in tree cache When adding a new entry to an existing index via `git_index_read_index`, be sure to remove the tree cache entry for that new path. This will mark all parent trees as dirty.

8be49681

2016-06-01T22:31:16

test: ensure we can round-trip a written tree Read a tree into an index, write the index, then re-open the index and ensure that we are treesame to the original.

6c133a75

2016-06-01T14:52:25

round-trip trees through index_read_index Read a tree into an index using `git_index_read_index` (by reading a tree into a new index, then reading that index into the current index), then write the index back out, ensuring that our new index is treesame to the tree that we read.

feea2849

2016-05-26T12:52:29

win32: clean up unused warnings in DllMain

efadf28d

2016-05-26T12:39:09

filebuf: fix uninitialized warning

80745b12

2016-06-02T01:04:58

index_read_index: set flags for path_len correctly Update the flags to reset the path_len (to emulate `index_insert`)

e755f79f

2016-06-02T00:47:51

index_read_index: differentiate on mode Treat index entries with different modes as different, which they are, at least for the purposes of up-to-date calculations.

e6a0a850

2016-06-01T14:56:27

index_read_index: reset error correctly Clear any error state upon each iteration. If one of the iterations ends (with an error of `GIT_ITEROVER`) we need to reset that error to 0, lest we stop the whole process prematurely.

bcef008f

2016-05-26T10:51:16

cleanup: unused warning

68227c43

2016-05-27T10:20:35

Update CMakeLists.txt typo fix

85ef6ec5

2016-05-12T13:18:07

Ignore submodules when checking for merge conflicts in the workdir.

70681ff7

2016-02-16T21:02:41

checkout: handle dirty submodules correctly Don't generate conflicts when checking out a modified submodule and the submodule is dirty or modified in the workdir.

26917fd9

2016-05-24T19:07:09

test: Fix stat() test to mask out unwanted bits Haiku and Hurd both pass extra bits in struct stat::st_mode.

488937c2

2016-05-22T23:23:58

CMakeLists: Add libnetwork for Haiku

78b5702e

2016-05-18T16:00:01

Fix comment for GIT_FILEMODE_LINK 0120000 is symbolic link, not commit

849a1a43

2016-05-05T23:34:23

Fix unused variable 'message' warning

cf0396a5

2016-05-02T16:49:59

delta-apply: fix sign extension We compute offsets by executing `off |= (*delta++ << 24)` for multiple constants, where `off` is of type `size_t` and `delta` is of type `unsigned char`. The usual arithmetic conversions (see ISO C89 §3.2.1.5 "Usual arithmetic conversions") kick in here, causing us to promote both operands to `int` and then extending the result to an `unsigned long` when OR'ing it with `off`. The integer promotion to `int` may result in wrong size calculations for big values. Fix the issue by making the constants `unsigned long`, causing both operands to be promoted to `unsigned long`.

1fb8a951

2016-05-02T16:24:14

odb_loose: fix undefined behavior when computing size An object's size is computed by reading the object header's size field until the most significant bit is not set anymore. To get the total size, we increase the shift on each iteration and add the shifted value to the total size. We read the current value into a variable of type `unsigned char`, from which we then take all bits except the most significant bit and shift the result. We will end up with a maximum shift of 60, but this exceeds the width of the value's type, resulting in undefined behavior. Fix the issue by instead reading the values into a variable of type `unsigned long`, which matches the required width. This is equivalent to git.git, which uses an `unsigned long` as well.

f627e196

2016-05-02T15:47:54

checkout: set ignorecase=0 when config lookup fails When `git_repository__cvar` fails we may end up with a `ignorecase` value of `-1`. As we subsequently check if `ignorecase` is non-zero, we may end up reporting that data should be removed when in fact it should not. Err on the safer side and set `ignorecase = 0` when `git_repository__cvar` fails.

66633e83

2016-04-27T12:00:31

odb: avoid inflating the full delta to read the header When we read the header, we want to know the size and type of the object. We're currently inflating the full delta in order to read the first few bytes. This can mean hundreds of kB needlessly inflated for large objects. Instead use a packfile stream to read just enough so we can read the two varints in the header and avoid inflating most of the delta.

fc2ef514

2016-05-02T14:30:14

index: fix memory leak on error case

1aacaa31

2016-04-29T10:18:04

cmake: include threading libraries in pkg-config Include any required threading libraries in our `libgit2.pc`.

b726c539

2016-04-26T18:04:03

Fix return value of openssl_read (infinite loop) openssl_read should return -1 in case of error. SSL_read returns values <= 0 in case of error. A return value of 0 can lead to an infinite loop, so the return value of ssl_set_error will be returned if SSL_read is not successful (analog to openssl_write).

