- 21 Sep, 2019 3 commits
-
-
Before printing into a `git_buf` structure, we always call `ENSURE_SIZE` first. This macro will reallocate the buffer as-needed depending on whether the current amount of allocated bytes is sufficient or not. If `asize` is big enough, then it will just do nothing, otherwise it will call out to `git_buf_try_grow`. But in fact, it is insufficient to only check `asize`. When we fail to allocate any more bytes e.g. via `git_buf_try_grow`, then we set the buffer's pointer to `git_buf__oom`. Note that we touch neither `asize` nor `size`. So if we just check `asize > targetsize`, then we will happily let the caller of `ENSURE_SIZE` proceed with an out-of-memory buffer. As a result, we will print all bytes into the out-of-memory buffer instead, resulting in an out-of-bounds write. Fix the issue by having `ENSURE_SIZE` verify that the buffer is not marked as OOM. Add a test to verify that we're not writing into the OOM buffer.
Patrick Steinhardt committed -
When growing buffers, we repeatedly multiply the currently allocated number of bytes by 1.5 until it exceeds the requested number of bytes. This has two major problems: 1. If the current number of bytes is tiny and one wishes to resize to a comparatively huge number of bytes, then we may need to loop thousands of times. 2. If resizing to a value close to `SIZE_MAX` (which would fail anyway), then we probably hit an infinite loop as multiplying the current amount of bytes will repeatedly result in integer overflows. When reallocating buffers, one typically chooses values close to 1.5 to enable re-use of resulting memory holes in later reallocations. But because of this, it really only makes sense to use a factor of 1.5 _once_, but not looping until we finally are able to fit it. Thus, we can completely avoid the loop and just opt for the much simpler algorithm of multiplying with 1.5 once and, if the result doesn't fit, just use the target size. This avoids both problems of looping extensively and hitting overflows. This commit also adds a test that would've previously resulted in an infinite loop.
Patrick Steinhardt committed -
If growing a buffer fails, we set its pointer to the static `git_buf__oom` structure. While we correctly free the old pointer if `git__malloc` returned an error, we do not free it if there was an integer overflow while calculating the new allocation size. Fix this issue by freeing the pointer to plug the memory leak.
Patrick Steinhardt committed
-
- 19 Sep, 2019 1 commit
-
-
Circular header splitting
Patrick Steinhardt committed
-
- 13 Sep, 2019 16 commits
-
-
Etienne Samson committed
-
Etienne Samson committed
-
Etienne Samson committed
-
azure: build Docker images as part of the pipeline
Edward Thomson committed -
smart: use push_glob instead of manual filtering
Patrick Steinhardt committed -
The MESSAGE() function expects as first argument the message type, e.g. STATUS or FATAL_ERROR. In some places, we were misusing this to either not provide any type, which would then erroneously print the message to standard error, or to use FATAL instead of FATAL_ERROR. Fix all of these instances. Also, remove some MESSAGE invocations that are obvious leftovers from debugging the build system.
Patrick Steinhardt committed -
When using mbedTLS as backend, then the user may specify the location of where system certificates are installed. If no such location is provided by the user, CMake will try to autodetect the location by using the openssl executable, if installed. If no location could be detected, then the mbedTLS is essentially worthless as it is completely unable to verify any certificates. To avoid use of such misconfigured mbedTLS configurations, let's error out if we were unable to find out the location.
Patrick Steinhardt committed -
While we were still supporting Trusty, using Ninja as a build tool would have required us to first setup pip and then use it to install Ninja. As a result, the speedups from using Ninja were drowned out by the time required to install Ninja. But as we have deprecated Trusty now, both Xenial and Bionic have recent versions of Ninja in their repositories and thus we can now use Ninja.
Patrick Steinhardt committed -
The Valgrind version shipped with Xenial has some bugs that keep our tests from working due to bad interactions with openssl [1]. Fix this by using the "hola-launchpad/valgrind" PPA that provides a newer version for which the bug has been fixed. [1]: https://bugs.launchpad.net/ubuntu/+source/valgrind/+bug/1574437
Patrick Steinhardt committed -
Pass the flag "--no-install-recommends" to apt-get in order to trim down the number of packages installed, both reducing build time and image size. As this also causes some required packages to not be installed anymore, add these explicitly to the set of packages installed.
Patrick Steinhardt committed -
Reformat both Xenial and Bionic's Dockerfiles to use best practices. Most importantly, we now run `apt-get update` and `apt-get install` in one step followed up by removing the package lists to speed up installation and keep down the image size.
