|
d749822c
|
2018-02-08T22:50:58
|
|
Merge pull request #4491 from libgit2/ethomson/recursive
Recursive merge: reverse the order of merge bases
|
|
ba4faf6e
|
2018-02-08T17:15:33
|
|
buf_text: remove `offset` parameter of BOM detection function
The function to detect a BOM takes an offset where it shall look for a
BOM. No caller uses that, and searching for the BOM in the middle of a
buffer seems to be very unlikely, as a BOM should only ever exist at
file start.
Remove the parameter, as it has already caused confusion due to its
weirdness.
|
|
2eea5f1c
|
2018-02-08T10:27:31
|
|
config_parse: fix reading files with BOM
The function `skip_bom` is being used to detect and skip BOM marks
previously to parsing a configuration file. To do so, it simply uses
`git_buf_text_detect_bom`. But since the refactoring to use the parser
interface in commit 9e66590bd (config_parse: use common parser
interface, 2017-07-21), the BOM detection was actually broken.
The issue stems from a misunderstanding of `git_buf_text_detect_bom`. It
was assumed that its third parameter limits the length of the character
sequence that is to be analyzed, while in fact it was an offset at which
we want to detect the BOM. Fix the parameter to be `0` instead of the
buffer length, as we always want to check the beginning of the
configuration file.
|
|
848153f3
|
2018-02-08T10:02:29
|
|
config_parse: handle empty lines with CRLF
Currently, the configuration parser will fail reading empty lines with
just an CRLF-style line ending. Special-case the '\r' character in order
to handle it the same as Unix-style line endings. Add tests to spot this
regression in the future.
|
|
5340ca77
|
2018-02-08T09:31:51
|
|
config_parse: add comment to clarify logic getting next character
Upon each line, the configuration parser tries to get either the first
non-whitespace character or the first whitespace character, in case
there is no non-whitespace character. The logic handling this looks
rather odd and doesn't immediately convey this meaning, so add a comment
to clarify what happens.
|
|
1403c612
|
2018-01-22T14:44:31
|
|
merge: virtual commit should be last argument to merge-base
Our virtual commit must be the last argument to merge-base: since our
algorithm pushes _both_ parents of the virtual commit, it needs to be
the last argument, since merge-base:
> Given three commits A, B and C, git merge-base A B C will compute the
> merge base between A and a hypothetical commit M
We want to calculate the merge base between the actual commit ("two")
and the virtual commit ("one") - since one actually pushes its parents
to the merge-base calculation, we need to calculate the merge base of
"two" and the parents of one.
|
|
b924df1e
|
2018-01-21T18:05:45
|
|
merge: reverse merge bases for recursive merge
When the commits being merged have multiple merge bases, reverse the
order when creating the virtual merge base. This is for compatibility
with git's merge-recursive algorithm, and ensures that we build
identical trees.
Git does this to try to use older merge bases first. Per 8918b0c:
> It seems to be the only sane way to do it: when a two-head merge is
> done, and the merge-base and one of the two branches agree, the
> merge assumes that the other branch has something new.
>
> If we start creating virtual commits from newer merge-bases, and go
> back to older merge-bases, and then merge with newer commits again,
> chances are that a patch is lost, _because_ the merge-base and the
> head agree on it. Unlikely, yes, but it happened to me.
|
|
ed51feb7
|
2018-01-21T18:01:20
|
|
oidarray: introduce git_oidarray__reverse
Provide a simple function to reverse an oidarray.
