|
f65eea44
|
2017-01-28T17:08:59
|
|
tests: crlf: update Windows test data to reflect Git 2.9+ behavior
Update with "git version 2.11.0.windows.3"
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
286a6765
|
2018-04-17T14:32:56
|
|
Merge pull request #4522 from csware/submodules-should-report-parse-errors
Submodules-API should report .gitmodules parse errors instead of ignoring them
|
|
e5f32e81
|
2018-04-17T00:08:20
|
|
Merge pull request #4514 from tiennou/fix/pkt-type-enum
Typedef git_pkt_type and clarify recv_pkt return type
|
|
fd634019
|
2018-04-16T15:42:35
|
|
Merge pull request #4556 from libgit2/ethomson/proxy_pass_in_env
online::clone: validate user:pass in HTTP_PROXY
|
|
17339cb3
|
2018-04-16T15:35:56
|
|
Merge pull request #4596 from pks-t/pks/ssh-disconnect
transports: ssh: disconnect session before freeing it
|
|
1926163a
|
2018-04-16T15:33:43
|
|
Merge pull request #4622 from pks-t/pks/revwalk-hide-newer-parents
revwalk: fix uninteresting revs sometimes not limiting graphwalk
|
|
69870a67
|
2018-04-16T15:19:37
|
|
Merge pull request #4614 from pks-t/pks/gitignore-trailing-spaces
attr_file: fix handling of directory patterns with trailing spaces
|
|
54fd80e3
|
2018-04-12T13:32:27
|
|
revwalk: fix uninteresting revs sometimes not limiting graphwalk
When we want to limit our graphwalk, we use the heuristic of checking
whether the newest limiting (uninteresting) revision is newer than the
oldest interesting revision. We do so by inspecting whether the first
item's commit time of the user-supplied list of revisions is newer than
the last added interesting revision. This is wrong though, as the user
supplied list is in no way guaranteed to be sorted by increasing commit
dates. This could lead us to abort the revwalk early before applying all
relevant limiting revisions, outputting revisions which should in fact
have been hidden.
Fix the heuristic by instead checking whether _any_ of the limiting
commits was made earlier than the last interesting commit. Add a test.
|
|
c587d806
|
2018-04-12T09:11:26
|
|
Merge pull request #4613 from pks-t/pks/local-fetch-symrefs
transports: local: fix assert when fetching into repo with symrefs
|
|
251d8771
|
2018-04-06T12:24:10
|
|
attr_file: fix handling of directory patterns with trailing spaces
When comparing whether a path matches a directory rule, we pass the
both the path and directory name to `fnmatch` with
`GIT_ATTR_FNMATCH_DIRECTORY` being set. `fnmatch` expects the pattern to
contain no trailing directory '/', which is why we try to always strip
patterns of trailing slashes. We do not handle that case correctly
though when the pattern itself has trailing spaces, causing the match to
fail.
Fix the issue by stripping trailing spaces and tabs for a rule previous
to checking whether the pattern is a directory pattern with a trailing
'/'. This replaces the whitespace-stripping in our ignore file parsing
code, which was stripping whitespaces too late. Add a test to catch
future breakage.
|
|
13a77274
|
2018-02-26T21:33:55
|
|
smart: typo
|
|
2cf9b84c
|
2018-04-11T19:13:42
|
|
smart: free the pkt when we fail to store it
|
|
32586d5e
|
2018-04-11T19:03:57
|
|
smart: separate error handling from pkt handling
|
|
01381149
|
2018-02-26T21:27:10
|
|
smart: make out arguments explicit on recv_pkt
|
|
08961c9d
|
2017-08-22T16:29:07
|
|
smart: typedef git_pkt_type and clarify recv_pkt return type
|
|
6c55fbf3
|
2018-04-06T10:39:16
|
|
transports: local: fix assert when fetching into repo with symrefs
When fetching into a repository which has symbolic references via the
"local" transport we run into an assert. The assert is being triggered
while we negotiate the packfile between the two repositories. When
hiding known revisions from the packbuilder revwalk, we unconditionally
hide all references of the local refdb. In case one of these references
is a symbolic reference, though, this means we're trying to hide a
`NULL` OID, which triggers the assert.
