src


Log

Author Commit Date CI Message
Patrick Steinhardt ade0d9c6 2017-02-13T13:46:17 commit: avoid possible use-after-free When extracting a commit's signature, we first free the object and only afterwards put its signature contents into the result buffer. This works in most cases - the free'd object will normally be cached anyway, so we only end up decrementing its reference count without actually freeing its contents. But in some more exotic setups, where caching is disabled, this can definitly be a problem, as we might be the only instance currently holding a reference to this object. Fix this issue by first extracting the contents and freeing the object afterwards only.
Patrick Steinhardt dc851d9e 2017-02-13T13:42:16 commit: clear user-provided buffers The functions `git_commit_header_field` and `git_commit_extract_signature` both receive buffers used to hand back the results to the user. While these functions called `git_buf_sanitize` on these buffers, this is not the right thing to do, as it will simply initialize or zero-terminate passed buffers. As we want to overwrite contents, we instead have to call `git_buf_clear` to completely reset them.
Patrick Steinhardt cdb2c2a0 2017-02-13T13:31:37 buffer: clarify how `git_buf_sanitize` handles non-NULL input When `git_buf_sanitize` gets called, it converts a buffer with NULL content to be correctly initialized. This is done by pointing it to `git_buf__initbuf`. While the method's documentation states this clearly, it may also lead to the conclusion that it will do the same to buffers which do _not_ have NULL contents. Clarify behavior when passing a buffer with non-NULL contents, where `git_buf_sanitize` will ensure that the contents are `\0`-terminated.
Patrick Steinhardt 1ba242c9 2017-02-03T13:52:23 worktree: extract git_worktree_is_prunable
Patrick Steinhardt 39abd3ad 2016-11-04T13:39:54 worktree: compute workdir for worktrees opened via their gitdir When opening a worktree via the gitdir of its parent repository we fail to correctly set up the worktree's working directory. The problem here is two-fold: we first fail to see that the gitdir actually is a gitdir of a working tree and then subsequently fail to determine the working tree location from the gitdir. The first problem of not noticing a gitdir belongs to a worktree can be solved by checking for the existence of a `gitdir` file in the gitdir. This file points back to the gitlink file located in the working tree's working directory. As this file only exists for worktrees, it should be sufficient indication of the gitdir belonging to a worktree. The second problem, that is determining the location of the worktree's working directory, can then be solved by reading the `gitdir` file in the working directory's gitdir. When we now resolve relative paths and strip the final `.git` component, we have the actual worktree's working directory location.
Patrick Steinhardt 84f56cb0 2016-11-04T11:59:52 repository: rename `path_repository` and `path_gitlink` The `path_repository` variable is actually confusing to think about, as it is not always clear what the repository actually is. It may either be the path to the folder containing worktree and .git directory, the path to .git itself, a worktree or something entirely different. Actually, the intent of the variable is to hold the path to the gitdir, which is either the .git directory or the bare repository. Rename the variable to `gitdir` to avoid confusion. While at it, also rename `path_gitlink` to `gitlink` to improve consistency.
Patrick Steinhardt 384518d0 2015-10-27T14:17:52 repository: restrict checking out checked out branches If a branch is already checked out in a working tree we are not allowed to check out that branch in another repository. Introduce this restriction when setting a repository's HEAD.
Patrick Steinhardt 143e539f 2015-11-06T12:33:59 branch: restrict branch deletion for worktrees Restrict the ability to delete branches that are checked out in any linked repository.
Patrick Steinhardt e3acd37b 2015-11-06T12:08:15 branch: implement `git_branch_is_checked_out` Implement a new function that is able to determine if a branch is checked out in any repository connected to the current repository. In particular, this is required to check if for a given repository and branch, there exists any working tree connected to that repository that is referencing this branch.
Patrick Steinhardt 04fb12ab 2015-10-27T12:37:51 worktree: implement functions reading HEAD Implement `git_repository_head_for_worktree` and `git_repository_head_detached_for_worktree` for directly accessing a worktree's HEAD without opening it as a `git_repository` first.
