1. 20 Jul, 2019 1 commit
  2. 18 Jul, 2019 1 commit
  3. 26 Jun, 2019 1 commit
  4. 15 Jun, 2019 1 commit
  5. 23 Feb, 2019 2 commits
    • odb: provide a free function for custom backends · 459ac856
      Custom backends can allocate memory when reading objects and providing
      them to libgit2.  However, if an error occurs in the custom backend
      after the memory has been allocated for the custom object but before
      it's returned to libgit2, the custom backend has no way to free that
      memory and it must be leaked.
      
      Provide a free function that corresponds to the alloc function so that
      custom backends have an opportunity to free memory before they return an
      error.
      Edward Thomson committed
    • odb: rename git_odb_backend_malloc for consistency · 790aae77
      The `git_odb_backend_malloc` name is a system function that is provided
      for custom ODB backends and allows them to allocate memory for an ODB
      object in the read callback.  This is important so that libgit2 can
      later free the memory used by an ODB object that was read from the
      custom backend.
      
      However, the name _suggests_ that it actually allocates a
      `git_odb_backend`.  It does not; rename it to make it clear that it
      actually allocates backend _data_.
      Edward Thomson committed
  6. 22 Feb, 2019 1 commit
  7. 21 Feb, 2019 1 commit
    • cache: fix misnaming of `git_cache_free` · bbdcd450
      Functions that free a structure's contents but not the structure
      itself shall be named `dispose` in the libgit2 project, but the
      function `git_cache_free` does not follow this naming pattern.
      
      Fix this by renaming it to `git_cache_dispose` and adjusting all
      callers to make use of the new name.
      Patrick Steinhardt committed
  8. 20 Feb, 2019 1 commit
  9. 17 Feb, 2019 1 commit
  10. 25 Jan, 2019 1 commit
  11. 22 Jan, 2019 1 commit
  12. 20 Jan, 2019 1 commit
  13. 17 Jan, 2019 1 commit
  14. 06 Jan, 2019 1 commit
    • Fix a bunch of warnings · 7b453e7e
      This change fixes a bunch of warnings that were discovered by compiling
      with `clang -target=i386-pc-linux-gnu`. It turned out that the
      intrinsics were not necessarily being used in all platforms! Especially
      in GCC, since it does not support __has_builtin.
      
      Some more warnings were gleaned from the Windows build, but I stopped
      when I saw that some third-party dependencies (e.g. zlib) have warnings
      of their own, so we might never be able to enable -Werror there.
      lhchavez committed
  15. 01 Dec, 2018 1 commit
  16. 06 Aug, 2018 1 commit
    • odb: fix use of wrong printf formatters · 0fcd0563
      The `git_odb_stream` members `declared_size` and `received_bytes` are
      both of the type `git_off_t`, which we usually defined to be a 64 bit
      signed integer. Thus, passing these members to "PRIdZ" formatters is not
      correct, as they are not guaranteed to accept big enough numbers.
      Instead, use the "PRId64" formatter, which is able to represent 64 bit
      signed integers.
      Patrick Steinhardt committed
  17. 10 Jun, 2018 1 commit
  18. 23 Mar, 2018 1 commit
    • odb: fix writing to fake write streams · a52b4c51
      In commit 7ec7aa4a (odb: assert on logic errors when writing objects,
      2018-02-01), the check for whether we are trying to overflowing the fake
      stream buffer was changed from returning an error to raising an assert.
      The conversion forgot though that the logic around `assert`s are
      basically inverted. Previously, if the statement
      
          stream->written + len > steram->size
      
      evaluated to true, we would return a `-1`. Now we are asserting that
      this statement is true, and in case it is not we will raise an error. So
      the conversion to the `assert` in fact changed the behaviour to the
      complete opposite intention.
      
      Fix the assert by inverting its condition again and add a regression
      test.
      Patrick Steinhardt committed
  19. 09 Feb, 2018 7 commits
  20. 02 Feb, 2018 1 commit
  21. 26 Jan, 2018 1 commit
    • odb: reject reading and writing null OIDs · 275f103d
      The null OID (hash with all zeroes) indicates a missing object in
      upstream git and is thus not a valid object ID. Add defensive
      measurements to avoid writing such a hash to the object database in the
      very unlikely case where some data results in the null OID. Furthermore,
      add shortcuts when reading the null OID from the ODB to avoid ever
      returning an object when a faulty repository may contain the null OID.
      Patrick Steinhardt committed
  22. 03 Jul, 2017 1 commit
    • Make sure to always include "common.h" first · 0c7f49dd
      Next to including several files, our "common.h" header also declares
      various macros which are then used throughout the project. As such, we
      have to make sure to always include this file first in all
      implementation files. Otherwise, we might encounter problems or even
      silent behavioural differences due to macros or defines not being
      defined as they should be. So in fact, our header and implementation
      files should make sure to always include "common.h" first.
      
