|
be8479c9
|
2016-02-22T14:01:50
|
|
diff_print: assert patch is non-NULL
When invoking `diff_print_info_init_frompatch` it is obvious that
the patch should be non-NULL. We explicitly check if the variable
is set and continue afterwards, happily dereferencing the
potential NULL-pointer.
Fix this by instead asserting that patch is set. This also
silences Coverity.
|
|
bac52ab0
|
2016-02-22T13:48:45
|
|
pack-objects: return early when computing write order fails
The function `compute_write_order` may return a `NULL`-pointer
when an error occurs. In such cases we jump to the `done`-label
where we try to clean up allocated memory. Unfortunately we try
to deallocate the `write_order` array, though, which may be NULL
here.
Fix this error by returning early instead of jumping to the
`done` label. There is no data to be cleaned up anyway.
|
|
2129d6df
|
2016-02-22T13:33:48
|
|
crlf: do not ignore GIT_PASSTHROUGH error
When no payload is set for `crlf_apply` we try to compute the
crlf attributes ourselves with `crlf_check`. When the function
determines that the current file does not require any treatment
we return the GIT_PASSTHROUGH error code without actually
allocating the out-pointer, which indicates the file should not
be passed through the filter.
The `crlf_apply` function explicitly checks for the
GIT_PASSTHROUGH return code and ignores it. This means we will
try to apply the crlf-filter to the current file, leading us to
dereference the unallocated payload-pointer.
Fix this obviously incorrect behavior by not treating
GIT_PASSTHROUGH in any special way. This is the correct thing to
do anyway, as the code indicates that the file should not be
passed through the filter.
|
|
42c05ed5
|
2016-02-23T10:02:44
|
|
path: use GITERR_CHECK_ALLOC_BUF to verify passed in buffer
|
|
859ed5dd
|
2016-02-23T09:54:26
|
|
common: introduce GITERR_CHECK_ALLOC_BUF
We commonly have to check if a git_buf has been allocated
correctly or if we ran out of memory. Introduce a new macro
similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if
so returns an error. Provide a `#nodef` for Coverity to mark the
error case as an abort path.
|
|
b9f28b8d
|
2016-02-23T10:09:03
|
|
refspec: check buffer with GITERR_CHECK_ALLOC_BUF
|
|
f2a554b4
|
2016-02-22T14:43:28
|
|
coverity: hint git_vector_foreach does not deref NULL contents
Coverity does not comprehend the connection between a vector's
size and the contents pointer, that is that the vector's pointer
is non-NULL when its size is positive. As the vector code should
be reasonably well tested and users are expected to not manually
modify a vector's contents it seems save to assume that the
macros will never dereference a NULL pointer.
Fix Coverity warnings by overriding the foreach macros with
macros that explicitly aborting when (v)->contents is NULL.
|
|
d1c9a48d
|
2016-02-23T10:45:09
|
|
pack-objects: check realloc in try_delta with GITERR_CHECK_ALLOC
|
|
c5bd70d1
|
2016-02-23T11:48:30
|
|
revwalk: use GITERR_CHECK_ALLOC_BUF
|
|
6e2a3755
|
2016-02-23T11:45:43
|
|
smart_pkt: check buffer with GITERR_CHECK_ALLOC_BUF
|
|
fb96b28c
|
2016-02-23T08:16:12
|
|
Merge pull request #3629 from ethomson/set_user_agent_doc
git_libgit2_opts: minor documentation & usage fixes
|
|
7bab2e8f
|
2016-02-22T23:04:40
|
|
git_libgit2_opts: validate key
|
|
5bc93eae
|
2016-02-22T22:26:01
|
|
git_libgit2_opts: document GIT_OPT_SET_USER_AGENT
|
|
305c4f95
|
2016-02-22T10:16:49
|
|
Merge pull request #3627 from libgit2/cmn/typo
Fix a few checkout -> rebase typos
|
|
88ab3be6
|
2016-02-22T15:41:01
|
|
Fix a few checkout -> rebase typos
|
|
c8fe6c09
|
2016-02-19T16:23:14
|
|
openssl: re-export the last-resort locking function
We need to include the header where we define the function. Otherwise it
won't be available on the DLL.
