1. 11 Mar, 2016 5 commits
    • diff_tform: fix potential NULL pointer access · 1a8c11f4
      When the user passes in a diff which has no repository associated
      we may call `git_config__get_int_force` with a NULL-pointer
      configuration. Even though `git_config__get_int_force` is
      designed to swallow errors, it is not intended to be called with
      a NULL pointer configuration.
      
      Fix the issue by only calling `git_config__get_int_force` only
      when configuration could be retrieved from the repository.
      Patrick Steinhardt committed
    • submodule: avoid passing NULL pointers to strncmp · 486302d6
      In C89 it is undefined behavior to pass `NULL` pointers to
      `strncmp` and later on in C99 it has been explicitly stated that
      functions with an argument declared as `size_t nmemb` specifying
      the array length shall always have valid parameters, no matter if
      `nmemb` is 0 or not (see ISO 9899 §7.21.1.2).
      
      The function `str_equal_no_trailing_slash` always passes its
      parameters to `strncmp` if their lengths match. This means if one
      parameter is `NULL` and the other one either `NULL` or a string
      with length 0 we will pass the pointers to `strncmp` and cause
      undefined behavior.
      
      Fix this by explicitly handling the case when both lengths are 0.
      Patrick Steinhardt committed
    • object: avoid call of memset with ouf of bounds pointer · 61d7328d
      When computing a short OID we do this by first copying the
      leading parts into the new OID structure and then setting the
      trailing part to zero. In the case of the desired length being
      `GIT_OID_HEXSZ - 1` we will call `memset` with an out of bounds
      pointer and a length of 0. While this seems to cause no problems
      for common platforms the C89 standard does not explicitly state
      that calling `memset` with an out of bounds pointer and
      length of 0 is valid.
      
      Fix the potential issue by using the newly introduced
      `git_oid__cpy_prefix` function.
      Patrick Steinhardt committed
  2. 10 Mar, 2016 2 commits
  3. 09 Mar, 2016 10 commits
  4. 08 Mar, 2016 10 commits
  5. 07 Mar, 2016 4 commits
  6. 04 Mar, 2016 2 commits
  7. 03 Mar, 2016 7 commits