16541b86

2016-04-25T12:16:05

tag: ignore extra header fields While no extra header fields are defined for tags, git accepts them by ignoring them and continuing the search for the message. There are a few tags like this in the wild which git parses just fine, so we should do the same.

211e117a

2016-04-12T00:18:17

Merge pull request #3739 from ethomson/0.24.1 Backport bug fixes to 0.24

8edadbf9

2016-03-07T17:37:17

index::racy: force racy entry Instead of hoping that we can get a racy entry by going real fast and praying real hard, just create a racy entry.

ccfacb8b

2016-03-31T10:43:57

leaks: call `xdl_free_classifier`

6a35e74c

2016-03-30T17:47:05

leaks: fix some leaks in the tests

2c1bc36d

2016-03-29T14:47:31

Plug a few leaks

5cc7a5c7

2016-04-11T13:39:31

tests: skip the unreadable file tests as root When running as root, skip the unreadable file tests, because, well, they're probably _not_ unreadable to root unless you've got some crazy NSA clearance-level honoring operating system shit going on.

1d59c85a

2016-03-17T00:47:50

status: update test to include valid OID

af753aba

2016-03-22T00:18:44

tree: drop the now-unnecessary entries vector Remove the now-unnecessary entries vector. Add `git_array_search` to binary search through an array to accomplish this.

e8d5df9e

2016-03-04T14:51:16

config: show we write a spurious duplicated section header We should notice that we are in the correct section to add. This is a cosmetic bug, since replacing any of these settings does work.

b6130fe1

2016-04-11T11:50:11

refs::create: strict object creation on by default When we turned strict object creation validation on by default, we forgot to inform the refs::create tests of this. They, in fact, believed that strict object creation was off by default. As a result, their cleanup function went and turned strict object creation off for the remaining tests.

ba52879b

2016-04-11T11:37:02

reset: use real ids for the tests This lets us run with strict object creation on.

13ebf7bd

2016-03-20T12:01:45

tree: store the entries in a growable array Take advantage of the constant size of tree-owned arrays and store them in an array instead of a pool. This still lets us free them all at once but lets the system allocator do the work of fitting them in.

26f2cefb

2016-03-20T11:00:12

tree: re-use the id and filename in the odb object Instead of copying over the data into the individual entries, point to the originals, which are already in a format we can use.

17789083

2016-04-01T14:33:42

ignore: don't use realpath to canonicalize path If we're looking for a symlink, realpath will give us the resolved path, which is not what we're after, but a canonicalized version of the path the user asked for.

21d8832e

2016-03-28T08:56:13

config::write::repeated: init our buffer

a13c1ec2

2016-03-28T11:13:51

config: don't write section header if we're in it If we hit the EOF while trying to write a new value, it may be that we're already in the section that we were looking for. If so, do not write a (duplicate) section header, just write the value.

3e2e8240

2016-04-11T17:43:07

refs: provide a more general error message for dwim If we cannot dwim the input, set the error message to be explicit about that. Otherwise we leave the error for the last failed lookup, which can be rather unexpected as it mentions a remote when the user thought they were trying to look up a branch.

ab062a39

2016-04-06T10:37:30

tests: fix core/stream test when built with openssl off When passing -DUSE_OPENSSL:BOOL=OFF to cmake the testsuite will fail with the following error: core::stream::register_tls [/tmp/libgit2/tests/core/stream.c:40] Function call failed: (error) error -1 - <no message> Fix test to assume failure for tls when built without openssl. While at it also fix GIT_WIN32 cpp to check if it's defined or not.

fe1f4777

2016-03-31T11:35:53

Add a no-op size_t typedef for the doc parser Clang's documentation parser, which we use in our documentation system does not report any comments for functions which use size_t as a type. The root cause is buried somewhere in libclang but we can work around it by defining the type ourselves. This typedef makes sure that libclang sees it and that we do not change its size.