|
|
26f5d36d
|
2018-02-04T10:27:39
|
|
Merge pull request #4489 from libgit2/ethomson/conflicts_crlf
Conflict markers should match EOL style in conflicting files
|
|
8abd514c
|
2018-02-02T17:37:12
|
|
Merge pull request #4499 from pks-t/pks/setuid-config
sysdir: do not use environment in setuid case
|
|
2553cbe3
|
2018-02-02T11:33:46
|
|
Merge pull request #4512 from libgit2/ethomson/header_guards
Consistent header guards
|
|
53454b68
|
2018-02-02T11:31:15
|
|
Merge pull request #4510 from pks-t/pks/attr-file-bare-stat
attr: avoid stat'ting files for bare repositories
|
|
0967459e
|
2018-01-25T13:11:34
|
|
sysdir: do not use environment in setuid case
In order to derive the location of some Git directories, we currently
use the environment variables $HOME and $XDG_CONFIG_HOME. This might
prove to be problematic whenever the binary is run with setuid, that is
when the effective user does not equal the real user. In case the
environment variables do not get sanitized by the caller, we thus might
end up using the real user's configuration when doing stuff as the
effective user.
The fix is to use the passwd entry's directory instead of $HOME in this
situation. As this might break scenarios where the user explicitly sets
$HOME to another path, this fix is only applied in case the effective
user does not equal the real user.
|
|
abb04caa
|
2018-02-01T15:55:48
|
|
consistent header guards
use consistent names for the #include / #define header guard pattern.
|
|
e28e17e6
|
2018-02-01T10:36:33
|
|
attr: avoid stat'ting files for bare repositories
Depending on whether the path we want to look up an attribute for is a
file or a directory, the fnmatch function will be called with different
flags. Because of this, we have to first stat(3) the path to determine
whether it is a file or directory in `git_attr_path__init`. This is
wasteful though in bare repositories, where we can already be assured
that the path will never exist at all due to there being no worktree. In
this case, we will execute an unnecessary syscall, which might be
noticeable on networked file systems.
What happens right now is that we always pass the `GIT_DIR_FLAG_UNKOWN`
flag to `git_attr_path__init`, which causes it to `stat` the file itself
to determine its type. As it is calling `git_path_isdir` on the path,
which will always return `false` in case the path does not exist, we end
up with the path always being treated as a file in case of a bare
repository. As such, we can just check the bare-repository case in all
callers and then pass in `GIT_DIR_FLAG_FALSE` ourselves, avoiding the
need to `stat`. While this may not always be correct, it at least is no
different from our current behavior.
|
|
341608dc
|
2018-01-31T14:48:42
|
|
Merge pull request #4507 from tomas/patch-1
Honor 'GIT_USE_NSEC' option in `filesystem_iterator_set_current`
|
|
9d8510b3
|
2018-01-31T09:28:43
|
|
Merge pull request #4488 from libgit2/ethomson/conflict_marker_size
Use longer conflict markers in recursive merge base
|
|
054e4c08
|
2018-01-31T14:28:25
|
|
Set ctime/mtime nanosecs to 0 if USE_NSEC is not defined
|
|
752006dd
|
2018-01-30T23:21:19
|
|
Honor 'GIT_USE_NSEC' option in `filesystem_iterator_set_current`
This should have been part of PR #3638. Without this we still get
nsec-related errors, even when using -DGIT_USE_NSEC:
error: ‘struct stat’ has no member named ‘st_mtime_nsec’
|
|
275f103d
|
2018-01-12T08:59:40
|
|
odb: reject reading and writing null OIDs
The null OID (hash with all zeroes) indicates a missing object in
upstream git and is thus not a valid object ID. Add defensive
measurements to avoid writing such a hash to the object database in the
very unlikely case where some data results in the null OID. Furthermore,
add shortcuts when reading the null OID from the ODB to avoid ever
returning an object when a faulty repository may contain the null OID.
|
|
c0487bde
|
2018-01-12T08:23:43
|
|
tree: reject writing null-OID entries to a tree
In commit a96d3cc3f (cache-tree: reject entries with null sha1,
2017-04-21), the git.git project has changed its stance on null OIDs in
tree objects. Previously, null OIDs were accepted in tree entries to
help tools repair broken history. This resulted in some problems though
in that many code paths mistakenly passed null OIDs to be added to a
tree, which was not properly detected.
