kmx git

Commit	Date	Message
df045cef	2016-11-14T12:12:38	Merge pull request #4003 from libgit2/cmn/tree-updater-ordering Use the sorted input in the tree updater
904e1e75	2016-11-14T11:52:49	Merge pull request #3561 from libgit2/cmn/refdb-para Concurrency fixes for the reference db
89776585	2016-11-14T12:44:52	tree: look for conflicts in the new tree when updating We look at whether we're trying to replace a blob with a tree during the update phase, but we fail to look at whether we've just inserted a blob where we're now trying to insert a tree. Update the check to look at both places. The test for this was previously succeeding due to the bu where we did not look at the sorted output.
b85929c5	2016-11-14T12:44:01	tree: use the sorted update list in our loop The loop is made with the assumption that the inputs are sorted and not using it leads to bad outputs.
1d41b86c	2016-11-14T12:22:20	tree: add a failing test for unsorted input We do not currently use the sorted version of this input in the function, which means we produce bad results.
7c32d874	2016-03-10T12:27:07	refdb: expect threaded test deletes to race At times we may try to delete a reference which a different thread has already taken care of.
33248b9e	2016-03-10T12:22:34	refdb: remove a check-delete race when removing a loose ref It does not help us to check whether the file exists before trying to unlink it since it might be gone by the time unlink is called. Instead try to remove it and handle the resulting error if it did not exist.
40ffa07f	2015-12-31T14:51:42	sortedcache: check file size after opening the file Checking the size before we open the file descriptor can lead to the file being replaced from under us when renames aren't quite atomic, so we can end up reading too little of the file, leading to us thinking the file is corrupted.
26416f6d	2015-12-24T17:51:19	refdb: add retry logic to the threaded tests The logic simply consists of retrying for as long as the library says the data is locked, but it eventually gets through.
aef54a46	2016-11-14T11:29:40	refdb: use a constant for the number of per-thread creations/deletes
ce5553d4	2016-03-10T22:01:09	refdb: bubble up locked files on the read side On Windows we can find locked files even when reading a reference or the packed-refs file. Bubble up the error in this case as well to allow callers on Windows to retry more intelligently.
2e09106e	2015-12-24T17:49:49	refdb: bubble up the error code when compressing the db This allows the caller to know the errors was e.g. due to the packed-refs file being already locked and they can try again later.
dd1ca6f1	2015-12-24T17:38:41	refdb: refactor the lockfile cleanup We can reduce the duplication by cleaning up at the beginning of the loop, since it's something we want to do every time we continue.
7ea4710a	2015-12-24T17:30:24	refdb: don't report failure for expected errors There might be a few threads or processes working with references concurrently, so fortify the code to ignore errors which come from concurrent access which do not stop us from continuing the work. This includes ignoring an unlinking error. Either someone else removed it or we leave the file around. In the former case the job is done, and in the latter case, the ref is still in a valid state.
f94825c1	2015-12-24T17:21:51	fileops: save errno and report file existence We need to save the errno, lest we clobber it in the giterr_set() call. Also add code for reporting that a path component is missing, which is a distinct failure mode.
2d9aec99	2015-12-24T14:01:38	refdb: make ref deletion after pack safer In order not to undo concurrent modifications to references, we must make sure that we only delete a loose reference if it still has the same value as when we packed it. This means we need to lock it and then compare the value with the one we put in the packed file.
9914efec	2015-12-24T14:00:48	refdb: bubble up errors We can get useful information like GIT_ELOCKED out of this instead of just -1.
7da4c429	2015-12-24T12:37:41	refdb: adjust the threading tests to what we promise We say it's going to work if you use a different repository in each thread. Let's do precisely that in our code instead of hoping re-using the refdb is going to work. This test does fail currently, surfacing existing bugs.
e1c14335	2016-11-14T10:48:57	Merge pull request #4002 from pks-t/pks/giterr-format giterr format
cc5966b0	2016-11-14T10:39:45	Merge pull request #3983 from pks-t/pks/smart-early-eof transports: smart: abort on early end of stream
eb71490a	2016-11-14T10:19:30	Merge pull request #3985 from libgit2/cmn/threading-update Update THREADING for OpenSSL 1.1
b81fe7c9	2016-11-14T10:07:13	path: pass string instead of git_buf to giterr_set
90a934a5	2016-11-14T10:06:17	checkout: pass string instead of git_buf to `giterr_set`
901434b0	2016-11-14T10:07:37	common: cast precision specifiers to int
c77a55a9	2016-11-14T10:05:31	common: use PRIuZ for size_t in `giterr_set` calls
8effd26f	2016-11-14T09:54:08	common: mark printf-style formatting for `giterr_set`
2d205516	2016-11-14T09:38:44	Merge pull request #3992 from joshtriplett/env-namespace git_repository_open_ext: fix handling of $GIT_NAMESPACE
19981467	2016-11-14T09:31:31	Merge pull request #4001 from pks-t/pks/fileops-docs-typo fileops: fix typos in `git_futils_creat_locked{,with_path}`