Fix the issue by only hiding OID references from the revwalk. Add a test
to catch this issue in the future.
|
|
0eca4230
|
2018-04-06T10:03:09
|
|
Merge pull request #4597 from cjhoward92/fix/cert-check-docs
remote/proxy: fix git_transport_certificate_check_db description
|
|
a57f42ac
|
2018-04-06T09:40:34
|
|
Merge pull request #4587 from rcjsuen/patch-2
Flag options in describe.h as being optional
|
|
83d6327d
|
2018-04-06T09:39:03
|
|
Merge pull request #4611 from erikvanzijst/erik/status_char
diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping.
|
|
e0af6d12
|
2018-04-06T09:33:38
|
|
Merge pull request #4609 from pks-t/pks/appveyor-kxe-typo
appveyor: fix typo in registry key to disable DHE
|
|
cd6a4323
|
2018-04-04T21:29:03
|
|
typo: Fixed a trivial typo in test function.
|
|
bc5ced66
|
2018-04-04T21:28:31
|
|
diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping.
This adds the 'T' status character to git_diff_status_char() for diff
entries that change type.
|
|
3a72b0e2
|
2018-04-03T12:31:35
|
|
appveyor: fix typo in registry key to disable DHE
Commit 723e1e976 (appveyor: disable DHE to avoid spurious failures,
2018-03-29) added a workaround to fix spurious test failures due to a
bug in Windows' SChannel implementation. The workaround only worked by
accident, though, as the registry key was in fact mistyped. Fix the
typo.
|
|
d9007dc8
|
2018-04-03T11:36:27
|
|
Merge pull request #4607 from Sp1l/private/fix-libressl-2.7
Fix build with LibreSSL 2.7
|
|
c42261a3
|
2018-04-03T09:38:38
|
|
Merge pull request #4603 from pks-t/pks/appveyor-winhttp-workaround
appveyor: workaround for intermittent test failures
|
|
b5e0cfa7
|
2018-04-03T09:32:33
|
|
Merge pull request #4601 from bgermann/master
sha1dc: update to fix errors with endianess
|
|
7490d449
|
2018-04-02T20:00:07
|
|
Fix build with LibreSSL 2.7
LibreSSL 2.7 adds OpenSSL 1.1 API
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
|
|
dc27772c
|
2018-03-30T13:12:26
|
|
Merge pull request #4378 from cjhoward92/fix/submodule-add-check-index
submodule: check index for path and prefix before adding submodule
|
|
b3c3415d
|
2018-03-29T14:20:21
|
|
Merge pull request #4602 from pks-t/pks/mempack-memleak
odb: mempack: fix leaking objects when freeing mempacks
|
|
723e1e97
|
2018-03-29T13:35:27
|
|
appveyor: disable DHE to avoid spurious failures
Our CI builds have intermittent failures in our online tests, e.g. with
the message "A provided buffer was too small". This is not a programming
error in libgit2 but rather an error in the SChannel component of
Windows. Under certain circumstances involving Diffie-Hellman key
exchange, SChannel is unable to correctly handle input from the server.
This bug has already been fixed in recent patches for Windows 10 and
Windows Server 2016, but they are not yet available for AppVeyor.
Manually pamper over that issue by disabling all ciphersuites using DHE
via the registry. While this disables more ciphers than necessary, we
really don't care for that at all but just want to avoid build failures
due to that bug.
See [1], [2] or [3] for additional information.
1: https://github.com/aws/aws-sdk-cpp/issues/671
2: https://github.com/dotnet/corefx/issues/7812
3: https://support.microsoft.com/en-us/help/2992611/ms14-066-vulnerability-in-schannel-could-allow-remote-code-execution-n
|
|
fbe52fa3
|
2018-03-29T10:18:51
|
|
util: fix missing headers for MinGW environments
There are multiple references to undefined functions in the Microsoft
builds. Add headers to make them known.
