Log

Author Commit Date CI Message
Edward Thomson ee6ebcc9 2019-08-05T00:11:54 v0.28.3: update changelog for security release
Patrick Steinhardt 3316f666 2019-06-21T15:53:54 commit_list: fix possible buffer overflow in `commit_quick_parse` The function `commit_quick_parse` provides a way to quickly parse parts of a commit without storing or verifying most of its metadata. The first thing it does is calculating the number of parents by skipping "parent " lines until it finds the first non-parent line. Afterwards, this parent count is passed to `alloc_parents`, which will allocate an array to store all the parent. To calculate the amount of storage required for the parents array, `alloc_parents` simply multiplicates the number of parents with the respective elements's size. This already screams "buffer overflow", and in fact this problem is getting worse by the result being cast to an `uint32_t`. In fact, triggering this is possible: git-hash-object(1) will happily write a commit with multiple millions of parents for you. I've stopped at 67,108,864 parents as git-hash-object(1) unfortunately soaks up the complete object without streaming anything to disk and thus will cause an OOM situation at a later point. The point here is: this commit was about 4.1GB of size but compressed down to 24MB and thus easy to distribute. The above doesn't yet trigger the buffer overflow, thus. As the array's elements are all pointers which are 8 bytes on 64 bit, we need a total of 536,870,912 parents to trigger the overflow to `0`. The effect is that we're now underallocating the array and do an out-of-bound writes. As the buffer is kindly provided by the adversary, this may easily result in code execution. Extrapolating from the test file with 67m commits to the one with 536m commits results in a factor of 8. Thus the uncompressed contents would be about 32GB in size and the compressed ones 192MB. While still easily distributable via the network, only servers will have that amount of RAM and not cause an out-of-memory condition previous to triggering the overflow. This at least makes this attack not an easy vector for client-side use of libgit2.
Johannes Schindelin d475d5d6 2019-06-19T12:59:27 config: validate ownership of C:\ProgramData\Git\config before using it When the VirtualStore feature is in effect, it is safe to let random users write into C:\ProgramData because other users won't see those files. This seemed to be the case when we introduced support for C:\ProgramData\Git\config. However, when that feature is not in effect (which seems to be the case in newer Windows 10 versions), we'd rather not use those files unless they come from a trusted source, such as an administrator. This change imitates the strategy chosen by PowerShell's native OpenSSH port to Windows regarding host key files: if a system file is owned neither by an administrator, a system account, or the current user, it is ignored.
Patrick Steinhardt b3e1a56e 2019-05-21T09:54:19 Merge pull request #5064 from pks-t/pks/v0.28.2 Release v0.28.2
Daniel Cohen Gindi 0d68704a 2019-05-05T07:49:09 Support symlinks for directories in win32 (cherry picked from commit 37a7adb59c5075901bd64259e8a98ccef6f6f452)
Patrick Steinhardt eddd8fd1 2019-05-02T10:35:46 Release v0.28.2
Jacques Germishuys 887e004e 2019-05-20T12:44:37 define SYMBOLIC_LINK_FLAG_DIRECTORY if not defined (cherry picked from commit 0fd259ed7a597c32d619190898bb5780a1ddbdd4)
Daniel Cohen Gindi 4881a867 2019-05-06T14:51:52 Moved dwFlags declaration to beginning of scope (cherry picked from commit 336e98bb95393b165bc5f13f3b729cbddf1fd554)
Ian Hattendorf 98c11905 2019-03-20T12:28:45 Correctly write to missing locked global config Opening a default config when ~/.gitconfig doesn't exist, locking it, and attempting to write to it causes an assertion failure. Treat non-existent global config file content as an empty string. (cherry picked from commit e44110dbbfc9d50b883d73fbb6c9e3b53732ec9d)
Patrick Steinhardt 9e07f684 2019-04-26T08:01:56 cmake: fix include ordering issues with bundled deps When linking against bundled libraries, we include their header directories by using "-isystem". The reason for that is that we want to handle our vendored library headers specially, most importantly to ignore warnings generated by including them. By using "-isystem", though, we screw up the order of searched include directories by moving those bundled dependencies towards the end of the lookup order. Like this, chances are high that any other specified include directory contains a file that collides with the actual desired include file. Fix this by not treating the bundled dependencies' include directories as system includes. This will move them to the front of the lookup order and thus cause them to override system-provided headers. While this may cause the compiler to generate additional warnings when processing bundled headers, this is a tradeoff we should make regardless to fix builds on systems hitting this issue. (cherry picked from commit ee3d71fb86bad4a681d762d90374e46f1d005714)