Align our own code base according to the upstream change and reject
writing tree entries early when the OID is all-zero.
|
|
d23ce187
|
2018-01-22T11:55:28
|
|
odb: export mempack backend
Fixes #4492, #4496.
|
|
7f52bc5a
|
2018-01-20T18:19:26
|
|
xdiff: upgrade to git's included xdiff
Upgrade xdiff to git's most recent version, which includes changes to
CR/LF handling. Now CR/LF included in the input files will be detected
and conflict markers will be emitted with CR/LF when appropriate.
|
|
185b0d08
|
2018-01-20T19:41:28
|
|
merge: recursive uses larger conflict markers
Git uses longer conflict markers in the recursive merge base - two more
than the default (thus, 9 character long conflict markers). This allows
users to tell the difference between the recursive merge conflicts and
conflicts between the ours and theirs branches.
This was introduced in git d694a17986a28bbc19e2a6c32404ca24572e400f.
Update our tests to expect this as well.
|
|
b8e9467a
|
2018-01-20T19:39:34
|
|
merge: allow custom conflict marker size
Allow for a custom conflict marker size, allowing callers to override
the default size of the "<<<<<<<" and ">>>>>>>" markers in the
conflicted output file.
|
|
45f58409
|
2018-01-20T15:15:40
|
|
Merge pull request #4484 from pks-t/pks/fail-creating-branch-HEAD
branch: refuse creating branches named 'HEAD'
|
|
4ea8035d
|
2018-01-20T14:56:51
|
|
Merge pull request #4478 from libgit2/cmn/packed-refs-sorted
refs: include " sorted " in our packed-refs header
|
|
a9677e01
|
2018-01-19T09:20:59
|
|
branch: refuse creating branches named 'HEAD'
Since a625b092c (branch: correctly reject refs/heads/{-dash,HEAD},
2017-11-14), which is included in v2.16.0, upstream git refuses to
create branches which are named HEAD to avoid ambiguity with the
symbolic HEAD reference. Adjust our own code to match that behaviour and
reject creating branches names HEAD.
|
|
4893a9c0
|
2018-01-17T13:54:42
|
|
Merge pull request #4451 from libgit2/charliesome/trailer-info
Implement message trailer parsing API
|
|
d4a3a4b5
|
2018-01-17T12:52:08
|
|
rename find_trailer to extract_trailer_block
|
|
d43974fb
|
2018-01-16T13:40:26
|
|
Change trailer API to return a simple array
|
|
9bf37ddd
|
2018-01-12T15:17:41
|
|
refs: include " sorted " in our packed-refs header
This lets git know that we do in fact have written our packed-refs file
sorted (which is apparently not necessarily the case) and it can then use the
new-ish mmaped access which lets it avoid significant amounts of effort parsing
potentially large files to get to a single piece of data.
|
|
90f81f9f
|
2018-01-12T12:56:57
|
|
transports: local: fix memory leak in reference walk
Upon downloading the pack file, the local transport will iterate through
every reference using `git_reference_foreach`. The function is a bit
tricky though in that it requires the passed callback to free the
references, which does not currently happen.
Fix the memory leak by freeing all passed references in the callback.
|
|
5734768b
|
2018-01-10T19:19:34
|
|
Merge remote-tracking branch 'origin/master' into charliesome/trailer-info
|
|
b21c5408
|
2018-01-08T12:33:07
|
|
cmake: add openssl to the private deps list when it's the TLS implementation
We might want OpenSSL to be the implementation for SHA-1 and/or TLS. If we only
want it for TLS (e.g. we're building with the collision-detecting SHA-1
implementation) then we did not indicate this to the systems including us a
static library.
Add OpenSSL to the list also during the TLS decision to make sure we say we
should link to it if we use it for TLS.
|
|
b85548ed
|
2018-01-08T12:30:50
|
|
cmake: treat LIBGIT2_PC_REQUIRES as a list
It is indeed a list of dependencies for those which include the static archive.