|
|
b6276ae0
|
2018-03-29T09:15:48
|
|
odb: mempack: fix leaking objects when freeing mempacks
When a ODB mempack gets free'd, we take no measures at all to free its
contents, most notably the objects added to the database, resulting in a
memory leak. Call `git_mempack_reset` previous to freeing the ODB
structures themselves, which takes care of releasing all associated
data structures.
|
|
c9e5ba09
|
2018-03-28T17:37:39
|
|
sha1dc: update to fix errors with endianess
This updates the version of SHA1DC to c3e1304ea3.
|
|
69a282da
|
2018-03-28T06:48:55
|
|
submodule: add more robust error handling when a submodule path is found on add
|
|
9e8bc726
|
2018-03-28T08:55:59
|
|
Merge pull request #4598 from cjhoward92/fix/remove-unused-merge-result
types: remove unused git_merge_result
|
|
370ecdb2
|
2018-03-27T10:10:09
|
|
types: remove unused git_merge_result
`git_merge_result` is currently unused in the codebase and generates a blank page in the [documentation](https://libgit2.github.com/libgit2/#HEAD/type/git_merge_result).
|
|
e6c720ea
|
2018-03-27T10:05:21
|
|
remote/proxy: fix git_transport_certificate_check_db comment
|
|
e55b5373
|
2018-02-08T12:36:47
|
|
Submodule API should report .gitmodules parse errors
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
c07abd65
|
2018-03-27T07:37:34
|
|
submodule: add better error handling to is_path_occupied
|
|
b282ca79
|
2018-01-06T10:57:32
|
|
submodule: change can_add_submodule to is_path_occupied
|
|
677d393c
|
2017-12-18T10:28:37
|
|
tests: submodule: insert index entries directly into index
|
|
ef9a7749
|
2017-11-19T20:59:59
|
|
submodule: update index check to check path before directory and fix tests
|
|
9371149f
|
2017-10-20T14:24:01
|
|
submodule: fix styling errors
|
|
3e500fc8
|
2017-10-16T19:55:45
|
|
test: submodule: add: join path without slashes
|
|
0a74f391
|
2017-10-16T16:16:03
|
|
test: submodule: add: use p_mkdir to create directories
|
|
ad1c4350
|
2017-10-16T15:30:47
|
|
submodule: check index for prefix before adding submodule
submodule: check path and prefix before adding submodule
submodule: fix test errors
|
|
874ce161
|
2018-03-27T15:03:15
|
|
transports: ssh: replace deprecated function `libssh2_session_startup`
The function `libssh2_session_startup` has been deprecated since libssh2
version 1.2.8 in favor of `libssh2_session_handshake` introduced in the
same version. libssh2 1.2.8 was released in April 2011, so it is already
seven years old. It is available in Debian Wheezy, Ubuntu Trusty and
CentOS 7.4, so the most important and conservative distros already have
it available. As such, it seems safe to just use the new function.
|
|
2785cc8e
|
2018-03-27T14:49:21
|
|
transports: ssh: disconnect session before freeing it
The function `ssh_stream_free` takes over the responsibility of closing
channels and streams just before freeing their memory, but it does not
do so for the session. In fact, we never disconnect the session
ourselves at all, as libssh2 will not do so itself upon freeing the
structure. Quoting the documentation of `libssh2_session_free`:
> Frees all resources associated with a session instance. Typically
> called after libssh2_session_disconnect_ex,
The missing disconnect probably stems from a misunderstanding what it
actually does. As we are already closing the TCP socket ourselves, the
assumption was that no additional disconnect is required. But calling
`libssh2_session_disconnect` will notify the server that we are cleanly
closing the connection, such that the server can free his own resources.
Add a call to `libssh2_session_disconnect` to fix that issue.
[1]: https://www.libssh2.org/libssh2_session_free.html
|
|
db90e951
|
2018-03-27T20:09:45
|
|
Flag options in describe.h as being optional
The git_describe_options in git_describe_commit and
git_describe_workdir and the git_describe_format_options in
git_describe_format are optional and can be NULL. State this in the
documentation to make people's lives easier when calling these
functions.