Patrick Steinhardt 085ed2c6 2019-02-25T11:35:16 cmake: correctly detect if system provides `regcomp` We assume that if we are on Win32, Amiga OS, Solaris or SunOS, that the regcomp(3P) function cannot be provided by the system. Thus we will in these cases always include our own, bundled regex sources to make a regcomp implementation available. This test is obviously very fragile, and we have seen it fail on MSYS2/MinGW systems, which do in fact provide the regcomp symbol. The effect is that during compilation, we will use the "regex.h" header provided by MinGW, but use symbols provided by ourselves. This in fact may cause subtle memory layout issues, as the structure made available via MinGW doesn't match what our bundled code expects. There's one more problem with our regex detection: on the listed platforms, we will incorrectly include the bundled regex code even in case where the system provides regcomp_l(3), but it will never be used for anything. Fix the issue by improving our regcomp detection code. Instead of relying on a fragile listing of platforms, we can just use `CHECK_FUNCTION_EXISTS` instead. This will not in fact avoid the header-ordering problem. But we can assume that as soon as a system-provided "regex.h" header is provided, that `CHECK_FUNCTION_EXISTS` will now correctly find the desired symbol and thus not include our bundled regex code. (cherry picked from commit 13cb9f7a3325e71a01073647d1c23f49464f200e)
Erik Aigner 4ec209cd 2019-03-29T12:30:37 tests: diff: test parsing diffs with a new file with spaces in its path Add a test that verifies that we are able to parse patches which add a new file that has spaces in its path.
Tobias Nießen 4ec32d36 2019-04-16T18:13:31 config_file: check result of git_array_alloc git_array_alloc can return NULL if no memory is available, causing a segmentation fault in memset. This adds GIT_ERROR_CHECK_ALLOC similar to how other parts of the code base deal with the return value of git_array_alloc.
Edward Thomson 9b698978 2019-04-12T08:54:06 git_repository_init: stop traversing at windows root Stop traversing the filesystem at the Windows directory root. We were calculating the filesystem root for the given directory to create, and walking up the filesystem hierarchy. We intended to stop when the traversal path length is equal to the root path length (ie, stopping at the root, since no path may be shorter than the root path). However, on Windows, the root path may be specified in two different ways, as either `Z:` or `Z:\`, where `Z:` is the current drive letter. `git_path_dirname_r` returns the path _without_ a trailing slash, even for the Windows root. As a result, during traversal, we need to test that the traversal path is _less than or equal to_ the root path length to determine if we've hit the root to ensure that we stop when our traversal path is `Z:` and our calculated root path was `Z:\`.
Patrick Steinhardt 21baf7ab 2019-04-05T10:22:46 ignore: treat paths with trailing "/" as directories The function `git_ignore_path_is_ignored` is there to test the ignore status of paths that need not necessarily exist inside of a repository. This has the implication that for a given path, we cannot always decide whether it references a directory or a file, and we need to distinguish those cases because ignore rules may treat those differently. E.g. given the following gitignore file: * !/**/ we'd only want to unignore directories, while keeping files ignored. But still, calling `git_ignore_path_is_ignored("dir/")` will say that this directory is ignored because it treats "dir/" as a file path. As said, the `is_ignored` function cannot always decide whether the given path is a file or directory, and thus it may produce wrong results in some cases. While this is unfixable in the general case, we can do better when we are being passed a path name with a trailing path separator (e.g. "dir/") and always treat them as directories.
Drew DeVault 71424f63 2019-03-22T23:56:10 patch_parse.c: Handle CRLF in parse_header_start
Patrick Steinhardt 96b6fe11 2019-03-29T12:15:20 patch_parse: fix parsing addition/deletion of file with space The diff header format is a strange beast in that it is inherently unparseable in an unambiguous way. While parsing a/file.txt b/file.txt is obvious and trivially doable, parsing a diff header of a/file b/file ab.txt b/file b/file ab.txt is not (but in fact valid and created by git.git). Due to that, we have relaxed our diff header parser in commit 80226b5f6 (patch_parse: allow parsing ambiguous patch headers, 2017-09-22), so that we started to bail out when seeing diff headers with spaces in their file names. Instead, we try to use the "---" and "+++" lines, which are unambiguous. In some cases, though, we neither have a useable file name from the header nor from the "---" or "+++" lines. This is the case when we have a deletion or addition of a file with spaces: the header is unparseable and the other lines will simply show "/dev/null". This trips our parsing logic when we try to extract the prefix (the "a/" part) that is being used in the path line, where we unconditionally try to dereference a NULL pointer in such a scenario. We can fix this by simply not trying to parse the prefix in cases where we have no useable path name. That'd leave the parsed patch without either `old_prefix` or `new_prefix` populated. But in fact such cases are already handled by users of the patch object, which simply opt to use the default prefixes in that case.