|
|
f596946f
|
2016-02-19T13:52:04
|
|
CHANGELOG: add a few missing changes
|
|
deecaa2e
|
2016-02-19T13:31:54
|
|
openssl: free the context even if we don't connect
|
|
bf127eec
|
2016-02-19T13:24:41
|
|
global: remove an unused variable
|
|
78e16c34
|
2016-02-19T13:06:51
|
|
Merge pull request #3597 from ethomson/filter_registration
Filter registration
|
|
b643501d
|
2016-02-19T10:21:37
|
|
Merge pull request #3614 from pks-t/pks/coverity-fixes
Coverity fixes
|
|
8a62bf11
|
2016-02-15T11:28:33
|
|
netops: fix memory leak when an error occurs
|
|
b0f7512f
|
2016-02-15T11:46:10
|
|
transports: smart_pkt: fix memory leaks
|
|
704554cd
|
2016-02-15T11:37:48
|
|
transports: smart: fix memory leak on OOM path
|
|
038d7af0
|
2016-02-15T11:30:48
|
|
signature: use GITERR_CHECK_ALLOC to check for OOM situation
When checking for out of memory situations we usually use the
GITERR_CHECK_ALLOC macro. Besides conforming to our current code
base it adds the benefit of silencing errors in Coverity due to
Coverity handling the macro's error path as abort.
|
|
40f6f225
|
2016-02-15T10:58:52
|
|
coverity: hint that string length is at least 2
When checking if a string is prefixed by a drive letter (e.g.
"C:") we verify this by inspecting the first and second character
of the string. Coverity thinks this is a defect as we do not
check the string's length first, but in fact we only check the
second character if the first character is part of the alphabet,
that is it cannot be '\0'.
Fix this by overriding the macro and explicitly checking the
string's length.
|
|
5981ab1d
|
2016-02-15T09:41:08
|
|
coverity: add nodefs for abort macros
Add nodefs for macros that abort the current flow due to errors.
This includes macros that trigger on integer overflows and for
the version check macro. This aids Coverity as we point out that
these paths will cause a fatal error.
|
|
c1b75f05
|
2016-02-18T15:11:31
|
|
Merge pull request #3604 from ethomson/nsec_xplat
Handle `USE_NSECS`
|
|
b85d0afd
|
2016-02-18T15:11:02
|
|
Merge pull request #3606 from ethomson/drop_xp
win32: drop xp support in WideCharToMultiByte
|
|
5663d4f6
|
2016-02-18T12:31:56
|
|
Merge pull request #3613 from ethomson/fixups
Remove most of the silly warnings
|
|
594a5d12
|
2016-02-18T12:28:06
|
|
Merge pull request #3619 from ethomson/win32_forbidden
win32: allow us to read indexes with forbidden paths on win32
|
|
298d1b07
|
2016-02-18T11:44:04
|
|
Merge pull request #3621 from pra85/patch-1
Fix a typo
|
|
9c26f90c
|
2016-02-18T11:39:55
|
|
PROJECTS: remove a few things we do have
|
|
d50bf716
|
2016-02-18T13:26:08
|
|
Fix a typo
`compatability` → `compatibility`
|
|
318b825e
|
2016-02-16T17:11:46
|
|
index: allow read of index w/ illegal entries
Allow `git_index_read` to handle reading existing indexes with
illegal entries. Allow the low-level `git_index_add` to add
properly formed `git_index_entry`s even if they contain paths
that would be illegal for the current filesystem (eg, `AUX`).
Continue to disallow `git_index_add_bypath` from adding entries
that are illegal universally illegal (eg, `.git`, `foo/../bar`).
|
|
4fea9cff
|
2016-02-16T13:08:55
|
|
iterator: assert tree_iterator has a frame
Although a `tree_iterator` that failed to be properly created
does not have a frame, all other `tree_iterator`s should. Do not
call `pop` in the failure case, but assert that in all other
cases there is a frame.
|
|
a218b2f6
|
2016-01-22T16:03:37
|
|
Validate pointer before access the member.