7b3f49f0	2016-11-14T09:27:15	fileops: fix typos in `git_futils_creat_locked{,with_path}`
c9e967a1	2016-11-10T03:51:12	git_repository_open_ext: fix handling of $GIT_NAMESPACE The existing code would set a namespace of "" (empty string) with GIT_NAMESPACE unset. In a repository where refs/heads/namespaces/ exists, that can produce incorrect results. Detect that case and avoid setting the namespace at all. Since that makes the last assignment to error conditional, and the previous assignment can potentially get GIT_ENOTFOUND, set error to 0 explicitly to prevent the call from incorrectly failing with GIT_ENOTFOUND.
b7822050	2016-11-11T11:25:39	Merge pull request #3993 from alexcrichton/fix-fault
5ca75fd5	2016-11-10T08:00:22	curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.
5fe5557e	2016-11-04T18:18:46	Merge pull request #3974 from libgit2/pks/synchronize-shutdown global: synchronize initialization and shutdown with pthreads
6e2fab9e	2016-11-04T18:14:00	Merge pull request #3977 from jfultz/fix-forced-branch-creation-on-bare-repo
f9793884	2016-10-28T14:32:01	branch: fix forced branch creation on HEAD of a bare repo The code correctly detects that forced creation of a branch on a nonbare repo should not be able to overwrite a branch which is the HEAD reference. But there's no reason to prevent this on a bare repo, and in fact, git allows this. I.e., git branch -f master new_sha works on a bare repo with HEAD set to master. This change fixes that problem, and updates tests so that, for this case, both the bare and nonbare cases are checked for correct behavior.
f7d316ed	2016-11-02T17:22:30	THREADING: OpenSSL 1.1 is thead-safe, rework some paragraphs
86bbaaa1	2016-11-02T17:06:15	THREADING: update cURL thread safety link
7175222c	2016-11-02T14:50:59	Merge pull request #3960 from ignatenkobrain/openssl-1.1.0 add support for OpenSSL 1.1.0 for BIO filter
3b832a08	2016-11-02T13:11:31	openssl: include OpenSSL headers only when we're buliding against it We need to include the initialisation and construction functions in all backend, so we include this header when building against SecureTransport and WinHTTP as well.
d2451fed	2016-11-02T13:05:35	Merge pull request #3984 from pks-t/pks/pack-find-offset-race pack: fix race in pack_entry_find_offset
2f3adf95	2016-11-02T12:35:46	openssl: use ASN1_STRING_get0_data when compiling against 1.1 For older versions we can fall back on the deprecated ASN1_STRING_data.
f15eedb3	2016-11-02T12:28:25	openssl: recreate the OpenSSL 1.1 BIO interface for older versions We want to program against the interface, so recreate it when we compile against pre-1.1 versions.
0cf15e39	2016-11-02T12:23:12	pack: fix race in pack_entry_find_offset In `pack_entry_find_offset`, we try to find the offset of a certain object in the pack file. To do so, we first assert if the packfile has already been opened and open it if not. Opening the packfile is guarded with a mutex, so concurrent access to this is in fact safe. What is not thread-safe though is our calculation of offsets inside the packfile. Assume two threads calling `pack_entry_find_offset` at the same time. We first calculate the offset and index location and only then determine if the pack has already been opened. If so, we re-calculate the offset and index address. Now the case for two threads: thread 1 first calculates the addresses and is subsequently suspended. The second thread will now call `pack_index_open` and initialize the pack file, calculating its addresses correctly. When the first thread is resumed now, he'll see that the pack file has already been initialized and will happily proceed with the addresses it has already calculated before the check. As the pack file was not initialized before, these addresses are bogus. Fix the issue by only calculating the addresses after having checked if the pack file is open.
62494bf2	2016-11-02T09:38:40	transports: smart: abort receiving packets on end of stream When trying to receive packets from the remote, we loop until either an error distinct to `GIT_EBUFS` occurs or until we successfully parsed the packet. This does not honor the case where we are looping over an already closed socket which has no more data, leaving us in an infinite loop if we got a bogus packet size or if the remote hang up. Fix the issue by returning `GIT_EEOF` when we cannot read data from the socket anymore.
61530c49	2016-11-01T16:56:07	transports: smart: abort ref announcement on early end of stream When reading a server's reference announcements via the smart protocol, we expect the server to send multiple flushes before the protocol is finished. If we fail to receive new data from the socket, we will only return an end of stream error if we have not seen any flush yet. This logic is flawed in that we may run into an infinite loop when receiving a server's reference announcement with a bogus flush packet. E.g. assume the last flushing package is changed to not be '0000' but instead any other value. In this case, we will still await one more flush package and ignore the fact that we are not receiving any data from the socket, causing an infinite loop. Fix the issue by always returning `GIT_EEOF` if the socket indicates an end of stream.