Patrick Steinhardt f0cfc341 2015-10-21T13:53:18 worktree: implement `git_worktree_prune` Implement the `git_worktree_prune` function. This function can be used to delete working trees from a repository. According to the flags passed to it, it can either delete the working tree's gitdir only or both gitdir and the working directory.
Patrick Steinhardt 2a503485 2015-10-21T16:03:04 worktree: implement locking mechanisms Working trees support locking by creating a file `locked` inside the tree's gitdir with an optional reason inside. Support this feature by adding functions to get and set the locking status.
Patrick Steinhardt dea7488e 2015-10-23T14:11:44 worktree: implement `git_worktree_add` Implement the `git_worktree_add` function which can be used to create new working trees for a given repository.
Patrick Steinhardt 372dc9ff 2015-10-21T13:49:55 worktree: implement `git_worktree_validate` Add a new function that checks wether a given `struct git_worktree` is valid. The validation includes checking if the gitdir, parent directory and common directory are present.
Patrick Steinhardt 8c8d726e 2015-10-21T12:10:30 worktree: implement `git_repository_open_from_worktree` Add function `git_repository_open_from_worktree`, which allows to open a `git_worktree` as repository.
Patrick Steinhardt cb3269c9 2016-11-11T13:46:59 repository: add function to retrieve paths for repo items
Patrick Steinhardt d3bc09e8 2015-10-21T12:02:31 worktree: introduce `struct git_worktree` Introduce a new `struct git_worktree`, which holds information about a possible working tree connected to a repository. Introduce functions to allow opening working trees for a repository.
Patrick Steinhardt 45f2b7a4 2015-10-21T11:48:02 worktree: implement `git_worktree_list` Add new module for working trees with the `git_worktree_list` function. The function lists names for all working trees of a certain repository.
Patrick Steinhardt 854b5c70 2015-10-26T16:21:09 repository: expose `repo_init_create_head` Expose the function `repo_init_create_head` as `git_repository_create_head`.
Patrick Steinhardt 4292837d 2015-09-24T14:37:10 config: open configuration in commondir A repository's configuartion file can always be found in the GIT_COMMON_DIR, which has been newly introduced. For normal repositories this does change nothing, but for working trees this change allows to access the shared configuration file.
Patrick Steinhardt e9403024 2015-09-24T15:32:26 refdb: look for reflog in commondir
Patrick Steinhardt e0a6c28e 2015-09-16T16:09:24 refdb: introduce commondir awareness The refdb_fs_backend is not aware of the git commondir, which stores common objects like the o bject database and packed/loose refereensces when worktrees are used. Make refdb_fs_backend aware of the common directory by introducing a new commonpath variable that points to the actual common path of the database and using it instead of the gitdir for the mentioned objects.
Patrick Steinhardt 71dd0861 2015-09-17T11:40:55 refdb: rename refdb_fs_backend's .path to .gitpath The variable '.path' of the refdb_fs_backend struct becomes confusing regarding the introduction of the git commondir. It does not immediatly become obvious what it should point to. Fix this problem by renaming the variable to `gitpath`, clarifying that it acutally points to the `.git` directory of the repository, in contrast to the commonpath directory, which points to the directory containing shared objects like references and the object store.
Patrick Steinhardt 79ab3ef6 2015-10-15T15:58:05 repository: introduce is_worktree variable
Patrick Steinhardt c5f3da96 2016-11-11T14:36:43 repository: use `git_repository_item_path` The recent introduction of the commondir variable of a repository requires callers to distinguish whether their files are part of the dot-git directory or the common directory shared between multpile worktrees. In order to take the burden from callers and unify knowledge on which files reside where, the `git_repository_item_path` function has been introduced which encapsulate this knowledge. Modify most existing callers of `git_repository_path` to use `git_repository_item_path` instead, thus making them implicitly aware of the common directory.
Patrick Steinhardt c09fd54e 2015-09-16T12:10:11 repository: introduce commondir variable The commondir variable stores the path to the common directory. The common directory is used to store objects and references shared across multiple repositories. A current use case is the newly introduced `git worktree` feature, which sets up a separate working copy, where the backing git object store and references are pointed to by the common directory.