When Git repository at network locations, sometimes git_iterator_for_tree
fails at iterator__update_ignore_case so it goes to git_iterator_free.
Null pointer will crash the process if not check.
Signed-off-by: Colin Xu <colin.xu@gmail.com>
|
|
4be2aa57
|
2016-02-16T18:50:08
|
|
win32: tests around handling forbidden paths
Introduce a repository that contains some paths that were illegal
on PC-DOS circa 1981 (like `aux`, `con`, `com1`) and that in a
bizarre fit of retrocomputing, remain illegal on some "modern"
computers, despite being "new technology".
Introduce some aspirational tests that suggest that we should be
able to cope with trees and indexes that contain paths that
would be illegal on the filesystem, so that we can at least diff
them. Further ensure that checkout will not write a repository
with forbidden paths.
|
|
474bd2c1
|
2016-02-16T14:45:32
|
|
Merge pull request #3617 from libgit2/cmn/extract-sig-errors
commit: expose the different kinds of errors
|
|
eadd0f05
|
2016-02-16T14:06:48
|
|
commit: expose the different kinds of errors
We should be checking whether the object we're looking up is a commit,
and we should let the caller know whether the not-found return code
comes from a bad object type or just a missing signature.
|
|
9ce0399c
|
2016-02-12T10:27:05
|
|
winhttp: use an unsigned iterator
|
|
3b2fa0fb
|
2016-02-12T10:25:50
|
|
submodule: explicitly cast to the teensy time value
|
|
b2ca8d9c
|
2016-02-12T10:22:54
|
|
index: explicitly cast the teeny index entry members
|
|
997e0301
|
2016-02-12T10:11:32
|
|
index: don't use `seek` return as an error code
|
|
9a634cba
|
2016-02-12T10:03:29
|
|
index: explicitly cast new hash size to an int
|
|
0d9a39ea
|
2016-02-12T10:02:18
|
|
win32: drop incorrect `const`ness
|
|
c4d23928
|
2016-02-11T15:41:07
|
|
fstat: use our custom `stat`
|
|
aadad405
|
2016-02-11T14:28:31
|
|
tree: zap warnings around `size_t` vs `uint16_t`
|
|
1aa14921
|
2016-02-16T08:54:43
|
|
Merge pull request #3615 from ethomson/rebase_bare
rebase: persist a single in-memory index
|
|
f28bae0c
|
2016-02-15T17:16:00
|
|
rebase: persist a single in-memory index
When performing an in-memory rebase, keep a single index for the
duration, so that callers have the expected index lifecycle and
do not hold on to an index that is free'd out from under them.
|
|
35439f59
|
2016-02-11T12:24:21
|
|
win32: introduce p_timeval that isn't stupid
Windows defines `timeval` with `long`, which we cannot
sanely cope with. Instead, use a custom timeval struct.
|
|
5a296ad0
|
2016-02-12T00:55:20
|
|
Merge pull request #3610 from ethomson/rebase_bare
rebase: introduce bare rebasing
|
|
2f2129b1
|
2016-02-11T15:47:01
|
|
Merge pull request #3612 from arthurschreiber/arthur/fix-3173
Horrible fix for #3173.
|
|
3679ebae
|
2016-02-11T23:37:52
|
|
Horrible fix for #3173.
|
|
460ae11f
|
2016-02-11T22:19:20
|
|
commit: don't forget the last header field
When we moved the logic to handle the first one, wrong loop logic was
kept in place which meant we still finished early. But we now notice it
because we're not reading past the last LF we find.