19001ca7	2016-11-02T09:23:53	Merge pull request #3976 from pks-t/pks/pqueue-null-deref pqueue: resolve possible NULL pointer dereference
1c33ecc4	2016-11-01T14:30:38	tests: core: test deinitialization and concurrent initialization Exercise the logic surrounding deinitialization of the libgit2 library as well as repeated concurrent de- and reinitialization. This tries to catch races and makes sure that it is possible to reinitialize libgit2 multiple times. After deinitializing libgit2, we have to make sure to setup options required for testing. Currently, this only includes setting up the configuration search path again. Before, this has been set up once in `tests/main.c`.
038f0e1b	2016-11-02T08:49:24	global: reset global state on shutdown without threading When threading is not enabled for libgit2, we keep global state in a simple static variable. When libgit2 is shut down, we clean up the global state by freeing the global state's dynamically allocated memory. When libgit2 is built with threading, we additionally free the thread-local storage and thus completely remove the global state. In a non-threaded build, though, we simply leave the global state as-is, which may result in an error upon reinitializing libgit2. Fix the issue by zeroing out the variable on a shutdown, thus returning it to its initial state.
6502398f	2016-11-01T16:55:16	proxy: fix typo in documentation
59c6c286	2016-10-27T12:31:17	global: synchronize initialization and shutdown with pthreads When trying to initialize and tear down global data structures from different threads at once with `git_libgit2_init` and `git_libgit2_shutdown`, we race around initializing data. While we use `pthread_once` to assert that we only initilize data a single time, we actually reset the `pthread_once_t` on the last call to `git_libgit2_shutdown`. As resetting this variable is not synchronized with other threads trying to access it, this is actually racy when one thread tries to do a complete shutdown of libgit2 while another thread tries to initialize it. Fix the issue by creating a mutex which synchronizes `init_once` and the library shutdown.
41ad9ebf	2016-11-01T09:59:17	Merge pull request #3975 from pks-t/pks/ci-improvements CI Improvements
a051ee31	2016-10-31T16:02:43	Merge pull request #3978 from pks-t/pks/doc-improvements Small documentation improvements
0334bf4b	2016-10-28T14:57:54	travis: do not allow valgrind failures Our valgrind jobs haven't been failing for several builds by now. This indicates that our tests are sufficiently stable when running under valgrind. As such, any failures reported by valgrind become interesting to us and shouldn't be ignored when causing a build to fail. Remove the valgrind job from the list of allowed failures.
18c18e3d	2016-10-31T15:55:46	coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.
dc98cb28	2016-10-31T13:50:23	openssl_stream: fix typo
59665db3	2016-10-31T13:50:13	PROJECTS: consistently quote directories
ea9ea6ac	2016-10-31T13:49:52	Documentation: fix small typos
95fa3880	2016-10-28T16:07:40	pqueue: resolve possible NULL pointer dereference The `git_pqueue` struct allows being fixed in its total number of entries. In this case, we simply throw away items that are inserted into the priority queue by examining wether the new item to be inserted has a higher priority than the previous smallest one. This feature somewhat contradicts our pqueue implementation in that it is allowed to not have a comparison function. In fact, we also fail to check if the comparison function is actually set in the case where we add a new item into a fully filled fixed-size pqueue. As we cannot determine which item is the smallest item in absence of a comparison function, we fix the `NULL` pointer dereference by simply dropping all new items which are about to be inserted into a full fixed-size pqueue.
561276ee	2016-10-28T14:48:30	coverity: only analyze the master branch of the main repository We used to only execute Coverity analysis on the 'development' branch before commit 998f001 (Refine build limitation, 2014-01-15), which refined Coverity build limitations. While we do not really use the 'development' branch anymore, it does still make sense to only analyze a single branch, as otherwise Coverity might get confused. Re-establish the restriction such that we only analyze libgit2's 'master' branch. Also fix the message announcing why we do not actually analyze a certain build.
6c4d2d3e	2016-10-28T14:45:55	coverity: fix download URL
e3298a33	2016-10-28T12:30:39	Merge pull request #3973 from pks-t/pks/memleak-fixes Trivial memory leak fixes in test suite
30a876cd	2016-10-27T11:29:15	tests: fetchhead: fix memory leak
61ad9bcd	2016-10-27T11:26:52	tests: vector: fix memory leak
67dd3140	2016-10-16T12:57:29	Merge pull request #3966 from vivaladav/documentation-fixes patch: minor documentation fix.
6d8ecf08	2016-10-16T00:43:27	patch: minor documentation fix. Fix @return description of git_patch_num_lines_in_hunk.
feb330d5	2016-10-12T12:41:36	add support for OpenSSL 1.1.0 for BIO filter Closes: https://github.com/libgit2/libgit2/issues/3959 Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
dcd759b8	2016-10-10T09:25:49	Merge pull request #3897 from pks-t/pks/squelch-example-warnings Squelch example warnings, enable CI