Edward Thomson b0c3fa36 2017-02-10T16:15:41 Merge pull request #4112 from cbargren/fix/proxy-env-vars Add support for lowercase proxy environment variables
Christopher Bargren 61189a11 2017-02-10T07:59:22 Fixing a code style issue
Edward Thomson 683ff4f3 2017-02-10T11:01:23 Merge pull request #4111 from pks-t/pks/dos-prefix dirname with DOS prefixes
Edward Thomson 191474a1 2017-02-09T18:28:19 diff: don't do rename detection on submodules
Edward Thomson 95367366 2017-02-09T16:57:22 merge: don't do rename detection on submodules
Edward Thomson b4bd5e84 2017-02-09T09:27:04 Merge pull request #4104 from cbargren/fix/windows-digest-proxy Fix digest credentials for proxy in windows
Christopher Bargren 2af282d8 2017-02-08T15:01:30 Addressing PR feedback
Christopher Bargren 5f3276c7 2017-02-07T16:33:28 Add support for lowercase proxy environment variables curl supports HTTPS_PROXY in addition to https_proxy (and their http counterparts). This change ensures parity with curl's behavior.
Patrick Steinhardt 9e8d75c7 2017-02-08T11:41:10 path: ensure dirname on Win32 prefix always has a trailing '/' When calling `git_path_dirname_r` on a Win32 prefix, e.g. a drive or network share prefix, we always want to return the trailing '/'. This does not work currently when passing in a path like 'C:', where the '/' would not be appended correctly. Fix this by appending a '/' if we try to normalize a Win32 prefix and there is no trailing '/'.
Patrick Steinhardt 5d59520c 2017-02-07T20:30:11 path: get correct dirname for Windows root Getting the dirname of a filesystem root should return the filesystem root itself. E.g. the dirname of "/" is always "/". On Windows, we emulate this behavior and as such, we should return e.g. "C:/" if calling dirname on "C:/". But we currently fail to do so and instead return ".", as we do not check if we actually have a Windows prefix before stripping off the last directory component. Fix this by calling out to `win32_prefix_length` immediately after stripping trailing slashes, returning early if we have a prefix.
Patrick Steinhardt d8c06070 2017-02-07T20:21:38 path: extract `win32_path_prefix` function Extract code which determines if a path is at a Windows system's root. This incluses drive prefixes (e.g. "C:\") as well as network computer names (e.g. "//computername/").
Christopher Bargren 1e929eb5 2017-02-06T11:00:06 Pass proxy options payload to credentials callback
Chris Bargren fa2dfcf9 2017-02-01T09:28:30 Fix digest credentials for proxy in windows
Patrick Steinhardt f47db3c7 2017-02-02T16:02:57 vector: do not reverse a vector if it is empty The code reversing a vector initially determines the rear-pointer by simply subtracting 1 from the vector's length. Obviously, this fails if the vector is empty, in which case we have an integer overflow. Fix the issue by returning early if the vector is empty.
Matthew Plough d0c418c0 2017-01-27T12:49:48 Fix uninitialized variable warning Fix the following warning emitted by clang: [ 16%] Building C object CMakeFiles/libgit2_clar.dir/src/submodule.c.o /Users/mplough/devel/external/libgit2/src/submodule.c:408:6: warning: variable 'i' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized] if ((error = load_submodule_names(names, cfg))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /Users/mplough/devel/external/libgit2/src/submodule.c:448:20: note: uninitialized use occurs here git_iterator_free(i); ^ /Users/mplough/devel/external/libgit2/src/submodule.c:408:2: note: remove the 'if' if its condition is always false if ((error = load_submodule_names(names, cfg))) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /Users/mplough/devel/external/libgit2/src/submodule.c:404:17: note: initialize the variable 'i' to silence this warning git_iterator *i; ^ = NULL 1 warning generated.