This was not noticed before as the last field in the tested commit was
multi-line which does not trigger the early break.
|
|
66ce08a6
|
2016-02-11T22:16:34
|
|
Merge pull request #3607 from pks-t/pks/coverity-improvements
Coverity improvements for GITERR_CHECK_ALLOC
|
|
263e674e
|
2016-02-11T11:41:23
|
|
merge tests: correct casts
|
|
ad8aa112
|
2016-02-11T11:26:42
|
|
reset test: fix initialization warning
|
|
a202e0d4
|
2016-02-11T10:11:21
|
|
rebase: allow custom merge_options
Allow callers of rebase to specify custom merge options. This may
allow custom conflict resolution, or failing fast when conflicts
are detected.
|
|
ee667307
|
2016-02-11T10:48:48
|
|
rebase: introduce inmemory rebasing
Introduce the ability to rebase in-memory or in a bare repository.
When `rebase_options.inmemory` is specified, the resultant `git_rebase`
session will not be persisted to disk. Callers may still analyze
the rebase operations, resolve any conflicts against the in-memory
index and create the commits. Neither `HEAD` nor the working
directory will be updated during this process.
|
|
50174ab4
|
2016-02-10T11:06:23
|
|
coverity: use https URL for posting build
When posting our instrumented build results to Coverity we have
to include sensitive information, in particular our authorization
token. Currently we use an unencrypted channel to post this
information, leading to the token being transferred in plain.
Fix this by using a secured connection instead.
|
|
8dddea42
|
2016-02-10T10:59:14
|
|
coverity: provide nodef for GITERR_CHECK_ALLOC
Coverity currently lists a lot of errors with regard to
GITERR_CHECK_ALLOC causing resource leaks. We know this macro is
only invoked when we want to abort because we are out of memory.
Coverity allows for overriding the default model where we know
that certain functions guarantee a desired behavior. The
user_nodefs.h is used to override the behavior of macros.
Re-define GITERR_CHECK_ALLOC inside of it to specify its abort
nature.
|
|
82abd40d
|
2016-02-07T13:35:16
|
|
filter: clean up documentation around custom filters
|
|
494e61b8
|
2016-02-09T17:44:59
|
|
win32: drop xp support in WideCharToMultiByte
|
|
9447b9e5
|
2016-02-09T10:40:33
|
|
xplat: use st_mtimespec everywhere on mac
|
|
488e2b85
|
2016-02-09T16:26:58
|
|
Merge pull request #3599 from libgit2/gpgsign
Introduce git_commit_extract_signature
|
|
534cc5a3
|
2016-02-09T16:10:43
|
|
Merge pull request #3603 from pks-t/pks/coverity-fixes
Coverity fixes
|
|
a65afb75
|
2016-02-08T18:51:13
|
|
Introduce git_commit_extract_signature
This returns the GPG signature for a commit and its contents without the
signature block, allowing for the verification of the commit's
signature.
|
|
ab87cb18
|
2016-02-09T14:53:10
|
|
Merge pull request #3602 from libgit2/cmn/header-field-2
commit: also match the first header field when searching
|
|
24b8ed2b
|
2016-02-09T11:11:38
|
|
attr_file: fix resource leak
|
|
e2625457
|
2016-02-09T11:07:50
|
|
checkout: fix resource leak
|
|
39c9dd24
|
2016-02-09T10:53:30
|
|
pack-objects: fix memory leak in packbuilder_config
|
|
0b2437bb
|
2016-02-09T10:43:28
|
|
pack-objects: fix memory leak in compute_write_order
|
|
a53d2e39
|
2016-02-09T09:58:56
|
|
pack: do not free passed in poiter on error
The function `git_packfile_stream_open` tries to free the passed
in stream when an error occurs. The only call site is
`git_indexer_append`, though, which passes in the address of a
stream struct which has not been allocated on the heap.
Fix the issue by simply removing the call to free. In case of an
error we did not allocate any memory yet and otherwise it should
be the caller's responsibility to manage it's object's lifetime.
|
|
f55eca16
|
2016-02-09T07:17:26
|
|
commit: also match the first header field when searching
We were searching only past the first header field, which meant we were
unable to find e.g. `tree` which is the first field.