ec3f5a9c	2016-08-16T11:02:47	script: cibuild: build examples
fc293919	2016-08-16T11:43:10	examples: add: fix type casting warning
5c2a8361	2016-08-16T11:01:09	examples: diff: parse correct types for line-diffopts
7314da10	2016-08-16T10:55:28	examples: fix warnings in network/fetch.c
e2d1b7ec	2016-08-16T10:46:35	examples: general: fix remaining warnings
662eee15	2016-08-16T10:09:52	examples: general: convert C99 comments to C90 comments
c313e3d9	2016-09-01T12:44:08	examples: general: extract function demonstrating OID parsing
29d9afc0	2016-08-16T10:06:17	examples: general: extract function demonstrating ODB
b009adad	2016-08-16T09:59:28	examples: general: extract function demonstrating commit writing
15960454	2016-08-16T09:36:31	examples: general: extract functions demonstrating object parsing
8b93ccdf	2016-08-16T09:35:08	examples: general: extract function demonstrating revwalking
c079e3c8	2016-08-16T09:32:15	examples: general: extract function demonstrating index walking
f9a7973d	2016-08-16T09:29:14	examples: general: extract function demonstrating reference listings
986913f4	2016-08-16T09:25:06	examples: general: extract function demonstrating config files
176d58ba	2016-08-16T09:17:12	examples: general: use tabs instead of spaces
610cff13	2016-10-09T16:05:48	Merge branch 'pr/3809'
dc5cfdba	2016-06-02T23:18:31	make git_diff_stats_to_buf not show 0 insertions or 0 deletions
2468bf06	2016-10-09T15:45:20	Merge pull request #3958 from libgit2/ethomson/settings_docs docs: GIT_OPT_ENABLE_STRICT_OBJECT_CREATION is enabled
aae89534	2016-10-09T12:51:48	Merge pull request #3956 from pks-t/pks/object-parsing-hardening Object parsing hardening
a719ef5e	2016-10-07T09:31:41	commit: always initialize commit message When parsing a commit, we will treat all bytes left after parsing the headers as the commit message. When no bytes are left, we leave the commit's message uninitialized. While uncommon to have a commit without message, this is the right behavior as Git unfortunately allows for empty commit messages. Given that this scenario is so uncommon, most programs acting on the commit message will never check if the message is actually set, which may lead to errors. To work around the error and not lay the burden of checking for empty commit messages to the developer, initialize the commit message with an empty string when no commit message is given.
93392cdd	2016-10-09T11:27:56	docs: GIT_OPT_ENABLE_STRICT_OBJECT_CREATION is enabled We changed the defaults on strict object creation - it is enabled by default. Update the documentation to reflect that.
a7df4a91	2016-10-07T22:36:21	Merge pull request #3955 from arthurschreiber/arthur/fix-regcomp_l-check Fix the existence check for `regcomp_l`.
36117978	2016-10-06T18:30:30	Fix the existence check for `regcomp_l`. `xlocale.h` only defines `regcomp_l` if `regex.h` was included as well. Also change the test cases to actually test `p_regcomp` works with a multibyte locale.
45dc219f	2016-10-07T16:01:28	Merge pull request #3921 from libgit2/cmn/walk-limit-enough Improve revision walk preparation logic
4974e3a5	2016-10-07T09:18:55	tree: validate filename and OID length when parsing object When parsing tree entries from raw object data, we do not verify that the tree entry actually has a filename as well as a valid object ID. Fix this by asserting that the filename length is non-zero as well as asserting that there are at least `GIT_OID_RAWSZ` bytes left when parsing the OID.
fedc05c8	2016-10-06T18:13:34	revwalk: don't show commits that become uninteresting after being enqueued When we read from the list which `limit_list()` gives us, we need to check that the commit is still interesting, as it might have become uninteresting after it was added to the list.
d11fcf86	2016-10-06T14:57:11	Merge pull request #3953 from arthurschreiber/arthur/fix-regcomp-locale-issues Make sure we use the `C` locale for `regcomp` on macOS.
ab96ca55	2016-10-06T13:15:31	Make sure we use the `C` locale for `regcomp` on macOS.
3cc5ec94	2016-10-05T12:57:53	rebase: don't ask for time sorting `git-rebase--merge` does not ask for time sorting, but uses the default. We now produce the same default time-ordered output as git, so make us of that since it's not always the same output as our time sorting.
82d4c0e6	2016-10-05T12:55:53	revwalk: update the description for the default sorting It changed from implementation-defined to git's default sorting, as there are systems (e.g. rebase) which depend on this order. Also specify more explicitly how you can get git's "date-order".
ea1ceb7f	2016-10-05T12:23:26	revwalk: remove a useless enqueueing phase for topological and default sorting After `limit_list()` we already have the list in time-sorted order, which is what we want in the "default" case. Enqueueing into the "unsorted" list would just reverse it, and the topological sort will do its own sorting if it needs to.
4aed1b9a	2016-09-29T15:05:38	Add revwalk note to CHANGELOG
9db367bf	2016-09-27T16:14:42	revwalk: get rid of obsolete marking code We've now moved to code that's closer to git and produces the output during the preparation phase, so we no longer process the commits as part of generating the output. This makes a chunk of code redundant, as we're simply short-circuiting it by detecting we've processed the commits alrady.