      This commit does so by establishing a common include pattern. Header
      files inside of "src" will now always include "common.h" as its first
      other file, separated by a newline from all the other includes to make
      it stand out as special. There are two cases for the implementation
      files. If they do have a matching header file, they will always include
      this one first, leading to "common.h" being transitively included as
      first file. If they do not have a matching header file, they instead
      include "common.h" as first file themselves.
      
      This fixes the outlined problems and will become our standard practice
      for header and source files inside of the "src/" from now on.
      Patrick Steinhardt committed
  23. 12 Jun, 2017 1 commit
    • odb_read_prefix: reset error in backends loop · cb3010c5
      When looking for an object by prefix, we query all the backends so that
      we can ensure that there is no ambiguity.  We need to reset the `error`
      value between backends; otherwise the first backend may find an object
      by prefix, but subsequent backends may not.  If we do not reset the
      `error` value then it will remain at `GIT_ENOTFOUND` and `read_prefix_1`
      will fail, despite having actually found an object.
      Edward Thomson committed
  24. 15 May, 2017 2 commits
    • odb: fix printf formatter for git_off_t · 8d93a11c
      The fields `declared_size` and `received_bytes` of the `git_odb_stream`
      are both of type `git_off_t` which is defined as a signed integer. When
      passing these values to a printf-style string in
      `git_odb_stream__invalid_length`, though, we format these as PRIuZ,
      which is unsigned.
      
      Fix the issue by using PRIdZ instead, silencing warnings on macOS.
      Patrick Steinhardt committed
    • odb: shut up gcc warnings regarding uninitilized variables · 7776db51
      The `error` variable is used as a return value in the out-section of
      both `odb_read_1` and `read_prefix_1`. While the value will actually
      always be initialized inside of this section, GCC fails to realize this
      due to interactions with the `found` variable: if `found` is set, the
      error will always be initialized. If it is not, we return early without
      reaching the out-statements.
      
      Shut up the warnings by initializing the error variable, even though it
      is unnecessary.
      Patrick Steinhardt committed
  25. 28 Apr, 2017 4 commits
    • odb: verify hashes in read_prefix_1 · e0973bc0
      While the function reading an object from the complete OID already
      verifies OIDs, we do not yet do so for reading objects from a partial
      OID. Do so when strict OID verification is enabled.
      Patrick Steinhardt committed
    • odb: improve error handling in read_prefix_1 · 14109620
      The read_prefix_1 function has several return statements springled
      throughout the code. As we have to free memory upon getting an error,
      the free code has to be repeated at every single retrun -- which it is
      not, so we have a memory leak here.
      
      Refactor the code to use the typical `goto out` pattern, which will free
      data when an error has occurred. While we're at it, we can also improve
      the error message thrown when multiple ambiguous prefixes are found. It
      will now include the colliding prefixes.
      Patrick Steinhardt committed
    • odb: add option to turn off hash verification · 35079f50
      Verifying hashsums of objects we are reading from the ODB may be costly
      as we have to perform an additional hashsum calculation on the object.
      Especially when reading large objects, the penalty can be as high as
      35%, as can be seen when executing the equivalent of `git cat-file` with
      and without verification enabled. To mitigate for this, we add a global
      option for libgit2 which enables the developer to turn off the
      verification, e.g. when he can be reasonably sure that the objects on
      disk won't be corrupted.
      Patrick Steinhardt committed
    • odb: verify object hashes · 28a0741f
      The upstream git.git project verifies objects when looking them up from
      disk. This avoids scenarios where objects have somehow become corrupt on
      disk, e.g. due to hardware failures or bit flips. While our mantra is
      usually to follow upstream behavior, we do not do so in this case, as we
      never check hashes of objects we have just read from disk.
      
      To fix this, we create a new error class `GIT_EMISMATCH` which denotes
      that we have looked up an object with a hashsum mismatch. `odb_read_1`
      will then, after having read the object from its backend, hash the
      object and compare the resulting hash to the expected hash. If hashes do
      not match, it will return an error.
      
      This obviously introduces another computation of checksums and could
      potentially impact performance. Note though that we usually perform I/O
      operations directly before doing this computation, and as such the
      actual overhead should be drowned out by I/O. Running our test suite
      seems to confirm this guess. On a Linux system with best-of-five
      timings, we had 21.592s with the check enabled and 21.590s with the
      ckeck disabled. Note though that our test suite mostly contains very
      small blobs only. It is expected that repositories with bigger blobs may
      notice an increased hit by this check.
      
      In addition to a new test, we also had to change the
      odb::backend::nonrefreshing test suite, which now triggers a hashsum
      mismatch when looking up the commit "deadbeef...". This is expected, as
      the fake backend allocated inside of the test will return an empty
      object for the OID "deadbeef...", which will obviously not hash back to
      "deadbeef..." again. We can simply adjust the hash to equal the hash of
      the empty object here to fix this test.
      Patrick Steinhardt committed
  26. 03 Mar, 2017 1 commit
  27. 02 Mar, 2017 1 commit
  28. 29 Dec, 2016 1 commit
  29. 14 Nov, 2016 1 commit