While here, make sure to set an error message in case we cannot find the
field.
|
|
e0bbe781
|
2016-02-09T06:41:02
|
|
Merge pull request #3598 from pks-t/pks/coverity-fixes
Coverity fixes
|
|
463f5351
|
2016-02-09T06:26:21
|
|
Merge pull request #3601 from ethomson/merge_doc
Better document `git_merge_commits` redux
|
|
b00c959f
|
2016-02-08T17:55:22
|
|
Better document `git_merge_commits` redux
`git_merge_commits` and `git_merge` now *do* handle recursive base
building for criss-cross merges. Remove the documentation that says
that they do not.
This reverts commit 5e44d9bcb6d5b20922f49b1913723186f8ced8b5.
|
|
7cdbb39e
|
2016-02-08T17:14:43
|
|
Merge pull request #3600 from ethomson/mailmap
mailmap: add ethomson@github.com
|
|
88a4d084
|
2016-02-02T14:50:35
|
|
mailmap: add ethomson@github.com
|
|
2ed855a9
|
2016-02-07T13:16:30
|
|
filter: avoid races during filter registration
Previously we would set the global filter registry structure before
adding filters to the structure, without a lock, which is quite racy.
Now, register default filters during global registration and use an
rwlock to read and write the filter registry (as appopriate).
|
|
6e0fc1a6
|
2016-02-07T14:10:38
|
|
mingw: use gcc-like memory barrier
Use the gcc-like memory barrier (__sync_synchronize) on mingw.
|
|
8a6d6677
|
2016-02-08T16:14:03
|
|
global: make openssl registration like the rest
|
|
bad2702c
|
2016-02-06T11:25:47
|
|
global: refactor setup and cleanup
Move the common initialization and cleanup methods to reduce
unnecessary duplication.
|
|
a001846b
|
2016-02-08T17:05:57
|
|
curl_stream: fix unused cert infos
When copying contents of the cURL certiinfo we duplicate the
data but forget to actually put it into the vector.
|
|
fac42ff9
|
2016-02-08T16:58:08
|
|
merge: fix memory leak
|
|
0f814deb
|
2016-02-06T16:41:59
|
|
Merge pull request #3592 from ethomson/code_of_conduct
Introduce Contributor Covenant
|
|
240b6fed
|
2016-02-05T15:19:24
|
|
Merge pull request #3578 from bubaflub/fix_small_memory_leak
Free allocated pointer to curl stream on error
|
|
efa8208c
|
2016-02-05T09:37:40
|
|
Merge pull request #3579 from ethomson/mingw_winhttp
winhttp: name mangle class / iid on mingw
|
|
45165b12
|
2016-02-04T16:43:23
|
|
Merge pull request #3584 from jbreeden/export_fn
Export git_stash_apply_init_options
|
|
d8f72159
|
2016-02-04T15:49:00
|
|
Merge pull request #3594 from Ephemera/patch-1
Fix typo
|
|
804bcd6b
|
2016-02-05T01:59:07
|
|
Fix typo
|
|
612f2a60
|
2016-02-04T08:43:47
|
|
Merge pull request #3593 from nvanheuverzwijn/patch-1
Fix a typo in documentation
|
|
1087e6be
|
2016-02-03T17:27:04
|
|
Fix a typo in documentation
|
|
846632cd
|
2016-02-02T14:49:25
|
|
Introduce Contributor Covenant
|
|
0c09753c
|
2016-01-25T14:06:15
|
|
Fix the build when defining USE_NSEC
|
|
d02720d8
|
2016-01-23T17:13:25
|
|
Export git_stash_apply_init_options
|
|
5c7f2f01
|
2016-01-19T11:13:23
|
|
winhttp: name mangle class / iid on mingw
Standard Windows type systems define CLSID_InternetSecurityManager
and IID_IInternetSecurityManager, but MinGW lacks these definitions.
As a result, we must hardcode these definitions ourselves. However,
we should not use a public struct with those names, lest another
library do the same thing and consumers cannot link to both.
|
|
8bd1c19e
|
2016-01-16T19:39:24
|
|
Free allocated pointer to curl stream on error
|
|
0f9d1549
|
2016-01-16T02:29:17
|
|
Merge pull request #3573 from pmq20/master-12jan16
Make packfile_unpack_compressed a private API
|