This is in preparation for adding two possible places where we might add openssl
as a dependency.
|
|
70db57d4
|
2018-01-05T15:31:51
|
|
Merge pull request #4398 from pks-t/pks/generic-sha1
cmake: allow explicitly choosing SHA1 backend
|
|
70aa6146
|
2017-12-05T08:48:31
|
|
cmake: allow explicitly choosing SHA1 backend
Right now, if SHA1DC is disabled, the SHA1 backend is mostly chosen
based on which system libgit2 is being compiled on and which libraries
have been found. To give developers and distributions more choice,
enable them to request specific backends by passing in a
`-DSHA1_BACKEND=<BACKEND>` option instead. This completely replaces the
previous auto-selection.
|
|
f315cd14
|
2018-01-03T18:44:12
|
|
make separators const a macro as well
|
|
1cda43ba
|
2018-01-03T18:30:04
|
|
make comment_line_char const a macro
|
|
a223bae5
|
2018-01-03T14:57:25
|
|
Merge pull request #4437 from pks-t/pks/openssl-hash-errors
hash: openssl: check return values of SHA1_* functions
|
|
399c0b19
|
2018-01-03T14:55:06
|
|
Merge pull request #4462 from pks-t/pks/diff-generated-excessive-stats
diff_generate: avoid excessive stats of .gitattribute files
|
|
d8896bda
|
2018-01-03T16:07:36
|
|
diff_generate: avoid excessive stats of .gitattribute files
When generating a diff between two trees, for each file that is to be
diffed we have to determine whether it shall be treated as text or as
binary files. While git has heuristics to determine which kind of diff
to generate, users can also that default behaviour by setting or
unsetting the 'diff' attribute for specific files.
Because of that, we have to query gitattributes in order to determine
how to diff the current files. Instead of hitting the '.gitattributes'
file every time we need to query an attribute, which can get expensive
especially on networked file systems, we try to cache them instead. This
works perfectly fine for every '.gitattributes' file that is found, but
we hit cache invalidation problems when we determine that an attribuse
file is _not_ existing. We do create an entry in the cache for missing
'.gitattributes' files, but as soon as we hit that file again we
invalidate it and stat it again to see if it has now appeared.
In the case of diffing large trees with each other, this behaviour is
very suboptimal. For each pair of files that is to be diffed, we will
repeatedly query every directory component leading towards their
respective location for an attributes file. This leads to thousands or
even hundreds of thousands of wasted syscalls.
The attributes cache already has a mechanism to help in that scenario in
form of the `git_attr_session`. As long as the same attributes session
is still active, we will not try to re-query the gitmodules files at all
but simply retain our currently cached results. To fix our problem, we
can create a session at the top-most level, which is the initialization
of the `git_diff` structure, and use it in order to look up the correct
diff driver. As the `git_diff` structure is used to generate patches for
multiple files at once, this neatly solves our problem by retaining the
session until patches for all files have been generated.
The fix has been tested with linux.git by calling
`git_diff_tree_to_tree` and `git_diff_to_buf` with v4.10^{tree} and
v4.14^{tree}.
| time | .gitattributes stats
without fix | 33.201s | 844614
with fix | 30.327s | 4441
While execution only improved by roughly 10%, the stat(3) syscalls for
.gitattributes files decreased by 99.5%. The benchmarks were quite
simple with best-of-three timings on Linux ext4 systems. One can assume
that for network based file systems the performance gain will be a lot
larger due to a much higher latency.
|
|
30455a56
|
2018-01-03T13:09:21
|
|
Merge pull request #4439 from tiennou/fix/4352
cmake: create a dummy file for Xcode
|
|
ba56f781
|
2018-01-03T12:54:42
|
|
streams: openssl: fix thread-safety for OpenSSL error messages
The function `ERR_error_string` can be invoked without providing a
buffer, in which case OpenSSL will simply return a string printed into a
static buffer. Obviously and as documented in ERR_error_string(3), this
is not thread-safe at all. As libgit2 is a library, though, it is easily
possible that other threads may be using OpenSSL at the same time, which
might lead to clobbered error strings.