56da07cb

2016-03-31T11:32:36

xdiff/xprepare: fix a memory leak The xdl_prepare_env() function may initialise an xdlclassifier_t data structure via xdl_init_classifier(), which allocates memory to several fields, for example 'rchash', 'rcrecs' and 'ncha'. If this function later exits due to the failure of xdl_optimize_ctxs(), then this xdlclassifier_t structure, and the memory allocated to it, is not cleaned up. In order to fix the memory leak, insert a call to xdl_free_classifier() before returning. This patch was originally written by Ramsay Jones (see commit 87f16258367a3b9a62663b11f898a4a6f3c19d31 in git.git).

3ec0f2e3

2016-03-31T11:30:31

xdiff/xprepare: use the XDF_DIFF_ALG() macro to access flag bits Commit 307ab20b3 ("xdiff: PATIENCE/HISTOGRAM are not independent option bits", 19-02-2012) introduced the XDF_DIFF_ALG() macro to access the flag bits used to represent the diff algorithm requested. In addition, code which had used explicit manipulation of the flag bits was changed to use the macros. However, one example of direct manipulation remains. Update this code to use the XDF_DIFF_ALG() macro. This patch was originally written by Ramsay Jones (see commit 5cd6978a9cfef58de061a9525f3678ade479564d in git.git).

c86a65be

2016-03-21T21:10:26

config: don't special-case multivars that don't exist yet This special-casing ignores that we might have a locked file, so the hashtable does not represent the contents of the file we want to write. This causes multivar writes to overwrite entries instead of add to them when under lock. There is no need for this as the normal code-path will write to the file just fine, so simply get rid of it.

a1cf2644

2016-03-18T13:00:27

win32: free thread-local data on thread exit

e97d2d70

2016-03-17T10:45:22

commit: fix extraction of single-line signatures The function to extract signatures suffers from a similar bug to the header field finding one by having an unecessary line feed check as a break condition of its loop. Fix that and add a test for this single-line signature situation.

d8fcafb2

2016-03-16T19:05:11

Split the page size from the mmap alignment While often similar, these are not the same on Windows. We want to use the page size on Windows for the pools, but for mmap we need to use the allocation granularity as the alignment. On the other platforms these values remain the same.

9a668abd

2016-03-15T18:32:37

Option "LIBGIT2_PREFIX" to set the CMAKE's TARGET_PROPERTIES PREFIX This is especially useful in combination with MinGW to yield the Windows-compliant DLL name "git2.dll" instead of "libgit2.dll"

f587f38c

2016-03-15T18:20:32

CMake: do not overwrite but only append to CMAKE_C_FLAGS_DEBUG This is useful to force "smart" IDEs (like CLIon) to use debug flag -g even it may have decided that "-D_DEBUG" (which is already present) is sufficient.

cdde081b

2016-03-14T12:41:41

Use general cl_git_fail because the error is generic

4e91020c

2016-03-14T12:41:12

Start error string with lower case character

c1ec732f

2016-03-14T12:02:00

Setup better defaults for OpenSSL ciphers This ensures that when using OpenSSL a safe default set of ciphers is selected. This is done so that the client communicates securely and we don't accidentally enable unsafe ciphers like RC4, or even worse some old export ciphers. Implements the first part of https://github.com/libgit2/libgit2/issues/3682

89e7604c

2016-03-10T17:21:02

config_cache: check return value of `git_config__lookup_entry` Callers of `git_config__cvar` already handle the case where the function returns an error due to a failed configuration variable lookup, but we are actually swallowing errors when calling `git_config__lookup_entry` inside of the function. Fix this by returning early when `git_config__lookup_entry` returns an error. As we call `git_config__lookup_entry` with `no_errors == false` which leads us to call `get_entry` with `GET_NO_MISSING` we will not return early when the lookup fails due to a missing entry. Like this we are still able to set the default value of the cvar and exit successfully.

18c4ae70

2016-03-10T17:05:30

filebuf: handle write error in `lock_file` When writing to a file with locking not check if writing the locked file actually succeeds. Fix the issue by returning error code and message when writing fails.

f17ed637

2016-03-10T16:42:55

blame: handle error when resoling HEAD in normalize_options When normalizing options we try to look up HEAD's OID. While this action may fail in malformed repositories we never check the return value of the function. Fix the issue by converting `normalize_options` to actually return an error and handle the error in `git_blame_file`.

dd78d7d1

2016-03-10T16:33:49

blame_git: handle error returned by `git_commit_parent`

8d3ee96a

2016-03-10T16:11:51

refdb_fs: fail if refcache returns NULL pointer We usually check entries returned by `git_sortedcache_entry` for NULL pointers. As we have a write lock in `packed_write`, though, it really should not happen that the function returns NULL. Assert that ref is not NULL to silence a Coverity warning.