Carlos Martín Nieto 8df1cfc9 2017-01-24T21:26:41 Merge pull request #4086 from libgit2/ethomson/fixes WIP: some coverity & compiler warning fixes
Carlos Martín Nieto 9b51cc82 2017-01-24T21:10:46 Merge pull request #4050 from ethomson/ethomson/winhttp_errmsgs WinHTTP: set proper error messages when SSL fails
Edward Thomson 7f66a70e 2017-01-23T23:00:00 attr_cache_remove: don't remove given file If `attr_cache_lookup_entry` fails to find the given file, make sure that we do not try to free the given file.
Edward Thomson a0d38479 2017-01-22T01:42:45 mac: on 32 bit, use `__builtin_umull_overflow`
Edward Thomson 60c2bf47 2017-01-22T00:58:41 submodule: only examine idx & head given a config
Edward Thomson 0fbff82b 2017-01-22T00:30:02 submodule: don't double free during load failure When we fail to load submodules, don't free the list; it is later freed unconditionally.
Etienne Samson e2b3dc16 2017-01-23T13:29:47 variable 'i' is used uninitialized whenever 'if' condition is true
Edward Thomson 185fe9c1 2017-01-21T23:58:41 Merge pull request #4051 from tiennou/clang-analyzer-1 Clang analyzer run
Edward Thomson 048c5ea7 2017-01-21T23:55:21 Merge pull request #4053 from chescock/extend-packfile-by-pages Extend packfile in increments of page_size.
Edward Thomson 8d3b39a6 2017-01-21T23:50:38 Merge branch 'pr/3912'
Edward Thomson 28d0ba0b 2017-01-21T23:45:23 symbolic ref target validation: fixups Fixups requested in #3912.
Edward Thomson 1910a04a 2016-12-30T12:42:42 winhttp: set proper cert failure error messages Set up a WinHTTP status callback; inspect the WinHTTP status for WINHTTP_CALLBACK_STATUS_SECURE_FAILURE, and convert the status code to a useful message for callers.
Edward Thomson 44e8af8f 2017-01-21T22:51:50 Merge pull request #3892 from mitesch/shared_buffer Use a shared buffer in calls of git_treebuilder_write to avoid heap contention
Edward Thomson 9e78b727 2017-01-21T22:39:59 Merge branch 'master' into pr/3938
Edward Thomson 87b7a705 2017-01-21T15:44:57 indexer: avoid warning about `idx->pack` It must be non-NULL to have a valid `git_indexer`.
Edward Thomson bf339ab0 2017-01-21T14:51:31 indexer: introduce `git_packfile_close` Encapsulation!
Edward Thomson 98f53872 2017-01-21T18:57:28 Merge pull request #4016 from novalis/submodule-optimization Submodule optimization
Edward Thomson 52949c80 2017-01-21T18:30:12 Merge branch 'pr/4060'
Edward Thomson d030bba9 2017-01-21T17:15:33 indexer: only delete temp file if it was unused Only try to `unlink` our temp file when we know that we didn't copy it into its permanent location.
Brock Peabody 673dff88 2016-11-23T18:32:55 Skip submodule head/index update when caching. `git_submodule_status` is very slow, bottlenecked on `git_repository_head_tree`, which it uses through `submodule_update_head`. If the user has requested submodule caching, assume that they want this status cached too and skip it. Signed-off-by: David Turner <dturner@twosigma.com>
Brock Peabody 4d99c4cf 2016-11-23T18:32:48 Allow for caching of submodules. Added `git_repository_submodule_cache_all` to initialze a cache of submodules on the repository so that operations looking up N submodules are O(N) and not O(N^2). Added a `git_repository_submodule_cache_clear` function to remove the cache. Also optimized the function that loads all submodules as it was itself O(N^2) w.r.t the number of submodules, having to loop through the `.gitmodules` file once per submodule. I changed it to process the `.gitmodules` file once, into a map. Signed-off-by: David Turner <dturner@twosigma.com>
David Turner ca05857e 2016-11-23T18:26:19 Fix formatting Signed-off-by: David Turner <dturner@twosigma.com>
Edward Thomson 4e4a1460 2016-12-30T12:13:34 WinHTTP: support best auth mechanism For username/password credentials, support NTLM or Basic (in that order of priority). Use the WinHTTP built-in authentication support for both, and maintain a bitfield of the supported mechanisms from the response.