Fix the issue by instead using a stack-allocated buffer. According to
the documentation, the caller has to provide a buffer of at least 256
bytes of size. While we do so, make sure that the buffer will never get
overflown by switching to `ERR_error_string_n` to specify the buffer's
size.
|
|
75e1737a
|
2017-12-08T10:10:19
|
|
hash: openssl: check return values of SHA1_* functions
The OpenSSL functions `SHA1_Init`, `SHA1_Update` and `SHA1_Final` all
return 1 for success and 0 otherwise, but we never check their return
values. Do so.
|
|
98303ea3
|
2018-01-03T11:27:12
|
|
Merge pull request #4457 from libgit2/ethomson/tree_error_messages
tree: standard error messages are lowercase
|
|
e8bc8558
|
2018-01-02T13:29:49
|
|
Merge remote-tracking branch 'origin/master' into charliesome/trailer-info
|
|
7610638e
|
2018-01-01T17:52:06
|
|
Merge pull request #4453 from libgit2/ethomson/spnego
winhttp: properly support ntlm and negotiate
|
|
2c99011a
|
2017-12-31T09:33:19
|
|
tree: standard error messages are lowercase
Our standard error messages begin with a lower case letter so that they
can be prefixed or embedded nicely.
These error messages were missed during the standardization pass since
they use the `tree_error` helper function.
|
|
d6210245
|
2017-12-30T13:09:43
|
|
Merge pull request #4159 from richardipsum/notes-commit
Support using notes via a commit rather than a ref
|
|
8cdf439b
|
2017-12-30T13:07:03
|
|
Merge pull request #4028 from chescock/improve-local-fetch
Transfer fewer objects on push and local fetch
|
|
2b7a3393
|
2017-12-30T12:47:57
|
|
Merge pull request #4455 from libgit2/ethomson/branch_symlinks
refs: traverse symlinked directories
|
|
e14bf97e
|
2017-12-30T08:09:22
|
|
Merge pull request #4443 from libgit2/ethomson/large_loose_blobs
Inflate large loose blobs
|
|
9e94b6af
|
2017-12-30T00:12:46
|
|
iterator: cleanups with symlink dir handling
Perform some error checking when examining symlink directories.
|
|
e9628e7b
|
2017-10-30T11:38:33
|
|
branches: Check symlinked subdirectories
Native Git allows symlinked directories under .git/refs. This
change allows libgit2 to also look for references that live under
symlinked directories.
Signed-off-by: Andy Doan <andy@opensourcefoundries.com>
|
|
526dea1c
|
2017-12-29T17:41:24
|
|
winhttp: properly support ntlm and negotiate
When parsing unauthorized responses, properly parse headers looking for
both NTLM and Negotiate challenges. Set the HTTP credentials to default
credentials (using a `NULL` username and password) with the schemes
supported by ourselves and the server.
|
|
083b1a2e
|
2017-12-28T10:38:31
|
|
Merge pull request #4021 from carlosmn/cmn/refspecs-fetchhead
FETCH_HEAD and multiple refspecs
|
|
1b4fbf2e
|
2017-11-19T09:47:07
|
|
remote: append to FETCH_HEAD rather than overwrite for each refspec
We treat each refspec on its own, but the code currently overwrites the contents
of FETCH_HEAD so we end up with the entries for the last refspec we processed.