Signed-off-by: Remy Suen <remy.suen@gmail.com>
|
|
217add94
|
2018-03-27T11:25:20
|
|
Merge pull request #4531 from tiennou/fix/checkout-default-safe
checkout: change default strategy to SAFE
|
|
cdd0bc2f
|
2018-03-26T18:44:13
|
|
checkout: change default strategy to SAFE
As per #4200, our default is quite surprising to users that expect checkout to just "do the thing".
|
|
7bd129e4
|
2018-03-26T09:59:47
|
|
Merge pull request #4570 from newren/master
Add myself to git.git-authors
|
|
6311e886
|
2018-03-23T07:38:34
|
|
Merge pull request #4594 from pks-t/pks/mempack-assert
odb: fix writing to fake write streams
|
|
a52b4c51
|
2018-03-23T09:59:46
|
|
odb: fix writing to fake write streams
In commit 7ec7aa4a7 (odb: assert on logic errors when writing objects,
2018-02-01), the check for whether we are trying to overflowing the fake
stream buffer was changed from returning an error to raising an assert.
The conversion forgot though that the logic around `assert`s are
basically inverted. Previously, if the statement
stream->written + len > steram->size
evaluated to true, we would return a `-1`. Now we are asserting that
this statement is true, and in case it is not we will raise an error. So
the conversion to the `assert` in fact changed the behaviour to the
complete opposite intention.
Fix the assert by inverting its condition again and add a regression
test.
|
|
904307af
|
2018-03-23T09:58:57
|
|
tests: add tests for the mempack ODB backend
Our mempack ODB backend has no test coverage at all right now. Add a
simple test suite to at least have some coverage of the most basic
operations on the ODB.
|
|
72e60347
|
2018-03-20T23:16:36
|
|
Merge pull request #4588 from libgit2/ethomson/bitbucket
online tests: update auth for bitbucket test
|
|
54bf4d14
|
2018-03-20T07:47:27
|
|
online tests: update auth for bitbucket test
Update the settings to use a specific read-only token for accessing our
test repositories in Bitbucket.
|
|
5585e358
|
2018-03-20T00:59:21
|
|
Merge pull request #4563 from libgit2/ethomson/ssh-unescape
Refactor `gitno_extract_url_parts`
|
|
8070a357
|
2018-03-03T18:47:35
|
|
Introduce `git_buf_decode_percent`
Introduce a function to take a percent-encoded string (URI encoded,
described by RFC 1738) and decode it into a `git_buf`.
|
|
30333e82
|
2018-02-28T13:00:04
|
|
Update tests
|
|
16210877
|
2018-02-28T12:59:47
|
|
Unescape repo before constructing ssh request
|
|
8a2cdbd3
|
2018-02-28T12:58:58
|
|
Rename unescape and make non-static
|
|
9108959a
|
2018-03-14T15:03:35
|
|
buf: add tests for percent decoding
|
|
0e4f3d9d
|
2018-03-03T21:47:22
|
|
gitno_extract_url_parts: decode hostnames
RFC 3986 says that hostnames can be percent encoded. Percent decode
hostnames in our URLs.
|
|
05551ca0
|
2018-03-03T20:14:54
|
|
Remove now unnecessary `gitno_unescape`
|
|
60e7848e
|
2018-03-03T20:13:30
|
|
gitno_extract_url_parts: use `git_buf`s
Now that we can decode percent-encoded strings as part of `git_buf`s,
use that decoder in `gitno_extract_url_parts`.
|
|
6f577906
|
2018-03-03T20:09:09
|
|
ssh urls: use `git_buf_decode_percent`
Use `git_buf_decode_percent` so that we can avoid allocating a temporary
buffer.
|
|
31985775
|
2018-03-19T23:07:44
|
|
Merge pull request #4584 from libgit2/ethomson/bitbucket
online::clone: skip creds fallback test
|
|
03c58778
|
2018-03-19T09:20:35
|
|
online::clone: skip creds fallback test
At present, we have three online tests against bitbucket: one which
specifies the credentials in the payload, one which specifies the
correct credentials in the URL and a final one that specifies the
incorrect credentials in the URL. Bitbucket has begun responding to the
latter test with a 403, which causes us to fail.