Edward Thomson cb76eed5 2017-01-14T17:41:49 Merge pull request #4054 from jfultz/jfultz/fix_GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH Fix handling of GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH flag.
Carlos Martín Nieto 2854e619 2017-01-14T17:12:23 Merge pull request #4061 from libgit2/ethomson/merge_opts merge: set default rename threshold
lhchavez f5586f5c 2017-01-14T16:37:00 Addressed review feedback
Etienne Samson 49be45a1 2016-12-26T22:15:31 pack: report revwalk error
Etienne Samson b0014063 2016-12-26T22:13:35 patch: memory leak of patch.base.diff_opts.new|old_prefix
Etienne Samson 8a349bf2 2016-12-26T14:47:55 ignore: there must be a repository Otherwise we'll NULL-dereference in git_attr_cache__init
Carlos Martín Nieto a6d833a2 2017-01-13T17:05:58 Merge pull request #4049 from libgit2/ethomson/error_msgs giterr_set: consistent error messages
Carlos Martín Nieto ee89941f 2017-01-09T20:59:43 Merge remote-tracking branch 'upstream/maint/v0.25'
Edward Thomson 6850b516 2017-01-06T17:12:16 Merge branch '25_smartpktparse' into maint/v0.25
Patrick Steinhardt 2fdef641 2016-11-15T11:44:51 smart_pkt: treat empty packet lines as error The Git protocol does not specify what should happen in the case of an empty packet line (that is a packet line "0004"). We currently indicate success, but do not return a packet in the case where we hit an empty line. The smart protocol was not prepared to handle such packets in all cases, though, resulting in a `NULL` pointer dereference. Fix the issue by returning an error instead. As such kind of packets is not even specified by upstream, this is the right thing to do.
Patrick Steinhardt 66e3774d 2016-11-15T11:36:27 smart_pkt: verify packet length exceeds PKT_LEN_SIZE Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted length can either be equal to zero in case of a flush packet or has to be at least of length four, as it also includes the encoded length itself. Not checking this may result in a buffer overflow as we directly pass the length to functions which accept a `size_t` length as parameter. Fix the issue by verifying that non-flush packets have at least a length of `PKT_LEN_SIZE`.
Etienne Samson 9a64e62f 2016-12-21T21:24:33 http: check certificate validity before clobbering the error variable
lhchavez 96df833b 2017-01-03T19:15:09 Close the file before unlinking I forgot that Windows chokes while trying to delete open files.
Edward Thomson 19ed4d0c 2017-01-01T22:19:23 merge: set default rename threshold When `GIT_MERGE_FIND_RENAMES` is set, provide a default for `rename_threshold` when it is unset.
lhchavez db535d0a 2017-01-01T12:45:02 Delete temporary packfile in indexer This change deletes the temporary packfile that the indexer creates to avoid littering the pack/ directory with garbage.
Edward Thomson 42ad85ef 2016-12-30T16:35:24 Merge pull request #4043 from fudanchii/fudanchii/openbsd Fix BIO_* functions method linking when compiled with libressl (OpenBSD).
John Fultz 5f959dca 2016-12-29T19:26:50 Fix handling of GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH flag. git_checkout_tree() sets up its working directory iterator to respect the pathlist if GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH is present, which is great. What's not so great is that this iterator is then used side-by-side with an iterator created by git_checkout_iterator(), which did not set up its pathlist appropriately (although the iterator mirrors all other iterator options). This could cause git_checkout_tree() to delete working tree files which were not specified in the pathlist when GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH was used, as the unsynchronized iterators causes git_checkout_tree() to think that files have been deleted between the two trees. Oops. And added a test which fails without this fix (specifically, the final check for "testrepo/README" to still be present fails).
Chris Hescock c7a1535f 2016-12-29T11:47:52 Extend packfile in increments of page_size. This improves performance by reducing the number of I/O operations.