Instead, truncate it before performing the updates and append to it when
updating the references.
|
|
3ccc1a4d
|
2017-11-19T09:46:02
|
|
futils: add a function to truncate a file
We want to do this in order to get FETCH_HEAD to be empty when we start updating
it due to fetching from the remote.
|
|
4110fc84
|
2017-12-23T23:30:29
|
|
Merge pull request #4285 from pks-t/pks/patches-with-whitespace
patch_parse: fix parsing unquoted filenames with spaces
|
|
c3514b0b
|
2017-12-23T14:59:07
|
|
Fix unpack double free
If an element has been cached, but then the call to
packfile_unpack_compressed() fails, the very next thing that happens is
that its data is freed and then the element is not removed from the
cache, which frees the data again.
This change sets obj->data to NULL to avoid the double-free. It also
stops trying to resolve deltas after two continuous failed rounds of
resolution, and adds a test for this.
|
|
9f7ad3c5
|
2017-12-23T10:55:13
|
|
Merge pull request #4430 from tiennou/fix/openssl-x509-leak
Free OpenSSL peer certificate
|
|
30d91760
|
2017-12-23T10:52:08
|
|
Merge pull request #4435 from lhchavez/ubsan-shift-overflow
libFuzzer: Prevent a potential shift overflow
|
|
1ddc57b3
|
2017-12-23T10:09:12
|
|
Merge pull request #4402 from libgit2/ethomson/iconv
cmake: let USE_ICONV be optional on macOS
|
|
06f3aa5f
|
2017-12-23T10:07:44
|
|
Merge pull request #4429 from novalis/delete-modify-submodule-merge
Do not attempt to check out submodule as blob when merging a submodule modify/deltete conflict
|
|
bdb54214
|
2017-12-11T16:46:05
|
|
hash: commoncrypto hash should support large files
Teach the CommonCrypto hash mechanisms to support large files. The hash
primitives take a `CC_LONG` (aka `uint32_t`) at a time. So loop to give
the hash function at most an unsigned 32 bit's worth of bytes until we
have hashed the entire file.
|
|
a89560d5
|
2017-12-10T17:26:43
|
|
hash: win32 hash mechanism should support large files
Teach the win32 hash mechanisms to support large files. The hash
primitives take at most `ULONG_MAX` bytes at a time. Loop, giving the
hash function the maximum supported number of bytes, until we have
hashed the entire file.
|
|
3e6533ba
|
2017-12-10T17:25:00
|
|
odb_loose: reject objects that cannot fit in memory
Check the size of objects being read from the loose odb backend and
reject those that would not fit in memory with an error message that
reflects the actual problem, instead of error'ing later with an
unintuitive error message regarding truncation or invalid hashes.
|
|
8642feba
|
2017-12-10T17:23:44
|
|
zstream: use UINT_MAX sized chunks
Instead of paging to zlib in INT_MAX sized chunks, we can give it
as many as UINT_MAX bytes at a time. zlib doesn't care how big
a buffer we give it, this simply results in fewer calls into zlib.
|
|
ddefea75
|
2017-11-30T15:55:59
|
|
odb: support large loose objects
zlib will only inflate/deflate an `int`s worth of data at a time.
We need to loop through large files in order to ensure that we inflate
the entire file, not just an `int`s worth of data. Thankfully, we
already have this loop in our `git_zstream` layer. Handle large objects
using the `git_zstream`.
|
|
d1e44655
|
2017-11-30T15:52:47
|
|
object: introduce git_object_stringn2type
Introduce an internal API to get the object type based on a
length-specified (not null terminated) string representation. This can
be used to compare the (space terminated) object type name in a loose
object.
Reimplement `git_object_string2type` based on this API.
|
|
86219f40
|
2017-11-30T15:40:13
|
|
util: introduce `git__prefixncmp` and consolidate implementations
Introduce `git_prefixncmp` that will search up to the first `n`
characters of a string to see if it is prefixed by another string.
This is useful for examining if a non-null terminated character
array is prefixed by a particular substring.