Break these three tests into separate tests so that we can skip the
latter until this is resolved on Bitbucket's end or until we can change
the test to a different provider.
|
|
937e7e26
|
2018-03-13T13:04:38
|
|
Merge pull request #4544 from josharian/docs
pathspec: improve git_pathspec_flag_t doc rendering
|
|
7b66bfe2
|
2018-03-12T10:09:49
|
|
Merge pull request #4575 from pks-t/pks/index-secfixes-master
Index parsing fixes
|
|
358cc2e2
|
2018-03-12T09:50:00
|
|
Merge pull request #4396 from libgit2/cmn/config-regex-is-normalised
config: specify how we match the regular expressions
|
|
2f89bd90
|
2018-03-11T12:36:13
|
|
config: explicitly state that subsections are case-sensitive
|
|
3db1af1f
|
2018-03-08T12:36:46
|
|
index: error out on unreasonable prefix-compressed path lengths
When computing the complete path length from the encoded
prefix-compressed path, we end up just allocating the complete path
without ever checking what the encoded path length actually is. This can
easily lead to a denial of service by just encoding an unreasonable long
path name inside of the index. Git already enforces a maximum path
length of 4096 bytes. As we also have that enforcement ready in some
places, just make sure that the resulting path is smaller than
GIT_PATH_MAX.
Reported-by: Krishna Ram Prakash R <krp@gtux.in>
Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
|
|
3207ddb0
|
2018-03-08T12:00:27
|
|
index: fix out-of-bounds read with invalid index entry prefix length
The index format in version 4 has prefix-compressed entries, where every
index entry can compress its path by using a path prefix of the previous
entry. Since implmenting support for this index format version in commit
5625d86b9 (index: support index v4, 2016-05-17), though, we do not
correctly verify that the prefix length that we want to reuse is
actually smaller or equal to the amount of characters than the length of
the previous index entry's path. This can lead to a an integer underflow
and subsequently to an out-of-bounds read.
Fix this by verifying that the prefix is actually smaller than the
previous entry's path length.
Reported-by: Krishna Ram Prakash R <krp@gtux.in>
Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
|
|
58a6fe94
|
2018-03-08T11:49:19
|
|
index: convert `read_entry` to return entry size via an out-param
The function `read_entry` does not conform to our usual coding style of
returning stuff via the out parameter and to use the return value for
reporting errors. Due to most of our code conforming to that pattern, it
has become quite natural for us to actually return `-1` in case there is
any error, which has also slipped in with commit 5625d86b9 (index:
support index v4, 2016-05-17). As the function returns an `size_t` only,
though, the return value is wrapped around, causing the caller of
`read_tree` to continue with an invalid index entry. Ultimately, this
can lead to a double-free.
Improve code and fix the bug by converting the function to return the
index entry size via an out parameter and only using the return value to
indicate errors.
Reported-by: Krishna Ram Prakash R <krp@gtux.in>
Reported-by: Vivek Parikh <viv0411.parikh@gmail.com>
|
|
d11c4a1a
|
2018-03-08T13:13:04
|
|
Merge pull request #4571 from jacquesg/overflow
Integer overflow
|
|
e666495b
|
2018-03-08T08:31:49
|
|
cmake: enable shift count overflow warning
|
|
5f6383ca
|
2018-03-08T08:17:29
|
|
diff: ensure an unsigned number is shifted
|
|
ab0d6d1b
|
2018-03-07T08:39:29
|
|
Add myself to git.git-authors
|
|
515683c7
|
2018-03-07T12:39:28
|
|
Merge pull request #4567 from pks-t/pks/zlib-update
deps: upgrade embedded zlib to version 1.2.11
|
|
4c5330cb
|
2018-03-07T10:33:41
|
|
deps: upgrade embedded zlib to version 1.2.11
The current version of zlib bundled with libgit2 is version 1.2.8. This
version has several CVEs assigned:
- CVE-2016-9843
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9840
Upgrade the bundled version to the current release 1.2.11, which has
these vulnerabilities fixes.