0b357e2e

2016-03-02T01:50:34

coverity: report errors when uploading tarball Curl by default does not report errors by setting the error code. As the upload can fail through several conditions (e.g. the rate limit, leading to unauthorized access) we should indicate this information in Travis CI. To improve upon the behavior, use `--write-out=%{http_code}` to write out the HTTP code in addition to the received body and return an error if the code does not equal 201.

851c51ab

2016-03-10T10:40:47

diff_tform: fix potential NULL pointer access When the user passes in a diff which has no repository associated we may call `git_config__get_int_force` with a NULL-pointer configuration. Even though `git_config__get_int_force` is designed to swallow errors, it is not intended to be called with a NULL pointer configuration. Fix the issue by only calling `git_config__get_int_force` only when configuration could be retrieved from the repository.

d96c0638

2016-03-01T19:11:33

submodule: avoid passing NULL pointers to strncmp In C89 it is undefined behavior to pass `NULL` pointers to `strncmp` and later on in C99 it has been explicitly stated that functions with an argument declared as `size_t nmemb` specifying the array length shall always have valid parameters, no matter if `nmemb` is 0 or not (see ISO 9899 §7.21.1.2). The function `str_equal_no_trailing_slash` always passes its parameters to `strncmp` if their lengths match. This means if one parameter is `NULL` and the other one either `NULL` or a string with length 0 we will pass the pointers to `strncmp` and cause undefined behavior. Fix this by explicitly handling the case when both lengths are 0.

1a16e8b0

2016-03-01T17:55:40

pack-objects: fix memory leak on overflow

e114bbac

2016-03-01T16:00:49

index: assert required OID are non-NULL

d0780b81

2016-03-01T15:35:45

object: avoid call of memset with ouf of bounds pointer When computing a short OID we do this by first copying the leading parts into the new OID structure and then setting the trailing part to zero. In the case of the desired length being `GIT_OID_HEXSZ - 1` we will call `memset` with an out of bounds pointer and a length of 0. While this seems to cause no problems for common platforms the C89 standard does not explicitly state that calling `memset` with an out of bounds pointer and length of 0 is valid. Fix the potential issue by using the newly introduced `git_oid__cpy_prefix` function.

fa4b93a6

2016-04-11T15:57:23

backport git_oid__cpy_prefix

faf823dc

2016-03-11T09:58:38

tests: transport: fix memory leaks with registering transports

0370dae1

2016-02-25T18:15:02

Check for __CLANG_INTTYPES_H This fixes an issue in Xcode 7.3 in objective-git where we get the error "Include of non-modular header file in module". Not importing this header again fixes the issue.

e39ad747

2016-03-01T14:40:17

config_file: handle missing quotation marks in section header When parsing a section header we expect something along the format of '[section "subsection"]'. When a section is mal-formated and is entirely missing its quotation marks we catch this case by observing that `strchr(line, '"') - strrchr(line, '"') = NULL - NULL = 0` and error out. Unfortunately, the error message is misleading though, as we state that we are missing the closing quotation mark while we in fact miss both quotation marks. Improve the error message by explicitly checking if the first quotation mark could be found and, if not, stating that quotation marks are completely missing.

ffb1f419

2016-03-01T14:24:09

describe: handle error code returned by git_pqueue_insert

4ebf745f

2016-03-09T11:16:16

mwindow: free unused windows if we fail to mmap The first time may be due to memory fragmentation or just bad luck on a 32-bit system. When we hit the mmap error for the first time, free up the unused windows and try again.

9ee498e8

2016-03-08T10:16:37

Only buffer if necessary.

eb09ead2

2016-03-04T01:18:30

odb: improved not found error messages When looking up an abbreviated oid, show the actual (abbreviated) oid the caller passed instead of a full (but ambiguously truncated) oid.

cdded630

2016-01-13T11:07:14

Remove duplicated calls to git_mwindow_close

thodg/libgit2

Log