Edward Thomson 909d5494 2016-12-29T12:25:15 giterr_set: consistent error messages Error messages should be sentence fragments, and therefore: 1. Should not begin with a capital letter, 2. Should not conclude with punctuation, and 3. Should not end a sentence and begin a new one
Jacques Germishuys f928c69a 2016-12-29T12:54:26 rebase: check the result code of rebase_init_merge
Jacques Germishuys 6a8127d7 2016-12-25T22:13:48 mempack: set the odb backend version
Nurahmadie 567b83de 2016-12-24T17:43:08 Fix BIO_* functions method linking when compiled with libressl. ref: https://github.com/gentoo/libressl/blob/672ac74ce7b7cb2e4799b2d66bc0b1b1efa3454e/media-video/ffmpeg/files/ffmpeg-3.2-libressl.patch
Carlos Martín Nieto fafafb1f 2016-12-20T16:19:30 http: bump the pretend git version in the User-Agent We want to keep the git UA in order for services to recognise that we're a Git client and not a browser. But in order to stop dumb HTTP some services have blocked UAs that claim to be pre-1.6.6 git. Thread these needles by using the "git/2.0" prefix which is still close enough to git's yet distinct enough that you can tell it's us.
Edward Thomson 8d7717c4 2016-12-20T15:32:49 Merge pull request #4034 from libgit2/cmn/sysdir-no-reguess sysdir: don't re-guess when using variable substitution
Edward Thomson f91f170f 2016-12-20T15:28:46 Merge pull request #4032 from libgit2/cmn/https-cap-no-hardcode Don't hard-code HTTPS cap & clarify the meanings of the features enum
Carlos Martín Nieto 3714c13a 2016-12-19T17:28:41 Merge pull request #4026 from libgit2/cmn/refdb-fs-errors refdb: bubble up recursive rm when locking a ref
Carlos Martín Nieto 903955f7 2016-12-19T17:26:09 Merge pull request #4027 from pks-t/pks/pack-deref-cache-on-error pack: dereference cached pack entry on error
Carlos Martín Nieto 9f09f290 2016-12-17T18:20:29 sysdir: don't guess the paths again when $PATH is specified We should replace it with whatever the user set, not start again.
Andreas Henriksson 23c9ff86 2016-12-17T17:33:13 Fix off-by-one problems in git_signature__parse Etc/GMT-14 aka UTC+14:00 is a thing.... https://en.wikipedia.org/wiki/UTC%2B14:00 Also allow offsets on the last minute (59). Addresses: https://bugs.debian.org/841532 Fixes: #3970
Carlos Martín Nieto 061a0ad1 2016-12-17T14:23:35 settings: don't hard-code HTTPS capability This partially reverts bdec62dce1c17465b7330100ea2f71e63fc411dd which activates the transport code-paths which allow you to use a custom TLS implementation without having to have one at build-time. However the capabilities describe how libgit2 was built, not what it could potentially support, bring back the ifdefs so we only say we support HTTPS if libgit2 was itself built with a TLS implementation.
Carlos Martín Nieto 6ab65b80 2016-12-11T17:56:38 refdb: bubble up recursive rm when locking a ref Failure to bubble up this error means some locking errors do not get reported as such on Windows.
Michael Tesch 87aaefe2 2016-08-09T12:23:19 write_tree: use shared buffer for writing trees The function to write trees allocates a new buffer for each tree. This causes problems with performance when performing a lot of actions involving writing trees, e.g. when doing many merges. Fix the issue by instead handing in a shared buffer, which is then re-used across the calls without having to re-allocate between calls.
Patrick Steinhardt ff5eea06 2016-12-12T09:36:15 pack: dereference cached pack entry on error When trying to uncompress deltas in a packfile's delta chain, we try to add object bases to the packfile cache, subsequently decrementing its reference count if it has been added successfully. This may lead to a mismatched reference count in the case where we exit the loop early due to an encountered error. Fix the issue by decrementing the reference count in error cleanup.
Patrick Steinhardt 34b32053 2016-11-25T15:02:34 Fix potential use of uninitialized values
Patrick Steinhardt e781a0c5 2016-11-25T15:02:07 graph: flag fields should be declared as unsigned
Patrick Steinhardt 482d1748 2016-11-25T15:01:35 transports: smart: do not redeclare loop counters