Consolidate the various implementations of `git__prefixcmp` around a
single core implementation and add some test cases to validate its
behavior.
|
|
b7d36ef4
|
2017-12-12T12:24:11
|
|
zstream: treat `Z_BUF_ERROR` as non-fatal
zlib will return `Z_BUF_ERROR` whenever there is more input to inflate
or deflate than there is output to store the result. This is normal for
us as we iterate through the input, particularly with very large input
buffers.
|
|
72fbf05c
|
2017-12-20T15:24:30
|
|
trailer: use git__prefixcmp instead of starts_with
|
|
13722611
|
2017-12-20T15:24:23
|
|
trailer: remove inline specifier on is_blank_line
|
|
1c43edca
|
2017-12-14T18:37:10
|
|
message: add routine for parsing trailers from messages
This is implemented in trailer.c and borrows a large amount of logic
from Git core to ensure compatibility.
|
|
fa8cf14f
|
2017-12-16T21:49:45
|
|
Merge pull request #4447 from pks-t/pks/diff-file-contents-refcount-blob
diff_file: properly refcount blobs when initializing file contents
|
|
8be2a790
|
2017-12-05T23:21:05
|
|
openssl: free the peer certificate
Per SSL_get_peer_certificate docs:
```
The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free().
```
|
|
2518eb81
|
2017-11-24T14:04:10
|
|
openssl: merge all the exit paths of verify_server_cert
This makes it easier to cleanup allocated resources on exit.
|
|
53f2c6b1
|
2017-12-15T15:01:50
|
|
Simplified overflow condition
|
|
2482559d
|
2017-12-15T05:52:02
|
|
Merge pull request #4432 from lhchavez/fix-missing-trailer
libFuzzer: Fix missing trailer crash
|
|
2388a9e2
|
2017-12-15T10:47:01
|
|
diff_file: properly refcount blobs when initializing file contents
When initializing a `git_diff_file_content` from a source whose data is
derived from a blob, we simply assign the blob's pointer to the
resulting struct without incrementing its refcount. Thus, the structure
can only be used as long as the blob is kept alive by the caller.
Fix the issue by using `git_blob_dup` instead of a direct assignment.
This function will increment the refcount of the blob without allocating
new memory, so it does exactly what we want. As
`git_diff_file_content__unload` already frees the blob when
`GIT_DIFF_FLAG__FREE_BLOB` is set, we don't need to add new code
handling the free but only have to set that flag correctly.
|
|
4969a672
|
2017-12-10T02:19:34
|
|
cmake: create a dummy file for Xcode
Otherwise Xcode will happily not-link our git2 target, resulting in a "missing file" error when building eg. examples
|
|
1b2e83a9
|
2017-12-13T00:19:41
|
|
stransport: provide error message on trust failures
Fixes #4440
|
|
e7fac2af
|
2017-12-09T05:26:27
|
|
Using unsigned instead
|
|
c8aaba24
|
2017-12-06T03:03:18
|
|
libFuzzer: Fix missing trailer crash
This change fixes an invalid memory access when the trailer is missing /
corrupt.
Found using libFuzzer.
|
|
28662c13
|
2017-12-08T06:00:27
|
|
libFuzzer: Prevent a potential shift overflow
The type of |base_offset| in get_delta_base() is `git_off_t`, which is a
signed `long`. That means that we need to make sure that the 8 most
significant bits are zero (instead of 7) to avoid an overflow when it is
shifted by 7 bits.
Found using libFuzzer.
|
|
400caed3
|
2017-12-06T03:22:58
|
|
libFuzzer: Fix a git_packfile_stream leak
This change ensures that the git_packfile_stream object in
git_indexer_append() does not leak when the stream has errors.