df045cef

2016-11-14T12:12:38

Merge pull request #4003 from libgit2/cmn/tree-updater-ordering Use the sorted input in the tree updater

904e1e75

2016-11-14T11:52:49

Merge pull request #3561 from libgit2/cmn/refdb-para Concurrency fixes for the reference db

89776585

2016-11-14T12:44:52

tree: look for conflicts in the new tree when updating We look at whether we're trying to replace a blob with a tree during the update phase, but we fail to look at whether we've just inserted a blob where we're now trying to insert a tree. Update the check to look at both places. The test for this was previously succeeding due to the bu where we did not look at the sorted output.

b85929c5

2016-11-14T12:44:01

tree: use the sorted update list in our loop The loop is made with the assumption that the inputs are sorted and not using it leads to bad outputs.

1d41b86c

2016-11-14T12:22:20

tree: add a failing test for unsorted input We do not currently use the sorted version of this input in the function, which means we produce bad results.

7c32d874

2016-03-10T12:27:07

refdb: expect threaded test deletes to race At times we may try to delete a reference which a different thread has already taken care of.

33248b9e

2016-03-10T12:22:34

refdb: remove a check-delete race when removing a loose ref It does not help us to check whether the file exists before trying to unlink it since it might be gone by the time unlink is called. Instead try to remove it and handle the resulting error if it did not exist.

40ffa07f

2015-12-31T14:51:42

sortedcache: check file size after opening the file Checking the size before we open the file descriptor can lead to the file being replaced from under us when renames aren't quite atomic, so we can end up reading too little of the file, leading to us thinking the file is corrupted.

26416f6d

2015-12-24T17:51:19

refdb: add retry logic to the threaded tests The logic simply consists of retrying for as long as the library says the data is locked, but it eventually gets through.

aef54a46

2016-11-14T11:29:40

refdb: use a constant for the number of per-thread creations/deletes

ce5553d4

2016-03-10T22:01:09

refdb: bubble up locked files on the read side On Windows we can find locked files even when reading a reference or the packed-refs file. Bubble up the error in this case as well to allow callers on Windows to retry more intelligently.

2e09106e

2015-12-24T17:49:49

refdb: bubble up the error code when compressing the db This allows the caller to know the errors was e.g. due to the packed-refs file being already locked and they can try again later.

dd1ca6f1

2015-12-24T17:38:41

refdb: refactor the lockfile cleanup We can reduce the duplication by cleaning up at the beginning of the loop, since it's something we want to do every time we continue.

7ea4710a

2015-12-24T17:30:24

refdb: don't report failure for expected errors There might be a few threads or processes working with references concurrently, so fortify the code to ignore errors which come from concurrent access which do not stop us from continuing the work. This includes ignoring an unlinking error. Either someone else removed it or we leave the file around. In the former case the job is done, and in the latter case, the ref is still in a valid state.

f94825c1

2015-12-24T17:21:51

fileops: save errno and report file existence We need to save the errno, lest we clobber it in the giterr_set() call. Also add code for reporting that a path component is missing, which is a distinct failure mode.

2d9aec99

2015-12-24T14:01:38

refdb: make ref deletion after pack safer In order not to undo concurrent modifications to references, we must make sure that we only delete a loose reference if it still has the same value as when we packed it. This means we need to lock it and then compare the value with the one we put in the packed file.

9914efec

2015-12-24T14:00:48

refdb: bubble up errors We can get useful information like GIT_ELOCKED out of this instead of just -1.

7da4c429

2015-12-24T12:37:41

refdb: adjust the threading tests to what we promise We say it's going to work if you use a different repository in each thread. Let's do precisely that in our code instead of hoping re-using the refdb is going to work. This test does fail currently, surfacing existing bugs.

e1c14335

2016-11-14T10:48:57

Merge pull request #4002 from pks-t/pks/giterr-format giterr format

cc5966b0

2016-11-14T10:39:45

Merge pull request #3983 from pks-t/pks/smart-early-eof transports: smart: abort on early end of stream

eb71490a

2016-11-14T10:19:30

Merge pull request #3985 from libgit2/cmn/threading-update Update THREADING for OpenSSL 1.1

b81fe7c9

2016-11-14T10:07:13

path: pass string instead of git_buf to giterr_set

90a934a5

2016-11-14T10:06:17

checkout: pass string instead of git_buf to `giterr_set`

901434b0

2016-11-14T10:07:37

common: cast precision specifiers to int

c77a55a9

2016-11-14T10:05:31

common: use PRIuZ for size_t in `giterr_set` calls

8effd26f

2016-11-14T09:54:08

common: mark printf-style formatting for `giterr_set`

2d205516

2016-11-14T09:38:44

Merge pull request #3992 from joshtriplett/env-namespace git_repository_open_ext: fix handling of $GIT_NAMESPACE

19981467

2016-11-14T09:31:31

Merge pull request #4001 from pks-t/pks/fileops-docs-typo fileops: fix typos in `git_futils_creat_locked{,with_path}`