Patrick Steinhardt c79f9dae 2019-03-29T11:58:50 patch_parse: improve formatting
Steven King Jr 1df7d27a 2019-03-20T13:24:07 ignore: move tests from status to attr ignore suite
Steven King Jr 93971ca6 2019-03-15T13:08:18 ignore: add additional test cases
Steve King Jr 12bc7181 2019-03-14T15:51:15 ignore: Do not match on prefix of negated patterns Matching on the prefix of a negated pattern was triggering false negatives on siblings of that pattern. e.g. Given the .gitignore: dir/* !dir/sub1/sub2/** The path `dir/a.text` would not be ignored.
Tyler Ang-Wanek aa877e09 2019-03-14T09:59:27 Implement failing test for gitignore of complex subdirectory negation When a directory's contents are ignored, and then a glob negation is made to a nested subdir, other subdirectories are now unignored
lhchavez 856afc27 2019-02-16T22:06:58 Fix a _very_ improbable memory leak in git_odb_new() This change fixes a mostly theoretical memory leak in got_odb_new() that can only manifest if git_cache_init() fails due to running out of memory or not being able to acquire its lock.
lhchavez 5189beb0 2019-02-16T19:55:30 Fix a memory leak in odb_otype_fast() This change frees a copy of a cached object in odb_otype_fast().
Edward Thomson 572e4d8c 2019-02-14T16:36:00 Merge pull request #4983 from libgit2/ethomson/v0_28_1 Release v0.28.1
Edward Thomson 65fff789 2019-02-14T13:37:00 Release v0.28.1
Edward Thomson b8837827 2019-02-14T13:09:23 Merge pull request #4979 from libgit2/ethomson/deprecate Deprecation: export the deprecated functions properly
Edward Thomson 3f823c2b 2019-02-14T00:00:06 ci: enable hard deprecation Enable hard deprecation in our builds to ensure that we do not call deprecated functions internally.
Edward Thomson dcf81cdb 2019-02-13T23:56:40 deprecation: optionally enable hard deprecation Add a CMake option to enable hard deprecation; the resultant library will _not_ include any deprecated functions. This may be useful for internal CI builds that create libraries that are not shared with end-users to ensure that we do not use deprecated bits internally.
Edward Thomson 24ac9e0c 2019-02-13T23:26:54 deprecation: ensure we GIT_EXTERN deprecated funcs Although the error functions were deprecated, we did not properly mark them as deprecated. We need to include the `deprecated.h` file in order to ensure that the functions get their export attributes. Similarly, do not define `GIT_DEPRECATE_HARD` within the library, or those functions will also not get their export attributes. Define that only on the tests and examples.
Edward Thomson e1916376 2019-02-14T09:22:57 Merge pull request #4980 from libgit2/ethomson/ci_nightly ci: skip ssh tests on macOS nightly
Edward Thomson ef91917f 2019-02-14T09:19:32 ci: skip ssh tests on macOS nightly Like 811c1c0f8f80521dccc746a7bff180cd77a783ff, disable the SSH tests on macOS until we can resolve the newly introduced infrastructure issues.
Edward Thomson 85b2bd41 2019-02-14T01:13:33 Merge pull request #4976 from libgit2/ethomson/readme_v028 CI build fixups
Edward Thomson 811c1c0f 2019-02-14T00:51:39 ci: skip ssh tests on macOS SSH tests on macOS have begun failing for an unknown reason after an infrastructure upgrade to macOS 10.13.6. Disable those tests temporarily, until we can resolve it.
Edward Thomson 44f82134 2019-02-13T11:18:35 ci: provide more information about OS Subtle changes in the host OS can have impacts in the CI system that may be hard to debug. We previously showed the results of `uname` which can be difficult to interpret. Provide more information where available.
Edward Thomson 6f778351 2019-02-13T11:15:12 README: use correct badge for nightlies The URL was incorrect for the nightly badge image; it was erroneously showing the master branch continuous integration build badge.