Found using libFuzzer.
|
|
2a3e0635
|
2017-12-04T16:56:07
|
|
Do not attempt to check out submodule as blob when merging a submodule modify/deltete conflict
|
|
d788f42a
|
2017-04-09T14:06:23
|
|
notes: Rewrite funcs in terms of note_commit funcs
|
|
429bb357
|
2017-12-01T11:45:53
|
|
Merge pull request #4318 from Uncommon/amend_status
Add git_status_file_at
|
|
344b4ead
|
2017-12-01T11:27:15
|
|
Merge pull request #4427 from pks-t/pks/openssl-threadid
openssl: fix thread-safety on non-glibc POSIX systems
|
|
494a2f23
|
2017-11-30T21:45:27
|
|
Merge pull request #4426 from pks-t/pks/diff-flag-set-fix
diff_generate: fix unsetting diff flags
|
|
2d2e70f8
|
2017-11-30T18:10:28
|
|
openssl: fix thread-safety on non-glibc POSIX systems
While the OpenSSL library provides all means to work safely in a
multi-threaded application, we fail to do so correctly. Quoting from
crypto_lock(3):
OpenSSL can safely be used in multi-threaded applications provided
that at least two callback functions are set, locking_function and
threadid_func.
We do in fact provide the means to set up the locking function via
`git_openssl_set_locking()`, where we initialize a set of locks by using
the POSIX threads API and set the correct callback function to lock and
unlock them.
But what we do not do is setting the `threadid_func` callback. This
function is being used to correctly locate thread-local data of the
OpenSSL library and should thus return per-thread identifiers. Digging
deeper into OpenSSL's documentation, the library does provide a fallback
in case that locking function is not provided by the user. On Windows
and BeOS we should be safe, as it simply "uses the system's default
thread identifying API". On other platforms though OpenSSL will fall
back to using the address of `errno`, assuming it is thread-local.
While this assumption holds true for glibc-based systems, POSIX in fact
does not specify whether it is thread-local or not. Quoting from
errno(3p):
It is unspecified whether errno is a macro or an identifier declared
with external linkage.
And in fact, with musl there is at least one libc implementation which
simply declares `errno` as a simple `int` without being thread-local. On
those systems, the fallback threadid function of OpenSSL will not be
thread-safe.
Fix this by setting up our own callback for this setting. As users of
libgit2 may want to set it themselves, we obviously cannot always set
that function on initialization. But as we already set up primitives for
threading in `git_openssl_set_locking()`, this function becomes the
obvious choice where to implement the additional setup.
|
|
5ca3f115
|
2017-11-30T15:12:48
|
|
diff_generate: fix unsetting diff flags
The macro `DIFF_FLAG_SET` can be used to set or unset a flag by
modifying the diff's bitmask. While the case of setting the flag is
handled correctly, the case of unsetting the flag was not. Instead of
inverting the flags, we are inverting the value which is used to decide
whether we want to set or unset the bits.
The value being used here is a simple `bool` which is `false`. As that
is being uplifted to `int` when getting the bitwise-complement, we will
end up retaining all bits inside of the bitmask. As that's only ever
used to set `GIT_DIFF_IGNORE_CASE`, we were actually always ignoring
case for generated diffs.
Fix that by instead getting the bitwise-complement of `FLAG`, not `VAL`.
|
|
90fc7f53
|
2017-11-30T15:09:05
|
|
diff: remove unused macros `DIFF_FLAG_*`
In commit 9be638ecf (git_diff_generated: abstract generated diffs,
2016-04-19), the code for generated diffs was moved out of the generic
"diff.c" and instead into its own module. During that conversion, it was
forgotten to remove the macros `DIFF_FLAG_IS_SET`, `DIFF_FLAG_ISNT_SET`
and `DIFF_FLAG_SET`, which are now only used in "diff_generated.c".
Remove those macros now.
|
|
4ccacdc8
|
2017-07-21T17:07:10
|
|
status: Add a baseline field to git_status_options for comparing to trees other than HEAD
|
|
38eaa7ab
|
2017-11-24T12:28:19
|
|
winhttp: pass the same payload as ssh & http transports when checking certificates
|
|
7e3faf58
|
2017-10-29T15:05:28
|
|
diff: expose the "indent heuristic" in the diff options
We default to off, but we might want to consider changing `GIT_DIFF_NORMAL` to
include it.
|