7b3f49f0

2016-11-14T09:27:15

fileops: fix typos in `git_futils_creat_locked{,with_path}`

c9e967a1

2016-11-10T03:51:12

git_repository_open_ext: fix handling of $GIT_NAMESPACE The existing code would set a namespace of "" (empty string) with GIT_NAMESPACE unset. In a repository where refs/heads/namespaces/ exists, that can produce incorrect results. Detect that case and avoid setting the namespace at all. Since that makes the last assignment to error conditional, and the previous assignment can potentially get GIT_ENOTFOUND, set error to 0 explicitly to prevent the call from incorrectly failing with GIT_ENOTFOUND.

b7822050

2016-11-11T11:25:39

Merge pull request #3993 from alexcrichton/fix-fault

5ca75fd5

2016-11-10T08:00:22

curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.

5fe5557e

2016-11-04T18:18:46

Merge pull request #3974 from libgit2/pks/synchronize-shutdown global: synchronize initialization and shutdown with pthreads

6e2fab9e

2016-11-04T18:14:00

Merge pull request #3977 from jfultz/fix-forced-branch-creation-on-bare-repo

f9793884

2016-10-28T14:32:01

branch: fix forced branch creation on HEAD of a bare repo The code correctly detects that forced creation of a branch on a nonbare repo should not be able to overwrite a branch which is the HEAD reference. But there's no reason to prevent this on a bare repo, and in fact, git allows this. I.e., git branch -f master new_sha works on a bare repo with HEAD set to master. This change fixes that problem, and updates tests so that, for this case, both the bare and nonbare cases are checked for correct behavior.

f7d316ed

2016-11-02T17:22:30

THREADING: OpenSSL 1.1 is thead-safe, rework some paragraphs

86bbaaa1

2016-11-02T17:06:15

THREADING: update cURL thread safety link

7175222c

2016-11-02T14:50:59

Merge pull request #3960 from ignatenkobrain/openssl-1.1.0 add support for OpenSSL 1.1.0 for BIO filter

3b832a08

2016-11-02T13:11:31

openssl: include OpenSSL headers only when we're buliding against it We need to include the initialisation and construction functions in all backend, so we include this header when building against SecureTransport and WinHTTP as well.

d2451fed

2016-11-02T13:05:35

Merge pull request #3984 from pks-t/pks/pack-find-offset-race pack: fix race in pack_entry_find_offset

2f3adf95

2016-11-02T12:35:46

openssl: use ASN1_STRING_get0_data when compiling against 1.1 For older versions we can fall back on the deprecated ASN1_STRING_data.

f15eedb3

2016-11-02T12:28:25

openssl: recreate the OpenSSL 1.1 BIO interface for older versions We want to program against the interface, so recreate it when we compile against pre-1.1 versions.

0cf15e39

2016-11-02T12:23:12

pack: fix race in pack_entry_find_offset In `pack_entry_find_offset`, we try to find the offset of a certain object in the pack file. To do so, we first assert if the packfile has already been opened and open it if not. Opening the packfile is guarded with a mutex, so concurrent access to this is in fact safe. What is not thread-safe though is our calculation of offsets inside the packfile. Assume two threads calling `pack_entry_find_offset` at the same time. We first calculate the offset and index location and only then determine if the pack has already been opened. If so, we re-calculate the offset and index address. Now the case for two threads: thread 1 first calculates the addresses and is subsequently suspended. The second thread will now call `pack_index_open` and initialize the pack file, calculating its addresses correctly. When the first thread is resumed now, he'll see that the pack file has already been initialized and will happily proceed with the addresses it has already calculated before the check. As the pack file was not initialized before, these addresses are bogus. Fix the issue by only calculating the addresses after having checked if the pack file is open.

62494bf2

2016-11-02T09:38:40

transports: smart: abort receiving packets on end of stream When trying to receive packets from the remote, we loop until either an error distinct to `GIT_EBUFS` occurs or until we successfully parsed the packet. This does not honor the case where we are looping over an already closed socket which has no more data, leaving us in an infinite loop if we got a bogus packet size or if the remote hang up. Fix the issue by returning `GIT_EEOF` when we cannot read data from the socket anymore.

61530c49

2016-11-01T16:56:07

transports: smart: abort ref announcement on early end of stream When reading a server's reference announcements via the smart protocol, we expect the server to send multiple flushes before the protocol is finished. If we fail to receive new data from the socket, we will only return an end of stream error if we have not seen any flush yet. This logic is flawed in that we may run into an infinite loop when receiving a server's reference announcement with a bogus flush packet. E.g. assume the last flushing package is changed to not be '0000' but instead any other value. In this case, we will still await one more flush package and ignore the fact that we are not receiving any data from the socket, causing an infinite loop. Fix the issue by always returning `GIT_EEOF` if the socket indicates an end of stream.