Edward Thomson f34faaa8 2019-02-12T16:45:57 README: include build badge for v0.28 builds Include a build badge for `maint/v0.28` builds.
Edward Thomson 1a107fac 2019-02-02T10:25:54 Merge pull request #4970 from libgit2/ethomson/0_28 v0.28 rc1
Edward Thomson 3fe29c4d 2019-01-31T19:10:03 version: 0.28
Edward Thomson 63f96cd0 2019-01-31T19:09:42 changelog: this is 0.28
Edward Thomson 214457c6 2019-01-31T18:51:36 Merge pull request #4968 from tiennou/fix/documentation Docs
Edward Thomson 6853a250 2019-01-31T14:46:21 Merge branch 'pks/stream-truncated-writes'
Patrick Steinhardt 0ceac0d0 2019-01-23T14:45:19 mbedtls: fix potential size overflow when reading or writing data The mbedtls library uses a callback mechanism to allow downstream users to plug in their own receive and send functions. We implement `bio_read` and `bio_write` functions, which simply wrap the `git_stream_read` and `git_stream_write` functions, respectively. The problem arises due to the return value of the callback functions: mbedtls expects us to return an `int` containing the actual number of bytes that were read or written. But this is in fact completely misdesigned, as callers are allowed to pass in a buffer with length `SIZE_MAX`. We thus may be unable to represent the number of bytes written via the return value. Fix this by only ever reading or writing at most `INT_MAX` bytes.
Patrick Steinhardt 75918aba 2019-01-23T14:43:54 mbedtls: make global variables static The mbedtls stream implementation makes use of some global variables which are not marked as `static`, even though they're only used in this compilation unit. Fix this and remove a duplicate declaration.
Patrick Steinhardt 657197e6 2019-01-23T15:54:05 openssl: fix potential size overflow when writing data Our `openssl_write` function calls `SSL_write` by passing in both `data` and `len` arguments directly. Thing is, our `len` parameter is of type `size_t` and theirs is of type `int`. We thus need to clamp our length to be at most `INT_MAX`.
Patrick Steinhardt 7613086d 2019-01-23T15:49:28 streams: handle short writes only in generic stream Now that the function `git_stream__write_full` exists and callers of `git_stream_write` have been adjusted, we can lift logic for short writes out of the stream implementations. Instead, this is now handled either by `git_stream__write_full` or by callers of `git_stream_write` directly.
Patrick Steinhardt 5265b31c 2019-01-23T15:00:20 streams: fix callers potentially only writing partial data Similar to the write(3) function, implementations of `git_stream_write` do not guarantee that all bytes are written. Instead, they return the number of bytes that actually have been written, which may be smaller than the total number of bytes. Furthermore, due to an interface design issue, we cannot ever write more than `SSIZE_MAX` bytes at once, as otherwise we cannot represent the number of bytes written to the caller. Unfortunately, no caller of `git_stream_write` ever checks the return value, except to verify that no error occurred. Due to this, they are susceptible to the case where only partial data has been written. Fix this by introducing a new function `git_stream__write_full`. In contrast to `git_stream_write`, it will always return either success or failure, without returning the number of bytes written. Thus, it is able to write all `SIZE_MAX` bytes and loop around `git_stream_write` until all data has been written. Adjust all callers except the BIO callbacks in our mbedtls and OpenSSL streams, which already do the right thing and require the amount of bytes written.
Patrick Steinhardt 193e7ce9 2019-01-23T15:42:07 streams: make file-local functions static The callback functions that implement the `git_stream` structure are only used inside of their respective implementation files, but they are not marked as `static`. Fix this.
Etienne Samson 9fd9126e 2019-01-30T21:19:18 docs: minor changes
Edward Thomson 2f1d6eff 2019-01-30T19:59:43 Merge pull request #4954 from tiennou/fix/documentation Documentation fixes
Edward Thomson cf14215d 2019-01-28T12:41:22 Merge pull request #4964 from libgit2/ethomson/ci_nightly ci: add an individual coverity pipeline
Edward Thomson 52a97eed 2019-01-28T12:16:50 ci: add coverity badge to the README
Edward Thomson 0cf5b6b1 2019-01-28T10:48:49 ci: ignore coverity failures in nightly runs Coverity is back but it's only read-only! Agh. Just allow it to fail and not impact the overall job run.
