tests/commit


Log

Author Commit Date CI Message
Patrick Steinhardt 52f859fd 2018-11-09T19:32:08 signature: fix out-of-bounds read when parsing timezone offset When parsing a signature's timezone offset, we first check whether there is a timezone at all by verifying that there are still bytes left to read following the time itself. The check thus looks like `time_end + 1 < buffer_end`, which is actually correct in this case. After setting the timezone's start pointer to that location, we compute the remaining bytes by using the formula `buffer_end - tz_start + 1`, re-using the previous `time_end + 1`. But this is in fact missing the braces around `(tz_start + 1)`, thus leading to an overestimation of the remaining bytes by a length of two. In case of a non-NUL terminated buffer, this will result in an overflow. The function `git_signature__parse` is only used in two locations. First is `git_signature_from_buffer`, which only accepts a string without a length. The string thus necessarily has to be NUL terminated and cannot trigger the issue. The other function is `git_commit__parse_raw`, which can in fact trigger the error as it may receive non-NUL terminated commit data. But as objects read from the ODB are always NUL-terminated by us as a cautionary measure, it cannot trigger the issue either. In other words, this error does not have any impact on security.
Patrick Steinhardt 9994cd3f 2018-06-25T11:56:52 treewide: remove use of C++ style comments C++ style comment ("//") are not specified by the ISO C90 standard and thus do not conform to it. While libgit2 aims to conform to C90, we did not enforce it until now, which is why quite a lot of these non-conforming comments have snuck into our codebase. Do a tree-wide conversion of all C++ style comments to the supported C style comments to allow us enforcing strict C90 compliance in a later commit.
Patrick Steinhardt ecf4f33a 2018-02-08T11:14:48 Convert usage of `git_buf_free` to new `git_buf_dispose`
Henry Kleynhans f063dafb 2017-11-12T10:56:50 signature: distinguish +0000 and -0000 UTC offsets Git considers '-0000' a valid offset for signature lines. They need to be treated as _not_ equal to a '+0000' signature offset. Parsing a signature line stores the offset in a signed integer which does not distinguish between `+0` and `-0`. This patch adds an additional flag `sign` to the `git_time` in the `signature` object which is populated with the sign of the offset. In addition to exposing this information to the user, this information is also used to compare signatures. /cc @pks-t @ethomson
John Haley 5785ae9b 2016-05-04T11:14:17 Fix initial commit test `test_commit_commit__create_initial_commit_parent_not_current` was not correctly testing that `HEAD` was not changed. Now we grab the oid that it was pointing to before the call to `git_commit_create` and the oid that it's pointing to afterwards and compare those.
John Haley 4f22ccb9 2016-05-03T13:32:22 Add tests for creating an initial commit
Edward Thomson d383c39b 2016-04-28T12:47:14 Introduce `git_signature_from_buffer` Allow users to construct a signature from the type of signature lines that actually appear in commits.
Edward Thomson ba349322 2016-03-17T06:57:56 Merge pull request #3673 from libgit2/cmn/commit-with-signature commit: add function to attach a signature to a commit
Carlos Martín Nieto bf804d40 2016-03-17T10:45:22 commit: fix extraction of single-line signatures The function to extract signatures suffers from a similar bug to the header field finding one by having an unecessary line feed check as a break condition of its loop. Fix that and add a test for this single-line signature situation.
Carlos Martín Nieto 02d61a3b 2016-03-10T10:53:20 commit: add function to attach a signature to a commit In combination with the function which creates a commit into a buffer, this allows us to more easily create signed commits.
Carlos Martín Nieto 47cb42da 2016-03-03T22:56:02 commit: split creating the commit and writing it out Sometimes you want to create a commit but not write it out to the objectdb immediately. For these cases, provide a new function to retrieve the buffer instead of having to go through the db.
Edward Thomson f2dddf52 2016-02-28T15:51:38 turn on strict object validation by default
Edward Thomson ef63bab3 2016-02-23T13:34:35 git_commit: validate tree and parent ids When `GIT_OPT_ENABLE_STRICT_OBJECT_CREATION` is turned on, validate the tree and parent ids given to commit creation functions.