Patrick Steinhardt committed -
While Xenial provides libssh2 in its repositories, it only has version 1.5.0 available. This version will unfortunately not be able to connect to GitHub due to their removal of weak cryptographic standards [1]. To still enable our CI to execute tests against GitHub, we thus have to update the provided libssh2 version to a newer one. Manually install libssh2 1.8.2 on Xenial. There's no need to do the same for Bionic, as it already provides libssh2 1.8.0. [1]: https://github.blog/2018-02-01-crypto-removal-notice/
Patrick Steinhardt committed -
We're about to phase out support for Trusty, but neither Bionic nor Xenial images provide the mbedTLS library that's available in Trusty. Build them for both to pull them in line with Trusty.
Patrick Steinhardt committed -
The Coverity build is still referencing an old "trusty-openssl" container that is not provided by either our own now-inlined images nor by the libgit2/libgit2-docker repository. Convert it to build and use Xenial images instead.
Patrick Steinhardt committed -
Support for the LTS release Ubuntu 14.04 Trusty has been dropped in April 2019, but Azure is still using Trusty as its primary platform to build and test against. Let's deprecate it in favor of Xenial.
Patrick Steinhardt committed -
The Docker images used for our continuous integration builds currently live in the libgit2/libgit2-docker repository. To make any changes in them, one has to make a PR there, get it reviewed, re-build the images and publish them to Docker Hub. This process is slow and tedious, making it harder than necessary to perform any updates to our Docker-based build pipeline. To fix this, we include all Dockerfiles used by Azure from the mentioned repository and inline them into our own repo. Instead of having to manually push them to the CI, it will now build the required containers on each pull request, allowing much greater flexibility.
Patrick Steinhardt committed
-
- 12 Sep, 2019 2 commits
-
-
ntlm: fix failure to find openssl headers
Edward Thomson committed -
cmake: remove extraneous logging
Patrick Steinhardt committed
-
- 11 Sep, 2019 1 commit
-
-
open:fix memory leak when passing NULL to git_repository_open_ext
Edward Thomson committed
-
- 10 Sep, 2019 3 commits
-
-
Laurence McGlashan committed
-
Laurence McGlashan committed
-
Etienne Samson committed
-
- 09 Sep, 2019 4 commits
-
-
apply: Fix a patch corruption related to EOFNL handling
Edward Thomson committed -
ignore: correct handling of nested rules overriding wild card unignore
Edward Thomson committed -
Memory allocation fixes for diff generator
Edward Thomson committed -
Use an HTTP scheme that supports the given credentials
Edward Thomson committed
-
- 29 Aug, 2019 1 commit
-
-
Jason Haslam committed
-
- 28 Aug, 2019 1 commit
-
-
Introduce an unit test to validate that git_apply__patch() properly handles EOFNL changes in case of patches with several hunks.
Max Kostyukevich committed
-
- 27 Aug, 2019 8 commits
-
-
problem: filesystem_iterator loads .gitignore files in top-down order. subsequently, ignore module evaluates them in the order they are loaded. this creates a problem if we have unignored a rule (using a wild card) in a sub dir and ignored it again in a level further below (see the test included in this patch). solution: process ignores in reverse order. closes #4963
buddyspike committed -
apply: git_apply_to_tree fails to apply patches that add new files
Edward Thomson committed -
Edward Thomson committed
-
Optionally read `.gitattributes` from HEAD
Edward Thomson committed -
config: implement "onbranch" conditional
Edward Thomson committed -
When allocating new tree iterator frames, we zero out the allocated memory twice. Remove one of the `memset` calls.
Patrick Steinhardt committed -
When allocating tree iterator entries, we use GIT_ERROR_ALLOC_CHECK` to check whether the allocation has failed. The macro will cause the function to immediately return, though, leaving behind a partially initialized iterator frame. Fix the issue by manually checking for memory allocation errors and using `goto done` in case of an error, popping the iterator frame.
Patrick Steinhardt committed -
When preparing options for the two iterators that are about to be diffed, we allocate a common prefix for both iterators depending on the options passed by the user. We do not check whether the allocation was successful, though. In fact, this isn't much of a problem, as using a `NULL` prefix is perfectly fine. But in the end, we probably want to detect that the system doesn't have any memory left, as we're unlikely to be able to continue afterwards anyway. While the issue is being fixed in the newly created function `diff_prepare_iterator_opts`, it has been previously existing in the previous macro `DIFF_FROM_ITERATORS` already.
Patrick Steinhardt committed
-