Etienne Samson 690e55e0 2019-01-04T19:09:42 repo: split git_repository_open_flag_t options documentation inline
Etienne Samson f6412c26 2019-01-15T13:35:41 transport: enhance documentation
Etienne Samson 2964fed0 2019-01-15T13:30:42 docs: document GIT_EUSER/GIT_EPASSTHROUGH
Etienne Samson 9e4d421e 2019-01-15T11:32:13 doc: clarify that git_time_t is seconds from the epoch
Edward Thomson e9a34864 2019-01-27T22:47:09 Merge pull request #4961 from libgit2/ethomson/ci_docurium ci: run docurium to create documentation
Edward Thomson 92b52f36 2019-01-27T22:46:53 Merge pull request #4962 from libgit2/ethomson/ci_nightly ci: return coverity to the nightlies
Edward Thomson 08d71f72 2019-01-27T22:46:07 ci: return coverity to the nightlies
Edward Thomson b1e28625 2019-01-26T19:43:33 Merge pull request #4950 from libgit2/ethomson/warnings Clean up some warnings
Edward Thomson f56634f8 2019-01-26T19:40:19 Merge pull request #4869 from libgit2/ethomson/ci_nightly Nightlies: use `latest` docker images
Edward Thomson ace20c6a 2019-01-26T16:59:32 ci: run docurium to create documentation Run docurium as part of the build. The goal of this is to be able to evaluate the documentation in a given pull request; as such, this does not implement any sort of deployment pipeline. This will allow us to download a snapshot of the documentation from the CI build and evaluate the docs for a particular pull request; before it's been merged.
Edward Thomson 4a798a91 2018-10-28T17:57:53 nightly: use latest images, not test images
Edward Thomson fac08837 2019-01-21T11:38:46 filter: return an int Validate that the return value of the read is not less than INT_MAX, then cast.
Edward Thomson 89bd4ddb 2019-01-21T11:32:53 diff_generate: validate oid file size Index entries are 32 bit unsigned ints, not `size_t`s.
Edward Thomson fd9d4e28 2019-01-21T11:29:16 describe: don't mix and match abbreviated size types The git_describe_format_options.abbreviated_size type is an unsigned int. There's no need for it to be anything else; keep it what it is.
Edward Thomson 751eb462 2019-01-21T11:20:18 delta: validate sizes and cast safely Quiet down a warning from MSVC about how we're potentially losing data. Validate that our data will fit into the type provided then cast.
Edward Thomson 4947216f 2019-01-21T11:11:27 git transport: only write INT_MAX bytes The transport code returns an `int` with the number of bytes written; thus only attempt to write at most `INT_MAX`.
Edward Thomson a861839d 2019-01-21T10:55:59 windows: add SSIZE_MAX Windows doesn't include ssize_t or its _MAX value by default. We are already declaring ssize_t as SSIZE_T, which is __int64_t on Win64 and long otherwise. Include its _MAX value as a correspondence to its type.
Edward Thomson f1986a23 2019-01-21T09:56:23 streams: don't write more than SSIZE_MAX Our streams implementation takes a `size_t` that indicates the length of the data buffer to be written, and returns an `ssize_t` that indicates the length that _was_ written. Clearly no such implementation can write more than `SSIZE_MAX` bytes. Ensure that each TLS stream implementation does not try to write more than `SSIZE_MAX` bytes (or smaller; if the given implementation takes a smaller size).
Edward Thomson e5e2fac8 2019-01-21T00:57:39 buffer: explicitly cast Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested it.
Edward Thomson f4ebb2d4 2019-01-21T00:56:35 blame: make hunk_cmp handle unsigned differences
Edward Thomson ae681d3f 2019-01-21T00:49:07 apply: make update_hunk accept a size_t
Edward Thomson 7ed2baf7 2019-01-21T00:41:50 MSVC: ignore empty compilation units (warning LNK4221) A number of source files have their implementation #ifdef'd out (because they target another platform). MSVC warns on empty compilation units (with warning LNK4221). Ignore warning 4221 when creating the object library.
Edward Thomson 3fba5891 2019-01-20T23:53:33 test: cast to a char the zstream test
Edward Thomson f25bb508 2019-01-20T23:52:50 index test: cast times explicitly Cast actual filesystem data to the int32_t that index entries store.
Edward Thomson 1d4ddb8e 2019-01-20T23:42:08 iterator: cast filesystem iterator entry values explicitly The filesystem iterator takes `stat` data from disk and puts them into index entries, which use 32 bit ints for time (the seconds portion) and filesize. However, on most systems these are not 32 bit, thus will typically invoke a warning. Most users ignore these fields entirely. Diff and checkout code do use the values, however only for the cache to determine if they should check file modification. Thus, this is not a critical error (and will cause a hash recomputation at worst).