19001ca7

2016-11-02T09:23:53

Merge pull request #3976 from pks-t/pks/pqueue-null-deref pqueue: resolve possible NULL pointer dereference

1c33ecc4

2016-11-01T14:30:38

tests: core: test deinitialization and concurrent initialization Exercise the logic surrounding deinitialization of the libgit2 library as well as repeated concurrent de- and reinitialization. This tries to catch races and makes sure that it is possible to reinitialize libgit2 multiple times. After deinitializing libgit2, we have to make sure to setup options required for testing. Currently, this only includes setting up the configuration search path again. Before, this has been set up once in `tests/main.c`.

038f0e1b

2016-11-02T08:49:24

global: reset global state on shutdown without threading When threading is not enabled for libgit2, we keep global state in a simple static variable. When libgit2 is shut down, we clean up the global state by freeing the global state's dynamically allocated memory. When libgit2 is built with threading, we additionally free the thread-local storage and thus completely remove the global state. In a non-threaded build, though, we simply leave the global state as-is, which may result in an error upon reinitializing libgit2. Fix the issue by zeroing out the variable on a shutdown, thus returning it to its initial state.

6502398f

2016-11-01T16:55:16

proxy: fix typo in documentation

59c6c286

2016-10-27T12:31:17

global: synchronize initialization and shutdown with pthreads When trying to initialize and tear down global data structures from different threads at once with `git_libgit2_init` and `git_libgit2_shutdown`, we race around initializing data. While we use `pthread_once` to assert that we only initilize data a single time, we actually reset the `pthread_once_t` on the last call to `git_libgit2_shutdown`. As resetting this variable is not synchronized with other threads trying to access it, this is actually racy when one thread tries to do a complete shutdown of libgit2 while another thread tries to initialize it. Fix the issue by creating a mutex which synchronizes `init_once` and the library shutdown.

41ad9ebf

2016-11-01T09:59:17

Merge pull request #3975 from pks-t/pks/ci-improvements CI Improvements

a051ee31

2016-10-31T16:02:43

Merge pull request #3978 from pks-t/pks/doc-improvements Small documentation improvements

0334bf4b

2016-10-28T14:57:54

travis: do not allow valgrind failures Our valgrind jobs haven't been failing for several builds by now. This indicates that our tests are sufficiently stable when running under valgrind. As such, any failures reported by valgrind become interesting to us and shouldn't be ignored when causing a build to fail. Remove the valgrind job from the list of allowed failures.

18c18e3d

2016-10-31T15:55:46

coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.

dc98cb28

2016-10-31T13:50:23

openssl_stream: fix typo

59665db3

2016-10-31T13:50:13

PROJECTS: consistently quote directories

ea9ea6ac

2016-10-31T13:49:52

Documentation: fix small typos

95fa3880

2016-10-28T16:07:40

pqueue: resolve possible NULL pointer dereference The `git_pqueue` struct allows being fixed in its total number of entries. In this case, we simply throw away items that are inserted into the priority queue by examining wether the new item to be inserted has a higher priority than the previous smallest one. This feature somewhat contradicts our pqueue implementation in that it is allowed to not have a comparison function. In fact, we also fail to check if the comparison function is actually set in the case where we add a new item into a fully filled fixed-size pqueue. As we cannot determine which item is the smallest item in absence of a comparison function, we fix the `NULL` pointer dereference by simply dropping all new items which are about to be inserted into a full fixed-size pqueue.

561276ee

2016-10-28T14:48:30

coverity: only analyze the master branch of the main repository We used to only execute Coverity analysis on the 'development' branch before commit 998f001 (Refine build limitation, 2014-01-15), which refined Coverity build limitations. While we do not really use the 'development' branch anymore, it does still make sense to only analyze a single branch, as otherwise Coverity might get confused. Re-establish the restriction such that we only analyze libgit2's 'master' branch. Also fix the message announcing why we do not actually analyze a certain build.

6c4d2d3e

2016-10-28T14:45:55

coverity: fix download URL

e3298a33

2016-10-28T12:30:39

Merge pull request #3973 from pks-t/pks/memleak-fixes Trivial memory leak fixes in test suite

30a876cd

2016-10-27T11:29:15

tests: fetchhead: fix memory leak

61ad9bcd

2016-10-27T11:26:52

tests: vector: fix memory leak

67dd3140

2016-10-16T12:57:29

Merge pull request #3966 from vivaladav/documentation-fixes patch: minor documentation fix.

6d8ecf08

2016-10-16T00:43:27

patch: minor documentation fix. Fix @return description of git_patch_num_lines_in_hunk.