Carlos Martín Nieto eadd0f05 2016-02-16T14:06:48 commit: expose the different kinds of errors We should be checking whether the object we're looking up is a commit, and we should let the caller know whether the not-found return code comes from a bad object type or just a missing signature.
Carlos Martín Nieto 460ae11f 2016-02-11T22:19:20 commit: don't forget the last header field When we moved the logic to handle the first one, wrong loop logic was kept in place which meant we still finished early. But we now notice it because we're not reading past the last LF we find. This was not noticed before as the last field in the tested commit was multi-line which does not trigger the early break.
Vicent Marti 488e2b85 2016-02-09T16:26:58 Merge pull request #3599 from libgit2/gpgsign Introduce git_commit_extract_signature
Carlos Martín Nieto a65afb75 2016-02-08T18:51:13 Introduce git_commit_extract_signature This returns the GPG signature for a commit and its contents without the signature block, allowing for the verification of the commit's signature.
Carlos Martín Nieto f55eca16 2016-02-09T07:17:26 commit: also match the first header field when searching We were searching only past the first header field, which meant we were unable to find e.g. `tree` which is the first field. While here, make sure to set an error message in case we cannot find the field.
Vicent Marti 5951445f 2015-12-17T10:13:04 commit: Fix memory leak in test suite
Patrick Steinhardt 7f8fe1d4 2015-12-01T10:03:56 commit: introduce `git_commit_body` It is already possible to get a commit's summary with the `git_commit_summary` function. It is not possible to get the remaining part of the commit message, that is the commit message's body. Fix this by introducing a new function `git_commit_body`.
Stjepan Rajko f5f96a23 2015-10-09T10:41:06 Fix git_commit_summary to convert newlines to spaces even after whitespace. Collapse spaces around newlines for the summary.
Vicent Marti 307c4a2b 2015-10-21T11:58:44 signature: Strip crud just like Git does
Carlos Martín Nieto a3f42fe8 2015-06-22T15:32:29 commit: allow retrieving an arbitrary header field This allows the user to look up fields which we don't parse in libgit2, and allows them to access gpgsig or mergetag fields if they wish to check the signature.
Carlos Martín Nieto 65d69fe8 2015-06-11T08:24:58 commit: ignore multiple author fields Some tools create multiple author fields. git is rather lax when parsing them, although fsck does complain about them. This means that they exist in the wild. As it's not too taxing to check for them, and there shouldn't be a noticeable slowdown when dealing with correct commits, add logic to skip over these extra fields when parsing the commit.
Carlos Martín Nieto 659cf202 2015-01-07T12:23:05 Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.
Carlos Martín Nieto 76e3c43f 2014-09-10T18:13:34 signature: don't allow empty emails A signature is made up of a non-empty name and a non-empty email so let's validate that. This also brings us more in line with git, which also rejects ident with an empty email.
Edward Thomson 0cee70eb 2014-07-01T14:09:01 Introduce cl_assert_equal_oid
Carlos Martín Nieto 217c029b 2014-04-09T14:08:22 commit: safer commit creation with reference update The current version of the commit creation and amend function are unsafe to use when passing the update_ref parameter, as they do not check that the reference at the moment of update points to what the user expects. Make sure that we're moving history forward when we ask the library to update the reference for us by checking that the first parent of the new commit is the current value of the reference. We also make sure that the ref we're updating hasn't moved between the read and the write. Similarly, when amending a commit, make sure that the current tip of the branch is the commit we're amending.
Ben Straub 0adb0606 2014-02-04T15:32:57 Fix reflog message when creating commits
Edward Thomson 238e8149 2014-01-22T14:41:04 Summarize empty messages
Carlos Martín Nieto 0b28217b 2014-01-15T12:51:31 refs: remove the _with_log differentiation Any well-behaved program should write a descriptive message to the reflog whenever it updates a reference. Let's make this more prominent by removing the version without the reflog parameters.
Edward Thomson 300d192f 2013-12-02T11:15:27 Introduce git_revert to revert a single commit
Ben Straub 17820381 2013-11-14T14:05:52 Rename tests-clar to tests