Edward Thomson c6cac733 2019-01-20T22:40:38 blob: validate that blob sizes fit in a size_t Our blob size is a `git_off_t`, which is a signed 64 bit int. This may be erroneously negative or larger than `SIZE_MAX`. Ensure that the blob size fits into a `size_t` before casting.
Edward Thomson 3aa6d96a 2019-01-20T20:38:25 tree: cast filename length in git_tree__parse_raw Quiet down a warning from MSVC about how we're potentially losing data. Ensure that we're within a uint16_t before we do.
Edward Thomson 759502ed 2019-01-20T20:30:42 odb_loose: explicitly cast to size_t Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's positive and less than SIZE_MAX.
Edward Thomson 80c3867b 2019-01-20T19:20:12 patch: explicitly cast down in parse_header_percent Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's within the range of 0-100.
Edward Thomson 494448a5 2019-01-20T19:10:08 index: explicitly cast down to a size_t Quiet down a warning from MSVC about how we're potentially losing data. This cast is safe since we've explicitly tested that `strip_len` <= `last_len`.
Edward Thomson c3866fa8 2019-01-20T18:54:16 diff: explicitly cast in flush_hunk Quiet down a warning from MSVC about how we're potentially losing data.
Edward Thomson 826d9a4d 2019-01-25T09:43:20 Merge pull request #4858 from tiennou/fix/index-ext-read index: preserve extension parsing errors
Edward Thomson 859d9229 2019-01-25T09:41:41 Merge pull request #4952 from libgit2/ethomson/deprecation Deprecate functions and constants more gently
Edward Thomson c951b825 2019-01-23T00:32:40 deprecation: define GIT_DEPRECATE_HARD internally Ensure that we do not use any deprecated functions in the library source, test code or examples.
Edward Thomson 9f3a5a64 2019-01-23T00:29:03 deprecation: offer GIT_DEPRECATE_HARD Users can define `GIT_DEPRECATE_HARD` if they want to remove all functions that we've "softly" deprecated.
Edward Thomson 9c5e05ad 2019-01-23T10:43:29 deprecation: move deprecated tests into their own file Move the deprecated stream tests into their own compilation unit. This will allow us to disable any preprocessor directives that apply to deprecation just for these tests (eg, disabling `GIT_DEPRECATED_HARD`).
Edward Thomson e09f0c10 2019-01-23T10:21:42 deprecation: don't use deprecated stream cb Avoid the deprecated `git_stream_cb` typedef since we want to compile the library without deprecated functions or types. Instead, we can unroll the alias to its actual type.
Edward Thomson 09e2ea2f 2019-01-23T09:44:40 deprecation: provide docurium deprecation note Add `@deprecated` to the functions that are, so that they'll appear that way in docurium.
Edward Thomson 53d13fb3 2019-01-23T09:42:55 deprecation: deprecated stream registration in if guard `git_stream_register_tls` is now deprecated; mark it in an if guard with the deprecation. This should not be included in `deprecated.h` since it is an uncommonly used `sys` header file.
Edward Thomson 769e9274 2019-01-23T00:42:22 deprecation: update changelog to reflect new policies
Edward Thomson a7d0d14f 2019-01-23T00:07:40 deprecation: move deprecated bits to deprecated.h
Edward Thomson 1c3daccf 2019-01-23T09:51:50 fuzzers: don't use deprecated types
Edward Thomson cc5da0a6 2019-01-23T09:36:52 examples: don't use deprecated types
Edward Thomson 5524a467 2019-01-25T09:06:27 Merge pull request #4957 from csware/deprecated Don't use deprecated constants
Sven Strickroth bff7aed2 2019-01-24T16:44:04 Don't use deprecated constants Follow up for PR #4917. Signed-off-by: Sven Strickroth <email@cs-ware.de>
Etienne Samson 0bf7e043 2019-01-24T12:12:04 index: preserve extension parsing errors Previously, we would clobber any extension-specific error message with an "extension is truncated" message. This makes `read_extension` correctly preserve those errors, takes responsibility for truncation errors, and adds a new message with the actual extension signature for unsupported mandatory extensions.
Patrick Steinhardt 80be19b9 2019-01-24T11:59:48 Merge pull request #4955 from csware/c4098 Fix VS warning C4098: 'giterr_set_str' : void function returning a value