|
|
2d2a6025
|
2018-03-04T12:17:17
|
|
Merge pull request #4541 from libgit2/cmn/odb-streaming-read-changelog
CHANGELOG: mention the change to `git_odb_open_rstream`
|
|
adf7d094
|
2018-03-04T12:17:06
|
|
Merge pull request #4559 from jacquesg/worktree-const
Worktree lock reason should be const
|
|
53e692af
|
2018-03-02T12:49:54
|
|
worktree: rename parameter creason to reason
|
|
12356076
|
2018-03-02T12:41:04
|
|
worktree: lock reason should be const
|
|
8353e4b5
|
2018-02-22T09:20:31
|
|
CHANGELOG: mention the change to `git_odb_open_rstream`
|
|
8a8ea1db
|
2018-02-28T18:14:52
|
|
Merge pull request #4552 from libgit2/cmn/config-header-common
Cast less blindly between configuration objects
|
|
e8e490b2
|
2018-02-28T17:01:47
|
|
Merge pull request #4554 from pks-t/pks/curl-init
curl: initialize and cleanup global curl state
|
|
e380eae0
|
2018-02-28T16:10:53
|
|
online::clone: validate user:pass in HTTP_PROXY
Validate using the http://user:pass@host/ format in HTTP_PROXY and
HTTPS_PROXY environment variables.
|
|
9cd0c6f1
|
2018-02-28T16:01:16
|
|
config: return an error if config_refresh is called on a snapshot
Instead of treating it as a no-op, treat it as a programming error and return
the same kind of error as if you called to set or delete variables on a
snapshot.
|
|
17bef3b8
|
2018-02-28T15:01:43
|
|
Merge pull request #4553 from libgit2/cmn/tree-write-initialise
tree: initialize the id we use for testing submodule insertions
|
|
fb884c62
|
2018-02-28T14:59:09
|
|
Merge pull request #4555 from libgit2/ethomson/strncmp_stdcall
win32: strncmp -> git__strncmp for win32 STDCALL
|
|
2022b004
|
2018-02-28T12:06:59
|
|
curl: explicitly initialize and cleanup global curl state
Our curl-based streams make use of the easy curl interface. This
interface automatically initializes and de-initializes the global curl
state by calling out to `curl_global_init` and `curl_global_cleanup`.
Thus, all global state will be repeatedly re-initialized when creating
multiple curl streams in succession. Despite being inefficient, this is
not thread-safe due to `curl_global_init` being not thread-safe itself.
Thus a multi-threaded programing handling multiple curl streams at the
same time is inherently racy.
Fix the issue by globally initializing and cleaning up curl's state.
|
|
a33deeb4
|
2018-02-28T12:20:23
|
|
win32: strncmp -> git__strncmp
The win32 C library is compiled cdecl, however when configured with
`STDCALL=ON`, our functions (and function pointers) will use the stdcall
calling convention. You cannot set a `__stdcall` function pointer to a
`__cdecl` function, so it's easier to just use our `git__strncmp`
instead of sorting that mess out.
|
|
a554d588
|
2018-02-28T12:21:08
|
|
tree: initialize the id we use for testing submodule insertions
Instead of laving it uninitialized and relying on luck for it to be non-zero,
let's give it a dummy hash so we make valgrind happy (in this case the hash
comes from `sha1sum </dev/null`.
|
|
2424e64c
|
2018-02-28T12:06:02
|
|
config: harden our use of the backend objects a bit
When we create an iterator we don't actually know that we have a live config
object and we must instead only rely on the header. We fixed it to use this in a
previous commit, but this makes it harder to misuse by converting to use the
header object in the typecast.
We also guard inside the `config_refresh` function against being given a
snapshot (although callers right now do check).
|
|
1785de4e
|
2018-02-28T11:46:17
|
|
config: move the level field into the header
We use it in a few places where we might have a full object or a snapshot so
move it to where we can actually access it.
|
|
c1524b2e
|
2018-02-28T11:33:11
|
|
config: move the repository to the diskfile header
We pass this around and when creating a new iterator we need to read the
repository pointer.
Put it in a common place so we can reach it regardless of whether we got a full
object or a snapshot.
|
|
c9d59c61
|
2018-02-27T12:45:21
|
|
Merge pull request #4545 from libgit2/ethomson/checkout_filemode
Respect core.filemode in checkout
|