feb330d5

2016-10-12T12:41:36

add support for OpenSSL 1.1.0 for BIO filter Closes: https://github.com/libgit2/libgit2/issues/3959 Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>

dcd759b8

2016-10-10T09:25:49

Merge pull request #3897 from pks-t/pks/squelch-example-warnings Squelch example warnings, enable CI

ec3f5a9c

2016-08-16T11:02:47

script: cibuild: build examples

fc293919

2016-08-16T11:43:10

examples: add: fix type casting warning

5c2a8361

2016-08-16T11:01:09

examples: diff: parse correct types for line-diffopts

7314da10

2016-08-16T10:55:28

examples: fix warnings in network/fetch.c

e2d1b7ec

2016-08-16T10:46:35

examples: general: fix remaining warnings

662eee15

2016-08-16T10:09:52

examples: general: convert C99 comments to C90 comments

c313e3d9

2016-09-01T12:44:08

examples: general: extract function demonstrating OID parsing

29d9afc0

2016-08-16T10:06:17

examples: general: extract function demonstrating ODB

b009adad

2016-08-16T09:59:28

examples: general: extract function demonstrating commit writing

15960454

2016-08-16T09:36:31

examples: general: extract functions demonstrating object parsing

8b93ccdf

2016-08-16T09:35:08

examples: general: extract function demonstrating revwalking

c079e3c8

2016-08-16T09:32:15

examples: general: extract function demonstrating index walking

f9a7973d

2016-08-16T09:29:14

examples: general: extract function demonstrating reference listings

986913f4

2016-08-16T09:25:06

examples: general: extract function demonstrating config files

176d58ba

2016-08-16T09:17:12

examples: general: use tabs instead of spaces

610cff13

2016-10-09T16:05:48

Merge branch 'pr/3809'

dc5cfdba

2016-06-02T23:18:31

make git_diff_stats_to_buf not show 0 insertions or 0 deletions

2468bf06

2016-10-09T15:45:20

Merge pull request #3958 from libgit2/ethomson/settings_docs docs: GIT_OPT_ENABLE_STRICT_OBJECT_CREATION is enabled

aae89534

2016-10-09T12:51:48

Merge pull request #3956 from pks-t/pks/object-parsing-hardening Object parsing hardening

a719ef5e

2016-10-07T09:31:41

commit: always initialize commit message When parsing a commit, we will treat all bytes left after parsing the headers as the commit message. When no bytes are left, we leave the commit's message uninitialized. While uncommon to have a commit without message, this is the right behavior as Git unfortunately allows for empty commit messages. Given that this scenario is so uncommon, most programs acting on the commit message will never check if the message is actually set, which may lead to errors. To work around the error and not lay the burden of checking for empty commit messages to the developer, initialize the commit message with an empty string when no commit message is given.

93392cdd

2016-10-09T11:27:56

docs: GIT_OPT_ENABLE_STRICT_OBJECT_CREATION is enabled We changed the defaults on strict object creation - it is enabled by default. Update the documentation to reflect that.

a7df4a91

2016-10-07T22:36:21

Merge pull request #3955 from arthurschreiber/arthur/fix-regcomp_l-check Fix the existence check for `regcomp_l`.

36117978

2016-10-06T18:30:30

Fix the existence check for `regcomp_l`. `xlocale.h` only defines `regcomp_l` if `regex.h` was included as well. Also change the test cases to actually test `p_regcomp` works with a multibyte locale.

45dc219f

2016-10-07T16:01:28

Merge pull request #3921 from libgit2/cmn/walk-limit-enough Improve revision walk preparation logic

4974e3a5

2016-10-07T09:18:55

tree: validate filename and OID length when parsing object When parsing tree entries from raw object data, we do not verify that the tree entry actually has a filename as well as a valid object ID. Fix this by asserting that the filename length is non-zero as well as asserting that there are at least `GIT_OID_RAWSZ` bytes left when parsing the OID.

fedc05c8

2016-10-06T18:13:34

revwalk: don't show commits that become uninteresting after being enqueued When we read from the list which `limit_list()` gives us, we need to check that the commit is still interesting, as it might have become uninteresting after it was added to the list.

d11fcf86

2016-10-06T14:57:11

Merge pull request #3953 from arthurschreiber/arthur/fix-regcomp-locale-issues Make sure we use the `C` locale for `regcomp` on macOS.

ab96ca55

2016-10-06T13:15:31

Make sure we use the `C` locale for `regcomp` on macOS.

3cc5ec94

2016-10-05T12:57:53

rebase: don't ask for time sorting `git-rebase--merge` does not ask for time sorting, but uses the default. We now produce the same default time-ordered output as git, so make us of that since it's not always the same output as our time sorting.

82d4c0e6

2016-10-05T12:55:53

revwalk: update the description for the default sorting It changed from implementation-defined to git's default sorting, as there are systems (e.g. rebase) which depend on this order. Also specify more explicitly how you can get git's "date-order".

ea1ceb7f

2016-10-05T12:23:26

revwalk: remove a useless enqueueing phase for topological and default sorting After `limit_list()` we already have the list in time-sorted order, which is what we want in the "default" case. Enqueueing into the "unsorted" list would just reverse it, and the topological sort will do its own sorting if it needs to.

4aed1b9a

2016-09-29T15:05:38

Add revwalk note to CHANGELOG

9db367bf

2016-09-27T16:14:42

revwalk: get rid of obsolete marking code We've now moved to code that's closer to git and produces the output during the preparation phase, so we no longer process the commits as part of generating the output. This makes a chunk of code redundant, as we're simply short-circuiting it by detecting we've processed the commits alrady.

thodg/libgit2

Log